lollipop werde ich nicht los, trotz Einsatz aller angeblich so tollen Antiviernprogramme postiver Erkennung unter "Schrauber "

ggoettling · 12.11.2014, 08:06

Haool mein l Foren mitglieder und Ansprauche direkt Schrauber ich sitze hier seit 1 Woche und kämpfe darum lollipop loszuwerden, der mir Werbung und sogar Wortänderung im meiner Internetseite einblendet.
Wer kann mir bitte helfen, ich höre hier immer Schrauber jubeln, der es geschafft hat. ?

vielen Dank im voraus Günther Göttling

schrauber · 12.11.2014, 08:08

hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

ggoettling · 12.11.2014, 10:23

Vielen Dank Schrauber, wie Du siehst habe ich schon viele Dinge probiert, aber so langsam bekomme ich Angst auch nach dem abarbeiten der gut bewerteten Viren- malware Scanner, dass ich ein Fake erwische. Freundliche Grüsse Günther Göttling

Meine Seite NOK21.de lesen 4000 Leute/ Monat, undes wäre fatal, da auch dort Worte in Werbung verwandelt werden, wenn ich lollipop weitetgeben würde.

==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: ASUS Screen Saver Protector => C:\Windows\AsScrPro.exe
MSCONFIG\startupreg: ATKMEDIA => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
MSCONFIG\startupreg: ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
MSCONFIG\startupreg: CLMLServer => "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: HControlUser => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
MSCONFIG\startupreg: UpdateLBPShortCut => "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
MSCONFIG\startupreg: UpdateP2GoShortCut => "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
MSCONFIG\startupreg: Wireless Console 3 => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe

========================= Accounts: ==========================

Administrator (S-1-5-21-733679015-3351541572-3055150241-500 - Administrator - Disabled)
Gast (S-1-5-21-733679015-3351541572-3055150241-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-733679015-3351541572-3055150241-1006 - Limited - Enabled)
schingels (S-1-5-21-733679015-3351541572-3055150241-1001 - Administrator - Enabled) => C:\Users\schingels
UpdatusUser (S-1-5-21-733679015-3351541572-3055150241-1005 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Faulty Device Manager Devices =============

Name: Netzwerkcontroller
Description: Netzwerkcontroller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: USB2.0-CRW
Description: USB2.0-CRW
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: USB2.0 0.3M UVC WebCam
Description: USB-Videogerät
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: usbvideo
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

==================== Event log errors: =========================

Application errors:
==================
Error: (11/12/2014 09:20:37 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm IEXPLORE.EXE, Version 11.0.9600.17344 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 2920

Startzeit: 01cffe50c4f038e3

Endzeit: 36

Anwendungspfad: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Berichts-ID:

Error: (11/12/2014 09:13:36 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm IEXPLORE.EXE, Version 11.0.9600.17344 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 3630

Startzeit: 01cffe5032ba8f84

Endzeit: 0

Anwendungspfad: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Berichts-ID:

Error: (11/12/2014 09:11:01 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm IEXPLORE.EXE, Version 11.0.9600.17344 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 398c

Startzeit: 01cffe4fc44e308a

Endzeit: 29

Anwendungspfad: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Berichts-ID:

Error: (11/12/2014 09:07:56 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm IEXPLORE.EXE, Version 11.0.9600.17344 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 2bd8

Startzeit: 01cffe4ef670f6ae

Endzeit: 25

Anwendungspfad: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Berichts-ID:

Error: (11/11/2014 06:48:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: OnlineShieldClient.exe, Version: 1.4.11.11145, Zeitstempel: 0x544e1faa
Name des fehlerhaften Moduls: OnlineShieldClient.exe, Version: 1.4.11.11145, Zeitstempel: 0x544e1faa
Ausnahmecode: 0x40000015
Fehleroffset: 0x002788e2
ID des fehlerhaften Prozesses: 0x4a9c
Startzeit der fehlerhaften Anwendung: 0xOnlineShieldClient.exe0
Pfad der fehlerhaften Anwendung: OnlineShieldClient.exe1
Pfad des fehlerhaften Moduls: OnlineShieldClient.exe2
Berichtskennung: OnlineShieldClient.exe3

Error: (11/11/2014 06:39:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: OnlineShieldClient.exe, Version: 1.4.11.11145, Zeitstempel: 0x544e1faa
Name des fehlerhaften Moduls: OnlineShieldClient.exe, Version: 1.4.11.11145, Zeitstempel: 0x544e1faa
Ausnahmecode: 0x40000015
Fehleroffset: 0x002788e2
ID des fehlerhaften Prozesses: 0x3350
Startzeit der fehlerhaften Anwendung: 0xOnlineShieldClient.exe0
Pfad der fehlerhaften Anwendung: OnlineShieldClient.exe1
Pfad des fehlerhaften Moduls: OnlineShieldClient.exe2
Berichtskennung: OnlineShieldClient.exe3

Error: (11/11/2014 06:37:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 33.1.0.5423, Zeitstempel: 0x545c0a59
Name des fehlerhaften Moduls: mozalloc.dll, Version: 33.1.0.5423, Zeitstempel: 0x545be5ee
Ausnahmecode: 0x80000003
Fehleroffset: 0x00001425
ID des fehlerhaften Prozesses: 0x2188
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3

Error: (11/11/2014 06:33:36 PM) (Source: MsiInstaller) (EventID: 11721) (User: schingels-PC)
Description: Produkt: Apple Software Update -- Fehler 1721. Es liegt ein dieses Windows Installer-Paket betreffendes Problem vor. Ein für den Abschluss der Installation erforderliches Programm konnte nicht ausgeführt werden. Wenden Sie sich an das Supportpersonal oder den Hersteller des Pakets. Aktion: SoftwareUpdate_UnregServer, Pfad: C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe, Befehl: /UnregServer

Error: (11/11/2014 06:23:38 PM) (Source: MsiInstaller) (EventID: 11316) (User: schingels-PC)
Description: Programm: Kaspersky Internet Security 2013 -- Fehler 1316.Das angegebene Konto ist bereits vorhanden.

Error: (11/11/2014 05:52:48 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm firefox.exe, Version 33.1.0.5423 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 35b0

Startzeit: 01cffd7946dd889a

Endzeit: 80

Anwendungspfad: C:\Program Files (x86)\Mozilla Firefox\firefox.exe

Berichts-ID: 24b0c855-69c3-11e4-9e27-5404a67455a1

System errors:
=============
Error: (11/12/2014 09:50:18 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "DNS-Client" wurde mit folgendem Fehler beendet:
%%2

Error: (11/12/2014 09:50:17 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "DNS-Client" wurde mit folgendem Fehler beendet:
%%2

Error: (11/12/2014 09:50:17 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "DNS-Client" wurde mit folgendem Fehler beendet:
%%2

Error: (11/12/2014 09:50:17 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "DNS-Client" wurde mit folgendem Fehler beendet:
%%2

Error: (11/12/2014 09:50:17 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "DNS-Client" wurde mit folgendem Fehler beendet:
%%2

Error: (11/12/2014 09:50:17 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "DNS-Client" wurde mit folgendem Fehler beendet:
%%2

Error: (11/12/2014 09:50:17 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "DNS-Client" wurde mit folgendem Fehler beendet:
%%2

Error: (11/12/2014 09:50:17 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "DNS-Client" wurde mit folgendem Fehler beendet:
%%2

Error: (11/12/2014 09:50:17 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "DNS-Client" wurde mit folgendem Fehler beendet:
%%2

Error: (11/12/2014 09:50:17 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "DNS-Client" wurde mit folgendem Fehler beendet:
%%2

Microsoft Office Sessions:
=========================
Error: (11/12/2014 09:20:37 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: IEXPLORE.EXE11.0.9600.17344292001cffe50c4f038e336C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Error: (11/12/2014 09:13:36 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: IEXPLORE.EXE11.0.9600.17344363001cffe5032ba8f840C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Error: (11/12/2014 09:11:01 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: IEXPLORE.EXE11.0.9600.17344398c01cffe4fc44e308a29C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Error: (11/12/2014 09:07:56 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: IEXPLORE.EXE11.0.9600.173442bd801cffe4ef670f6ae25C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Error: (11/11/2014 06:48:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: OnlineShieldClient.exe1.4.11.11145544e1faaOnlineShieldClient.exe1.4.11.11145544e1faa40000015002788e24a9c01cffdd7b87e7e67C:\Program Files (x86)\Steganos Online Shield\OnlineShieldClient.exeC:\Program Files (x86)\Steganos Online Shield\OnlineShieldClient.exef7f3271e-69ca-11e4-9e27-5404a67455a1

Error: (11/11/2014 06:39:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: OnlineShieldClient.exe1.4.11.11145544e1faaOnlineShieldClient.exe1.4.11.11145544e1faa40000015002788e2335001cffdd6228c13f4C:\Program Files (x86)\Steganos Online Shield\OnlineShieldClient.exeC:\Program Files (x86)\Steganos Online Shield\OnlineShieldClient.exeb4e412d6-69c9-11e4-9e27-5404a67455a1

Error: (11/11/2014 06:37:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe33.1.0.5423545c0a59mozalloc.dll33.1.0.5423545be5ee8000000300001425218801cffdcff179278fC:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll5ddc6eb7-69c9-11e4-9e27-5404a67455a1

Error: (11/11/2014 06:33:36 PM) (Source: MsiInstaller) (EventID: 11721) (User: schingels-PC)
Description: Produkt: Apple Software Update -- Fehler 1721. Es liegt ein dieses Windows Installer-Paket betreffendes Problem vor. Ein für den Abschluss der Installation erforderliches Programm konnte nicht ausgeführt werden. Wenden Sie sich an das Supportpersonal oder den Hersteller des Pakets. Aktion: SoftwareUpdate_UnregServer, Pfad: C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe, Befehl: /UnregServer (NULL)(NULL)(NULL)(NULL)(NULL)

Error: (11/11/2014 06:23:38 PM) (Source: MsiInstaller) (EventID: 11316) (User: schingels-PC)
Description: Programm: Kaspersky Internet Security 2013 -- Fehler 1316.Das angegebene Konto ist bereits vorhanden.
(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (11/11/2014 05:52:48 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: firefox.exe33.1.0.542335b001cffd7946dd889a80C:\Program Files (x86)\Mozilla Firefox\firefox.exe24b0c855-69c3-11e4-9e27-5404a67455a1

CodeIntegrity Errors:
===================================
Date: 2014-10-27 17:29:41.718
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Alle geladene Programme\Program Files\Program Files\Common Files\McAfee\VSCore\mfeelamk.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2014-10-27 17:29:41.715
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Alle geladene Programme\Program Files\Program Files\Common Files\McAfee\VSCore\mfeelamk.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2014-10-27 17:29:41.712
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Alle geladene Programme\Program Files\Program Files\Common Files\McAfee\VSCore\mfeelamk.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2014-10-27 17:29:41.659
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Alle geladene Programme\Program Files\Program Files\Common Files\McAfee\VSCore\mfeelamk.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2014-10-27 17:20:17.575
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Alle geladene Programme\Program Files\Common Files\Mcafee\VSCore\mfeelamk.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2014-10-27 17:20:17.572
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Alle geladene Programme\Program Files\Common Files\Mcafee\VSCore\mfeelamk.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2014-10-27 17:20:17.569
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Alle geladene Programme\Program Files\Common Files\Mcafee\VSCore\mfeelamk.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2014-10-27 17:20:17.516
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Alle geladene Programme\Program Files\Common Files\Mcafee\VSCore\mfeelamk.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2014-09-05 10:08:11.614
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Alle geladene Programme\Program Files\Program Files\Common Files\McAfee\VSCore\mfeelamk.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2014-09-05 10:08:11.611
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Alle geladene Programme\Program Files\Program Files\Common Files\McAfee\VSCore\mfeelamk.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7-2670QM CPU @ 2.20GHz
Percentage of memory in use: 64%
Total physical RAM: 8100.97 MB
Available physical RAM: 2840.34 MB
Total Pagefile: 16200.13 MB
Available Pagefile: 10138.42 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:300.41 GB) (Free:230.11 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (DATA) (Fixed) (Total:215.5 GB) (Free:168.44 GB) NTFS
Drive j: () (Removable) (Total:14.84 GB) (Free:7.85 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: AE14F3C6)
Partition 1: (Not Active) - (Size=25 GB) - (Type=1C)
Partition 2: (Active) - (Size=300.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=215.5 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=157.7 GB) - (Type=BC)

========================================================
Disk: 1 (Size: 14.8 GB) (Disk ID: 66205247)
No partition Table on disk 1.

==================== End Of Log ===================

ggoettling · 12.11.2014, 10:23

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-11-2014
Ran by schingels (administrator) on SCHINGELS-PC on 12-11-2014 09:47:29
Running from J:\
Loaded Profile: schingels (Available profiles: schingels & UpdatusUser)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe
(Bitdefender) D:\Users\Downloads\Bitdefender\Antivirus Free Edition\gzserv.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
() C:\ProgramData\DatacardService\HWDeviceService64.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
() C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe
(Steganos Software GmbH) C:\Program Files (x86)\Steganos Online Shield\OnlineShieldService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe
() D:\Benutzer\1&1 Surf-Stick\AssistantServices.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
() D:\Users\Ashampoo Internet Accelerator 3\Ashampoo WinOptimizer 11\LiveTunerService.exe
(McAfee, Inc.) C:\Program Files\McAfee\MSC\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Bitdefender) D:\Users\Downloads\Bitdefender\Antivirus Free Edition\gziface.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe
(ASUS) C:\Program Files\P4G\BatteryLife.exe
(WiseCleaner.com) C:\Program Files (x86)\Wise\Wise Care 365\WiseTray.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 7\Monitor.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(ASUS) C:\Windows\AsScrPro.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Ashampoo Development GmbH & Co. KG) D:\Users\Ashampoo Internet Accelerator 3\Ashampoo WinOptimizer 11\LiveTuner2.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(1&1 Internet AG) D:\Users\Downloads\DAVSRV.EXE
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Steganos Software GmbH) C:\Program Files (x86)\Steganos Privacy Suite 15\SteganosBrowserMonitor.exe
(Steganos Software GmbH) C:\Program Files (x86)\Steganos Privacy Suite 15\Suite.exe
(Microsoft Corporation) C:\Users\schingels\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
(Steganos Software GmbH) C:\Program Files (x86)\Steganos Online Shield\OnlineShieldClient.exe
(Steganos Software GmbH) C:\Program Files (x86)\Steganos Online Shield\SteganosBrowserMonitor.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe
(Alf - AG) D:\Users\Hallingstrasse\ALFBanCo5\AlfReminder5.exe
() D:\Benutzer\1&1 Surf-Stick\UIExec.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(Steganos Software GmbH) C:\Program Files (x86)\Steganos Privacy Suite 15\SteganosHotKeyService.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Steganos Software GmbH) C:\Program Files (x86)\Steganos Privacy Suite 15\passwordmanagercom.exe
(Steganos Software GmbH) C:\Program Files (x86)\Steganos Privacy Suite 15\fredirstarter.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Intel® Corporation) C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe
(J3S GmbH) C:\Program Files (x86)\COMPUTERBILD-Abzockschutz\Bin\COMPUTERBILD-Abzockschutz.exe
() C:\WISO\Steuersoftware 2013\mshaktuell.exe
(Joyent, Inc) C:\Program Files (x86)\Steganos Online Shield\polipo\node.exe
(Awesomium Technologies) C:\Program Files (x86)\Steganos Online Shield\awesomium_process.exe
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
(Intel(R) Corporation) C:\Program Files\Intel\TurboBoost\TurboBoost.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\csisyncclient.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_189.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_189.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe
(Malwarebytes Corporation) D:\Users\Downloads\ Malwarebytes Anti-Malware \mbam.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASC.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
() D:\Users\Downloads\adwcleaner_4.101.exe
(Raimersoft) D:\Users\Downloads\TapinRadio\TapinRadio.exe
(Raimersoft) D:\Users\Downloads\TapinRadio\TapinRadio.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe
(IObit) C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
(IObit) C:\Program Files (x86)\IObit\Smart Defrag 3\SmartDefrag.exe
(McAfee, Inc.) C:\Program Files\McAfee\VirusScan\McVsShld.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\Core\mchost.exe
(McAfee, Inc.) C:\Program Files\McAfee\VirusScan\mcods.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2587944 2010-12-31] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2213992 2011-05-12] (Realtek Semiconductor)
HKLM\...\Run: [Ashampoo WinOptimizer Live-Tuner2] => D:\Users\Ashampoo Internet Accelerator 3\Ashampoo WinOptimizer 11\LiveTuner2.exe [3516784 2014-08-05] (Ashampoo Development GmbH & Co. KG)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [2018032 2011-04-13] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [UIExec] => D:\Benutzer\1&1 Surf-Stick\UIExec.exe [139088 2010-09-30] ()
HKLM-x32\...\Run: [mcui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-04-25] (McAfee, Inc.)
HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-04-25] (McAfee, Inc.)
HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [5732992 2010-08-17] (ASUS)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [ASUS Screen Saver Protector] => C:\Windows\AsScrPro.exe [3058304 2014-01-22] (ASUS)
HKLM-x32\...\Run: [Steganos HotKeys] => C:\Program Files (x86)\Steganos Privacy Suite 15\SteganosHotKeyService.exe [100864 2014-08-04] (Steganos Software GmbH)
HKLM-x32\...\Run: [SSS15 Chrome Autofill Relay] => C:\Program Files (x86)\Steganos Privacy Suite 15\passwordmanagercom.exe [480120 2014-08-04] (Steganos Software GmbH)
HKLM-x32\...\Run: [SSS15 File Redirection Starter] => C:\Program Files (x86)\Steganos Privacy Suite 15\fredirstarter.exe [17920 2014-08-04] (Steganos Software GmbH)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4086432 2014-11-10] (AVAST Software)
HKLM-x32\...\Run: [COMPUTERBILD-Abzockschutz] => C:\Program Files (x86)\COMPUTERBILD-Abzockschutz\bin\COMPUTERBILD-Abzockschutz.exe [537664 2014-06-19] (J3S GmbH)
HKLM-x32\...\Run: [IObit Malware Fighter] => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [1802048 2014-10-13] (IObit)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-733679015-3351541572-3055150241-1001\...\Run: [1&1_1&1 Upload-Manager] => D:\Users\Downloads\DAVSRV.EXE [989264 2011-11-21] (1&1 Internet AG)
HKU\S-1-5-21-733679015-3351541572-3055150241-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-09-14] (Apple Inc.)
HKU\S-1-5-21-733679015-3351541572-3055150241-1001\...\Run: [SSS15 Browser Monitor] => C:\Program Files (x86)\Steganos Privacy Suite 15\SteganosBrowserMonitor.exe [73216 2014-08-04] (Steganos Software GmbH)
HKU\S-1-5-21-733679015-3351541572-3055150241-1001\...\Run: [SSS15_Suite] => C:\Program Files (x86)\Steganos Privacy Suite 15\Suite.exe [2709336 2014-08-04] (Steganos Software GmbH)
HKU\S-1-5-21-733679015-3351541572-3055150241-1001\...\Run: [SkyDrive] => C:\Users\schingels\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [277672 2014-10-09] (Microsoft Corporation)
HKU\S-1-5-21-733679015-3351541572-3055150241-1001\...\Run: [SOS_Agent] => C:\Program Files (x86)\Steganos Online Shield\OnlineShieldClient.exe [4532656 2014-10-27] (Steganos Software GmbH)
HKU\S-1-5-21-733679015-3351541572-3055150241-1001\...\Run: [SOS Browser Monitor] => C:\Program Files (x86)\Steganos Online Shield\SteganosBrowserMonitor.exe [74240 2014-10-27] (Steganos Software GmbH)
HKU\S-1-5-21-733679015-3351541572-3055150241-1001\...\Run: [Steganos VPN Local Proxy] => C:\Program Files (x86)\Steganos Online Shield\OnlineShieldClient.exe [4532656 2014-10-27] (Steganos Software GmbH)
HKU\S-1-5-21-733679015-3351541572-3055150241-1001\...\Run: [Steganos VPN Proxy Handler] => C:\Program Files (x86)\Steganos Online Shield\OnlineShieldClient.exe [4532656 2014-10-27] (Steganos Software GmbH)
HKU\S-1-5-21-733679015-3351541572-3055150241-1001\...\Run: [Advanced SystemCare 7] => C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe [2281248 2014-08-22] (IObit)
HKU\S-1-5-21-733679015-3351541572-3055150241-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-733679015-3351541572-3055150241-1001\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-733679015-3351541572-3055150241-1001\...\MountPoints2: {e8ee4c17-46ef-11e4-bbab-001e101f82a7} - F:\AutoRun.exe
HKU\S-1-5-21-733679015-3351541572-3055150241-1001\...\MountPoints2: {e8ee4c2f-46ef-11e4-bbab-001e101f82a7} - F:\AutoRun.exe
HKU\S-1-5-21-733679015-3351541572-3055150241-1001\...\MountPoints2: {e8ee4cab-46ef-11e4-bbab-001e101f82a7} - F:\AutoRun.exe
HKU\S-1-5-21-733679015-3351541572-3055150241-1001\...\MountPoints2: {f205f158-458a-11e4-9adb-5404a67455a1} - F:\AutoRun.exe
HKU\S-1-5-21-733679015-3351541572-3055150241-1001\...\MountPoints2: {f205f176-458a-11e4-9adb-5404a67455a1} - F:\AutoRun.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ALF-BanCo 5 Reminder.lnk
ShortcutTarget: ALF-BanCo 5 Reminder.lnk -> D:\Users\Hallingstrasse\ALFBanCo5\AlfReminder5.exe (Alf - AG)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WISO Mein Steuer-Sparbuch heute.lnk
ShortcutTarget: WISO Mein Steuer-Sparbuch heute.lnk -> C:\Program Files (x86)\WISO\Steuersoftware 2014\mshaktuell.exe ()
Startup: C:\Users\schingels\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Intel(R) Turbo Boost Technology Monitor 2.0.lnk
ShortcutTarget: Intel(R) Turbo Boost Technology Monitor 2.0.lnk -> C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe (Intel® Corporation)
Startup: C:\Users\schingels\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\WISO Mein Steuer-Sparbuch heute.lnk
ShortcutTarget: WISO Mein Steuer-Sparbuch heute.lnk -> C:\WISO\Steuersoftware 2013\mshaktuell.exe ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: localhost:8123
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x55244F9E94E0CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - DefaultScope {8C6C6B5A-5D45-4A7C-8C98-1B520D0A59BD} URL = https://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=242154&p={searchTerms}
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
SearchScopes: HKCU - {8C6C6B5A-5D45-4A7C-8C98-1B520D0A59BD} URL = https://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=242154&p={searchTerms}
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll (IObit)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: CBAbzockschutz.InitToolbarBHO -> {2e250b90-0e7a-42a3-9d65-e39f9f227fa4} -> C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Ads Removal -> {9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F} -> C:\Program Files (x86)\IObit\IObit Malware Fighter\adsremoval\IE\Adblock.dll (Adblock)
BHO-x32: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Advanced SystemCare Browser Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll (IObit)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM - Steganos Password Manager Toolbar - {9C65D12D-CF9D-454D-8049-61965D8C6FFF} - C:\Program Files (x86)\Steganos Privacy Suite 15\SPMIEToolbar64.dll (Steganos Software GmbH)
Toolbar: HKLM-x32 - COMPUTERBILD-Abzockschutz - {353e2a48-6254-4bd3-88f4-3b51a0ca7870} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM-x32 - Steganos Password Manager Toolbar - {9C65D12D-CF9D-454D-8049-61965D8C6FFF} - C:\Program Files (x86)\Steganos Privacy Suite 15\SPMIEToolbar.dll (Steganos Software GmbH)
Toolbar: HKU\S-1-5-21-733679015-3351541572-3055150241-1001 -> Steganos Password Manager Toolbar - {9C65D12D-CF9D-454D-8049-61965D8C6FFF} - C:\Program Files (x86)\Steganos Privacy Suite 15\SPMIEToolbar64.dll (Steganos Software GmbH)
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: HKLM-x32 {1E54D648-B804-468d-BC78-4AFFED8E262F} hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{18635B9F-3EC8-4E9F-ADBE-EE60B251079C}: [NameServer] 193.189.244.225 193.189.244.206
Tcpip\..\Interfaces\{D94CFAFC-2545-4C5E-8871-4214E8A4994F}: [NameServer] 193.189.244.206 193.189.244.225
Tcpip\..\Interfaces\{E071EBF2-D3EB-4FB6-BDD2-6F1420F55AEE}: [NameServer] 193.189.244.225 193.189.244.206

FireFox:
========
FF ProfilePath: C:\Users\schingels\AppData\Roaming\Mozilla\Firefox\Profiles\yum8w33i.default
FF DefaultSearchEngine: Yahoo!
FF SelectedSearchEngine: Yahoo!
FF Homepage: hxxp://www.nok21.de/wp-admin/edit.php
FF Keyword.URL: https://de.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=242154&p=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_189.dll ()
FF Plugin: @java.com/DTPlugin,version=10.5.0 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.5.0 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF user.js: detected! => C:\Users\schingels\AppData\Roaming\Mozilla\Firefox\Profiles\yum8w33i.default\user.js
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\schingels\AppData\Roaming\Mozilla\Firefox\Profiles\yum8w33i.default\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\schingels\AppData\Roaming\Mozilla\Firefox\Profiles\yum8w33i.default\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\schingels\AppData\Roaming\Mozilla\Firefox\Profiles\yum8w33i.default\searchplugins\webde-suche.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\ddg.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\McSiteAdvisor.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Widget context - C:\Users\schingels\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\{140A2D0E-85CC-4ed3-9BA5-8FA35DA7FABA}.xpi [2013-12-15]
FF Extension: Ads Removal - C:\Users\schingels\AppData\Roaming\Mozilla\Firefox\Profiles\yum8w33i.default\Extensions\adremoveext@adremoveext.net [2014-11-12]
FF Extension: Advanced SystemCare Surfing Protection - C:\Users\schingels\AppData\Roaming\Mozilla\Firefox\Profiles\yum8w33i.default\Extensions\iobitascsurfingprotection@iobit.com [2014-11-11]
FF Extension: GMX MailCheck - C:\Users\schingels\AppData\Roaming\Mozilla\Firefox\Profiles\yum8w33i.default\Extensions\toolbar@gmx.net [2014-11-11]
FF Extension: COMPUTERBILD-Abzockschutz - C:\Users\schingels\AppData\Roaming\Mozilla\Firefox\Profiles\yum8w33i.default\Extensions\{d49175b3-3fd8-43b8-b28e-da5d47f3c398} [2014-11-11]
FF Extension: Bluhell Firewall - C:\Users\schingels\AppData\Roaming\Mozilla\Firefox\Profiles\yum8w33i.default\Extensions\{6BB5760D-F97E-421B-AF5B-8457A90C3CED}.xpi [2013-12-31]
FF Extension: Steganos VPN Utility Plugin for Firefox - C:\Users\schingels\AppData\Roaming\Mozilla\Firefox\Profiles\yum8w33i.default\Extensions\{85098EAB-B16C-4339-A7C4-B8F6B0FC3C3D}.xpi [2014-11-02]
FF Extension: Adblock Plus - C:\Users\schingels\AppData\Roaming\Mozilla\Firefox\Profiles\yum8w33i.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-09-11]
FF Extension: COMPUTERBILD-Abzockschutz - C:\Users\schingels\AppData\Roaming\Mozilla\Firefox\Profiles\yum8w33i.default\Extensions\{d49175b3-3fd8-43b8-b28e-da5d47f3c398}.xpi [2013-09-11]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2014-11-10]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2014-11-10]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2014-11-10]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2013-10-14]
FF HKLM-x32\...\Firefox\Extensions: [{00F0643E-B367-4779-B45D-7046EBA37A88}] - C:\Program Files (x86)\Steganos Privacy Suite 15\spmplugin3
FF Extension: Steganos Password Manager - C:\Program Files (x86)\Steganos Privacy Suite 15\spmplugin3 [2014-08-22]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-08-28]
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\anti_banner@kaspersky.com
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\online_banking@kaspersky.com
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2013-10-14]
FF Extension: No Name - wrc@avast.com [Not Found]
FF Extension: No Name - {4ED1F68A-5463-4931-9384-8FFF5ED91D92} [Not Found]

Chrome: 
=======
CHR Profile: C:\Users\schingels\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (No Name) - C:\Users\schingels\AppData\Local\Google\Chrome\User Data\Default\Extensions\pigkdicgnehbfjnaopalgpelkbkcnbfa [2014-01-03]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2014-10-13]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2014-10-13]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-11-10]
CHR HKLM-x32\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\online_banking_chrome.crx [2014-11-10]
CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\ab.crx [2014-11-10]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdvancedSystemCareService7; C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe [893216 2014-08-18] (IObit)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-08-28] (AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2436280 2014-09-25] (Microsoft Corporation)
S2 Dnscache; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S2 Dnscache; C:\Windows\SysWOW64\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
R2 gzserv; D:\Users\Downloads\Bitdefender\Antivirus Free Edition\gzserv.exe [69368 2013-10-23] (Bitdefender)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] ()
R2 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [344896 2014-09-30] (IObit)
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2283296 2014-11-11] (IObit)
S4 McAfee SiteAdvisor Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [178528 2014-04-25] (McAfee, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [603424 2014-09-04] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1041192 2014-08-20] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-06-20] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [189912 2014-06-20] (McAfee, Inc.)
S2 Mobile Partner. RunOuc; D:\Users\Backup Handy\Mobile Partner\UpdateDog\ouc.exe [239968 2014-09-27] ()
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 Online Shield Starter Service; C:\Program Files (x86)\Steganos Online Shield\OnlineShieldService.exe [321488 2014-10-27] (Steganos Software GmbH)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2412344 2014-01-28] (TuneUp Software)
R2 UI Assistant Service; D:\Benutzer\1&1 Surf-Stick\AssistantServices.exe [253264 2010-09-30] ()
S2 WiseBootAssistant; C:\Program Files (x86)\Wise\Wise Care 365\BootTime.exe [580232 2014-07-07] (WiseCleaner.com)
R2 WO_LiveService2; D:\Users\Ashampoo Internet Accelerator 3\Ashampoo WinOptimizer 11\LiveTunerService.exe [223600 2014-08-05] ()

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R0 53413803; C:\Windows\System32\DRIVERS\53413803.sys [460888 2013-10-13] (Kaspersky Lab ZAO)
S1 9152490drv; C:\Windows\System32\DRIVERS\9152490drv.sys [556632 2013-10-13] (Kaspersky Lab)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-08-28] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-08-28] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-08-28] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-08-28] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-08-28] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [426848 2014-11-10] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-08-28] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-08-28] ()
R1 ATKWMIACPIIO_; C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [17536 2011-05-25] (ASUS)
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [718840 2013-04-17] (BitDefender)
U5 avchv; C:\Windows\System32\Drivers\avchv.sys [261056 2012-11-02] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [593144 2013-04-17] (BitDefender)
R1 bdfwfpf; D:\Users\Downloads\Bitdefender\Antivirus Free Edition\bdfwfpf.sys [121928 2013-07-02] (Bitdefender SRL)
S3 BioNTDrv; C:\Program Files\Paragon Software\Backup and Recovery 2014 Free\program\BioNTDrv.SYS [18696 2014-05-19] (Paragon Software Group)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [72128 2014-06-20] (McAfee, Inc.)
S3 esgiguard; No ImagePath
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2014-11-07] ()
R3 FileMonitor; C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [23048 2013-03-23] (IObit)
R1 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [148696 2013-04-22] (BitDefender LLC)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
R2 LiveTuner2PM; D:\Users\Ashampoo Internet Accelerator 3\Ashampoo WinOptimizer 11\LiveTuner64.sys [14320 2014-03-20] ()
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-11-12] (Malwarebytes Corporation)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [181704 2014-06-20] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [313544 2014-06-20] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [523792 2014-06-20] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [786296 2014-06-20] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [445512 2014-08-20] (McAfee, Inc.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [96592 2014-08-20] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [348552 2014-06-20] (McAfee, Inc.)
R1 nvkflt; C:\Windows\System32\DRIVERS\nvkflt.sys [284448 2013-03-15] (NVIDIA Corporation)
R3 RegFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [34848 2013-11-19] (IObit.com)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)
R1 SLEE_18_DRIVER; C:\Windows\Sleen1864.sys [109144 2014-07-29] (Softwareentwicklung Remus - ArchiCrypt - )
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [21184 2014-06-04] (IObit)
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [382536 2013-05-28] (BitDefender S.R.L.)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [11880 2012-11-16] (TuneUp Software)
R1 ui11rdr; C:\Windows\System32\DRIVERS\ui11rdr.sys [199752 2011-11-21] (1&1 Internet AG)
R1 UimBus; C:\Windows\System32\DRIVERS\UimBus.sys [102664 2014-05-19] ()
R1 Uim_DEVIM; C:\Windows\System32\DRIVERS\uim_devim.sys [25992 2014-05-19] ()
R1 Uim_IM; C:\Windows\System32\DRIVERS\uim_im.sys [700296 2014-05-19] ()
R3 UrlFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [23016 2013-11-19] (IObit.com)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2012-12-13] (Apple, Inc.) [File not signed]
S3 athr; system32\DRIVERS\athrx.sys [X]
U3 DfSdkS; No ImagePath
S0 kl1; system32\DRIVERS\kl1.sys [X]
S3 RSUSBVSTOR; System32\Drivers\RtsUVStor.sys [X]
U2 TMAgent; No ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-12 09:27 - 2014-11-12 09:27 - 00003170 _____ () C:\Windows\System32\Tasks\SmartDefrag3_Update
2014-11-12 09:19 - 2014-06-04 15:17 - 00034080 _____ (IObit) C:\Windows\system32\SmartDefragBootTime.exe
2014-11-12 09:18 - 2014-11-12 09:27 - 00001100 _____ () C:\Users\Public\Desktop\Smart Defrag 3.lnk
2014-11-12 09:18 - 2014-11-12 09:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag 3
2014-11-12 09:18 - 2014-06-04 15:17 - 00128288 _____ (IObit) C:\Windows\system32\IObitSmartDefragExtension.dll20141112092717.dll
2014-11-12 09:18 - 2014-06-04 15:17 - 00128288 _____ (IObit) C:\Windows\system32\IObitSmartDefragExtension.dll20141112091857.dll
2014-11-12 09:18 - 2014-06-04 15:17 - 00128288 _____ (IObit) C:\Windows\system32\IObitSmartDefragExtension.dll
2014-11-12 09:18 - 2014-06-04 15:17 - 00021184 _____ (IObit) C:\Windows\system32\Drivers\SmartDefragDriver.sys
2014-11-12 09:16 - 2014-11-12 09:17 - 00002862 _____ () C:\Windows\System32\Tasks\Driver Booster SkipUAC (schingels)
2014-11-12 09:16 - 2014-11-12 09:16 - 00003222 _____ () C:\Windows\System32\Tasks\Driver Booster Scan
2014-11-12 09:16 - 2014-11-12 09:16 - 00003166 _____ () C:\Windows\System32\Tasks\Driver Booster Update
2014-11-12 09:16 - 2014-11-12 09:16 - 00001242 _____ () C:\Users\Public\Desktop\Driver Booster 2.lnk
2014-11-12 09:16 - 2014-11-12 09:16 - 00001175 _____ () C:\Users\Public\Desktop\IObit Malware Fighter.lnk
2014-11-12 09:16 - 2014-11-12 09:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Malware Fighter
2014-11-12 09:16 - 2014-11-12 09:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 2
2014-11-12 07:34 - 2014-11-12 07:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2014-11-11 18:33 - 2014-11-11 18:33 - 00000000 ____D () C:\Windows\System32\Tasks\Apple
2014-11-11 18:23 - 2014-11-11 19:27 - 00000000 ____D () C:\Program Files (x86)\Kaspersky Lab
2014-11-11 18:23 - 2014-11-11 18:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security 2013
2014-11-11 09:22 - 2014-11-11 09:26 - 00003102 _____ () C:\Windows\System32\Tasks\ASC7_PerformanceMonitor
2014-11-11 09:22 - 2014-11-11 09:22 - 00002862 _____ () C:\Windows\System32\Tasks\ASC7_SkipUac_schingels
2014-11-11 09:22 - 2014-11-11 09:22 - 00000000 ____D () C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
2014-11-11 09:21 - 2014-11-12 08:46 - 00002207 _____ () C:\Users\Public\Desktop\Advanced SystemCare 7.lnk
2014-11-11 09:21 - 2014-11-11 09:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 7
2014-11-11 09:20 - 2014-11-12 09:17 - 00000000 ____D () C:\ProgramData\ProductData
2014-11-11 09:20 - 2014-11-12 09:16 - 00000000 ____D () C:\Users\schingels\AppData\Roaming\IObit
2014-11-11 09:20 - 2014-11-12 09:16 - 00000000 ____D () C:\ProgramData\IObit
2014-11-11 09:20 - 2014-11-12 09:16 - 00000000 ____D () C:\Program Files (x86)\IObit
2014-11-11 09:20 - 2014-11-11 09:20 - 00002894 _____ () C:\Windows\System32\Tasks\Uninstaller_SkipUac_schingels
2014-11-11 09:20 - 2014-11-11 09:20 - 00001254 _____ () C:\Users\schingels\AppData\Roaming\Microsoft\Windows\Start Menu\Uninstall Programs.lnk
2014-11-11 09:20 - 2014-11-11 09:20 - 00001230 _____ () C:\Users\Public\Desktop\IObit Uninstaller.lnk
2014-11-11 09:20 - 2014-11-11 09:20 - 00000000 ____D () C:\Users\schingels\AppData\Roaming\ProductData
2014-11-11 09:18 - 2014-11-11 09:18 - 00210757 _____ () C:\ProgramData\1415693093.bdinstall.bin
2014-11-11 09:09 - 2014-11-11 09:09 - 00001221 _____ () C:\Users\Public\Desktop\Bitdefender Antivirus Free Edition.lnk
2014-11-11 09:09 - 2014-11-11 09:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Antivirus Free Edition
2014-11-11 09:09 - 2013-04-17 14:59 - 00718840 _____ (BitDefender) C:\Windows\system32\Drivers\avc3.sys
2014-11-11 09:09 - 2013-04-17 14:59 - 00593144 _____ (BitDefender) C:\Windows\system32\Drivers\avckf.sys
2014-11-11 09:09 - 2012-11-02 14:17 - 00261056 _____ (BitDefender) C:\Windows\system32\Drivers\avchv.sys
2014-11-11 09:06 - 2013-05-28 12:12 - 00382536 _____ (BitDefender S.R.L.) C:\Windows\system32\Drivers\trufos.sys
2014-11-11 09:06 - 2013-04-22 13:21 - 00148696 _____ (BitDefender LLC) C:\Windows\system32\Drivers\gzflt.sys
2014-11-11 09:04 - 2014-11-11 09:07 - 00000000 ____D () C:\Users\schingels\AppData\Roaming\QuickScan
2014-11-10 16:00 - 2014-11-10 16:00 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-11-10 15:44 - 2014-11-10 15:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-11-10 15:00 - 2014-11-10 15:00 - 00000000 ____D () C:\Program Files (x86)\Google
2014-11-10 14:42 - 2014-11-10 14:42 - 00002687 _____ () C:\Users\schingels\Desktop\JRT.txt
2014-11-09 16:47 - 2014-11-11 00:20 - 00000000 ____D () C:\ProgramData\Package Cache
2014-11-09 16:47 - 2014-11-09 16:47 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-11-09 16:45 - 2014-11-09 16:45 - 00000000 ____D () C:\Users\schingels\AppData\Roaming\Avira
2014-11-09 16:25 - 2014-11-11 00:20 - 00000000 ____D () C:\Users\schingels\AppData\Local\Tempf7eddb6ee0afd360be7fc7f5e70ab6ce
2014-11-09 16:25 - 2014-11-11 00:20 - 00000000 ____D () C:\Users\schingels\AppData\Local\Temp991f313088b215d209d2d97e3c209801
2014-11-09 16:25 - 2014-11-11 00:20 - 00000000 ____D () C:\Users\schingels\AppData\Local\Temp1270dc5f1665619a7e9941f8e54ac8ef
2014-11-09 10:07 - 2014-11-09 10:07 - 00051150 _____ () C:\Users\schingels\Desktop\bookmarks-2014-11-09.json
2014-11-07 10:44 - 2014-11-07 10:44 - 00003350 _____ () C:\Windows\System32\Tasks\SpyHunter4Startup
2014-11-07 10:44 - 2014-11-07 10:44 - 00000000 ____D () C:\Users\schingels\AppData\Roaming\Enigma Software Group
2014-11-07 10:44 - 2014-11-07 10:44 - 00000000 ____D () C:\sh4ldr
2014-11-07 09:12 - 2014-11-07 10:44 - 00022704 _____ () C:\Windows\system32\Drivers\EsgScanner.sys
2014-11-07 09:12 - 2014-11-07 10:43 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-11-07 08:38 - 2014-11-12 08:55 - 00317680 _____ () C:\Windows\WindowsUpdate.log
2014-11-07 08:28 - 2014-11-07 08:28 - 00000000 ____D () C:\Users\schingels\AppData\Local\Tempad3126ee63524b68efcd1700a6640da9
2014-11-07 08:28 - 2014-11-07 08:28 - 00000000 ____D () C:\Users\schingels\AppData\Local\Temp68d1ed6af116173792cd0c0fe2aaeb86
2014-11-06 07:53 - 2014-11-12 09:47 - 00000000 ____D () C:\FRST
2014-11-06 07:33 - 2014-11-06 07:33 - 00113608 _____ () C:\Users\schingels\AppData\Local\GDIPFONTCACHEV1.DAT
2014-11-05 10:18 - 2014-11-12 08:20 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-11-05 10:16 - 2014-11-05 10:16 - 00000957 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-11-05 10:16 - 2014-11-05 10:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-11-05 10:16 - 2014-11-05 10:16 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-11-05 10:16 - 2014-10-01 11:11 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-11-05 10:16 - 2014-10-01 11:11 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-11-05 10:16 - 2014-10-01 11:11 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-11-05 09:33 - 2014-11-05 09:33 - 00000000 ____D () C:\Users\schingels\Documents\Steganos Safe
2014-11-04 06:32 - 2014-09-05 03:11 - 06584320 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-11-04 06:32 - 2014-09-05 02:52 - 05703168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-11-02 22:30 - 2014-11-02 22:31 - 00442384 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-02 09:58 - 2014-11-02 09:58 - 00000466 _____ () C:\Users\schingels\Desktop\DATA (D) - Verknüpfung.lnk
2014-11-02 09:37 - 2013-10-02 03:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2014-11-02 09:37 - 2013-10-02 03:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2014-11-02 09:37 - 2013-10-02 03:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2014-11-02 09:37 - 2013-10-02 02:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2014-11-02 09:37 - 2013-10-02 02:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2014-11-02 09:37 - 2013-10-02 02:29 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-11-02 09:37 - 2013-10-02 02:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2014-11-02 09:37 - 2013-10-02 01:15 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2014-11-02 09:37 - 2013-10-02 01:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2014-11-02 09:37 - 2013-10-02 01:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2014-11-02 09:37 - 2013-10-02 01:08 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2014-11-02 09:37 - 2013-10-02 01:01 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2014-11-02 09:37 - 2013-10-02 00:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-11-02 09:37 - 2013-10-02 00:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-11-02 09:37 - 2013-10-02 00:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2014-11-02 09:37 - 2013-10-01 23:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-11-02 07:59 - 2014-11-02 07:59 - 00001171 _____ () C:\Users\Public\Desktop\Steganos Online Shield.lnk
2014-11-02 07:58 - 2014-11-02 07:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steganos Online Shield
2014-10-31 21:24 - 2014-10-31 21:24 - 00000904 _____ () C:\Users\schingels\Desktop\TapinRadio.lnk
2014-10-31 21:24 - 2014-10-31 21:24 - 00000000 ____D () C:\Users\schingels\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TapinRadio
2014-10-21 10:03 - 2014-11-07 07:05 - 00003156 _____ () C:\Windows\System32\Tasks\AdvancedDriverUpdaterRunAtStartup
2014-10-21 09:50 - 2014-10-21 09:50 - 00000987 _____ () C:\Users\Public\Desktop\Ashampoo Internet Accelerator 3.lnk
2014-10-21 08:18 - 2014-10-21 10:01 - 00000454 _____ () C:\Windows\Tasks\One-Click Optimizer WO11.job
2014-10-21 08:18 - 2014-10-21 08:18 - 00003294 _____ () C:\Windows\System32\Tasks\One-Click Optimizer WO11
2014-10-21 08:16 - 2014-10-21 08:16 - 00001226 _____ () C:\Users\Public\Desktop\Ein-Klick-Optimierung (WO11).lnk
2014-10-21 08:16 - 2014-10-21 08:16 - 00000974 _____ () C:\Users\Public\Desktop\Ashampoo WinOptimizer 11.lnk
2014-10-17 08:27 - 2014-11-12 06:59 - 04244656 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-10-16 06:38 - 2014-10-10 03:05 - 00507392 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-10-16 06:38 - 2014-10-10 03:05 - 00276480 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-10-16 06:38 - 2014-10-10 03:00 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-10-16 06:38 - 2014-10-07 03:54 - 00378552 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-10-16 06:38 - 2014-10-07 03:04 - 00331448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-10-16 06:38 - 2014-09-29 01:58 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-10-16 06:38 - 2014-09-25 23:50 - 13619200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-10-16 06:38 - 2014-09-25 23:46 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-10-16 06:38 - 2014-09-25 23:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-10-16 06:38 - 2014-09-25 23:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-10-16 06:38 - 2014-09-25 23:43 - 11807232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-10-16 06:38 - 2014-09-25 23:32 - 02017280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-10-16 06:38 - 2014-09-25 23:31 - 02108416 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-10-16 06:38 - 2014-09-19 03:25 - 23631360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-10-16 06:38 - 2014-09-19 02:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-10-16 06:38 - 2014-09-19 02:55 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-10-16 06:38 - 2014-09-19 02:44 - 17484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-10-16 06:38 - 2014-09-19 02:41 - 02796032 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-10-16 06:38 - 2014-09-19 02:40 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-10-16 06:38 - 2014-09-19 02:40 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-10-16 06:38 - 2014-09-19 02:39 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-10-16 06:38 - 2014-09-19 02:38 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-10-16 06:38 - 2014-09-19 02:36 - 05829632 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-10-16 06:38 - 2014-09-19 02:31 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-10-16 06:38 - 2014-09-19 02:30 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-10-16 06:38 - 2014-09-19 02:27 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-10-16 06:38 - 2014-09-19 02:26 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-10-16 06:38 - 2014-09-19 02:25 - 04201472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-10-16 06:38 - 2014-09-19 02:25 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-10-16 06:38 - 2014-09-19 02:25 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-10-16 06:38 - 2014-09-19 02:18 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-10-16 06:38 - 2014-09-19 02:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-10-16 06:38 - 2014-09-19 02:14 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-10-16 06:38 - 2014-09-19 02:06 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-10-16 06:38 - 2014-09-19 02:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-10-16 06:38 - 2014-09-19 02:01 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-10-16 06:38 - 2014-09-19 02:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-10-16 06:38 - 2014-09-19 02:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-10-16 06:38 - 2014-09-19 02:00 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-10-16 06:38 - 2014-09-19 01:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-10-16 06:38 - 2014-09-19 01:58 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-10-16 06:38 - 2014-09-19 01:55 - 02187264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-10-16 06:38 - 2014-09-19 01:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-10-16 06:38 - 2014-09-19 01:53 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-10-16 06:38 - 2014-09-19 01:51 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-10-16 06:38 - 2014-09-19 01:50 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-10-16 06:38 - 2014-09-19 01:49 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-10-16 06:38 - 2014-09-19 01:42 - 00731136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-10-16 06:38 - 2014-09-19 01:42 - 00710656 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-10-16 06:38 - 2014-09-19 01:40 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-10-16 06:38 - 2014-09-19 01:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-10-16 06:38 - 2014-09-19 01:33 - 02309632 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-10-16 06:38 - 2014-09-19 01:32 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-10-16 06:38 - 2014-09-19 01:20 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-10-16 06:38 - 2014-09-19 01:18 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-10-16 06:38 - 2014-09-19 01:14 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-10-16 06:38 - 2014-09-19 00:59 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-10-16 06:38 - 2014-09-19 00:59 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-10-16 06:38 - 2014-09-19 00:53 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-10-16 06:38 - 2014-09-19 00:52 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-10-16 06:38 - 2014-06-18 23:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-10-16 06:38 - 2014-06-18 23:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2014-10-16 06:38 - 2014-06-18 23:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2014-10-16 06:38 - 2014-06-18 23:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-10-16 06:38 - 2014-06-18 23:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2014-10-16 06:38 - 2014-06-18 23:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-10-16 06:37 - 2014-09-18 03:00 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-10-16 06:37 - 2014-09-18 02:32 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-10-16 06:37 - 2014-09-13 02:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-10-16 06:37 - 2014-09-13 02:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-10-16 06:37 - 2014-09-04 06:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-10-16 06:37 - 2014-09-04 06:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-10-16 06:37 - 2014-08-29 03:07 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-10-16 06:37 - 2014-07-17 03:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-10-16 06:37 - 2014-07-17 03:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-10-16 06:37 - 2014-07-17 03:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2014-10-16 06:37 - 2014-07-17 03:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-10-16 06:37 - 2014-07-17 03:07 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-10-16 06:37 - 2014-07-17 03:07 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-10-16 06:37 - 2014-07-17 02:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2014-10-16 06:37 - 2014-07-17 02:39 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-10-16 06:37 - 2014-07-17 02:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-10-16 06:37 - 2014-07-17 02:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-10-16 06:37 - 2014-07-17 02:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-12 09:32 - 2014-08-28 07:32 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-11-12 08:59 - 2014-01-21 20:01 - 00000000 ____D () C:\AdwCleaner
2014-11-12 08:45 - 2009-07-29 07:03 - 00000000 ____D () C:\Windows\Panther
2014-11-12 07:52 - 2014-08-28 11:17 - 00005166 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for schingels-PC-schingels schingels-PC
2014-11-12 07:43 - 2013-07-19 23:02 - 00000000 ____D () C:\Windows\system32\MRT
2014-11-12 07:36 - 2011-12-16 00:45 - 103374192 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-11-12 07:34 - 2013-10-14 19:24 - 00001806 _____ () C:\Users\Public\Desktop\McAfee Internet Security.lnk
2014-11-12 07:31 - 2014-02-18 15:03 - 00000000 ____D () C:\Users\schingels\Documents\Mein Steuer-Sparbuch Heute
2014-11-12 07:30 - 2013-09-10 18:00 - 00000430 _____ () C:\Windows\Tasks\Wise Care 365.job
2014-11-12 07:30 - 2013-09-10 17:57 - 00000000 ____D () C:\Users\schingels\AppData\Roaming\Wise Care 365
2014-11-12 07:30 - 2013-09-10 17:03 - 00002056 _____ () C:\Users\Public\Desktop\Wise Care 365.lnk
2014-11-12 07:30 - 2011-11-23 15:45 - 00004038 _____ () C:\Windows\system32\AutoRunFilter.ini
2014-11-12 07:30 - 2011-11-23 15:45 - 00002649 _____ () C:\Windows\system32\ServiceFilter.ini
2014-11-12 07:05 - 2009-07-14 05:45 - 00009696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-12 07:05 - 2009-07-14 05:45 - 00009696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-12 06:59 - 2012-04-02 17:26 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-11-12 06:59 - 2011-12-25 20:29 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-11-12 06:58 - 2011-11-23 15:28 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-11-12 06:58 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-11 19:27 - 2014-01-21 17:53 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-11-11 18:48 - 2013-09-10 16:51 - 00000000 ____D () C:\Program Files (x86)\COMPUTERBILD-Abzockschutz
2014-11-11 18:33 - 2013-10-11 18:16 - 00000000 ____D () C:\ProgramData\Apple
2014-11-11 18:33 - 2013-10-11 18:16 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-11-11 18:26 - 2012-02-26 23:04 - 00000000 ____D () C:\Users\schingels\AppData\Roaming\DVDVideoSoft
2014-11-11 18:23 - 2012-09-03 19:25 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-11-11 18:19 - 2011-11-23 15:31 - 00000000 ____D () C:\Program Files (x86)\Realtek
2014-11-11 18:19 - 2011-11-23 15:22 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-11-11 18:18 - 2011-11-23 15:41 - 00000000 ____D () C:\Program Files (x86)\Renesas Electronics
2014-11-11 17:55 - 2011-12-15 19:45 - 00000000 ___HD () C:\ASUS.DAT
2014-11-11 17:55 - 2011-11-23 15:50 - 00000000 ____D () C:\Program Files (x86)\CyberLink
2014-11-11 17:55 - 2011-11-23 15:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS Utility
2014-11-11 17:55 - 2011-04-13 03:47 - 00000000 ____D () C:\Program Files (x86)\ASUS
2014-11-11 17:52 - 2011-11-23 15:50 - 00000000 ____D () C:\ProgramData\CyberLink
2014-11-11 09:30 - 2013-10-21 19:34 - 00000000 ____D () C:\Program Files (x86)\concept design
2014-11-11 09:22 - 2013-10-11 18:18 - 00000000 ____D () C:\Users\schingels\AppData\Roaming\Apple Computer
2014-11-11 00:20 - 2013-10-23 19:04 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2014-11-11 00:20 - 2013-10-14 19:23 - 00000000 ____D () C:\Program Files (x86)\McAfee
2014-11-11 00:20 - 2011-11-23 15:44 - 00000000 ____D () C:\ProgramData\P4G
2014-11-11 00:20 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration
2014-11-10 20:42 - 2013-09-12 07:13 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-11-10 15:44 - 2014-08-28 07:32 - 00426848 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-11-10 15:41 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-11-10 15:36 - 2011-12-15 19:44 - 00000000 ____D () C:\Users\schingels
2014-11-09 18:33 - 2014-06-24 09:31 - 00000000 ____D () C:\Users\schingels\AppData\Local\620966BE-20EC-402D-ADC7-17A075A3742B.aplzod
2014-11-09 16:47 - 2013-10-13 19:33 - 00000000 ____D () C:\ProgramData\Avira
2014-11-07 19:38 - 2013-10-14 19:23 - 00000000 ____D () C:\Program Files\Common Files\McAfee
2014-11-05 11:33 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-11-04 08:08 - 2009-07-14 06:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-11-04 06:31 - 2011-02-19 05:24 - 00730014 _____ () C:\Windows\system32\perfh007.dat
2014-11-04 06:31 - 2011-02-19 05:24 - 00159592 _____ () C:\Windows\system32\perfc007.dat
2014-11-04 06:31 - 2009-07-14 06:13 - 01690812 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-03 10:59 - 2012-05-01 12:44 - 00000000 ____D () C:\Users\schingels\AppData\Local\Windows Live
2014-11-02 10:03 - 2012-10-07 21:13 - 00000000 ____D () C:\Windows\SysWOW64\NV
2014-11-02 10:03 - 2012-10-07 21:13 - 00000000 ____D () C:\Windows\system32\NV
2014-11-02 10:02 - 2009-07-14 04:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-11-02 10:00 - 2014-07-30 13:47 - 00000000 __SHD () C:\Nsi.pending
2014-11-02 07:59 - 2014-09-09 12:27 - 00000000 ____D () C:\Program Files (x86)\Steganos Online Shield
2014-11-01 09:56 - 2009-07-14 06:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-10-31 13:22 - 2014-03-11 17:30 - 00000000 ____D () C:\Users\schingels\AppData\Roaming\ALFBanCo5
2014-10-31 13:22 - 2014-03-11 17:30 - 00000000 ____D () C:\ProgramData\AlfBanCo5
2014-10-31 05:06 - 2014-08-22 05:17 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-10-31 05:06 - 2014-08-22 05:17 - 00000000 ____D () C:\Program Files (x86)\Java
2014-10-27 08:57 - 2014-08-22 14:46 - 00000000 ____D () C:\Users\schingels\AppData\Roaming\Steganos VPN
2014-10-27 07:43 - 2013-04-02 19:22 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-24 08:05 - 2014-01-29 17:09 - 00000000 ____D () C:\Users\schingels\AppData\Local\Microsoft Help
2014-10-24 08:05 - 2013-09-11 08:16 - 00003704 _____ () C:\Windows\System32\Tasks\Java Update Scheduler
2014-10-24 06:40 - 2013-04-02 19:22 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-10-24 06:39 - 2013-11-01 20:51 - 00000000 ____D () C:\ProgramData\Oracle
2014-10-24 06:39 - 2013-11-01 20:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-10-24 05:55 - 2013-09-10 17:48 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-10-22 06:20 - 2013-10-11 18:17 - 00000000 ____D () C:\Users\schingels\AppData\Local\Apple
2014-10-21 09:50 - 2013-09-10 16:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo
2014-10-21 09:50 - 2013-09-10 16:44 - 00000000 ____D () C:\ProgramData\ashampoo
2014-10-21 08:19 - 2013-09-10 16:52 - 00000000 ____D () C:\Users\schingels\AppData\Local\Ashampoo Photo Optimizer 4
2014-10-17 08:23 - 2014-05-01 05:25 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-10-15 15:45 - 2013-10-27 23:28 - 00001332 _____ () C:\Windows\wininit.ini

Files to move or delete:
====================
C:\ProgramData\nud0repor.pad


Some content of TEMP:
====================
C:\Users\schingels\AppData\Local\Temp\adwcleaner_4.002.exe
C:\Users\schingels\AppData\Local\Temp\Quarantine.exe
C:\Users\schingels\AppData\Local\Temp\sdan.exe
C:\Users\schingels\AppData\Local\Temp\sdapk.exe
C:\Users\schingels\AppData\Local\Temp\sdaspwn.exe
C:\Users\schingels\AppData\Local\Temp\SHSetup.exe
C:\Users\schingels\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2013-10-31 00:16

==================== End Of Log =====

--- --- ---

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10-11-2014
Ran by schingels at 2014-11-12 09:48:54
Running from J:\
Boot Mode: Normal
==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AV: Bitdefender Antivirus Free Edition (Enabled - Up to date) {9B5F5313-CAF9-DD97-C460-E778420237B4}
AS: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {16C7C823-5972-5907-58FA-0004E2F9422F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: IObit Malware Fighter (Enabled - Up to date) {A751AC20-3B48-5237-898A-78C4436BB78D}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
AS: Bitdefender Antivirus Free Edition (Enabled - Up to date) {203EB2F7-ECC3-D219-FED0-DC0A39857D09}
FW: McAfee Firewall (Enabled) {959DA8E2-3527-57D1-4915-924367AD4FE9}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

1&1 Surf-Stick (HKLM-x32\...\{A9E5EDA7-2E6C-49E7-924B-A32B89C24A04}) (Version: 1.0.0.2 - )
1&1 Upload-Manager (HKLM-x32\...\1&1 Upload-Manager) (Version: 2.0.676 - 1&1 Internet AG)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - )
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.223 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.189 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Advanced SystemCare 7 (HKLM-x32\...\Advanced SystemCare 7_is1) (Version: 7.4.0 - IObit)
ALF-BanCo 5 (HKLM-x32\...\Alf-BanCo5_is1) (Version: 5.3.5 - ALF AG)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Ashampoo Burning Studio 2012 v10.0.15 (HKLM-x32\...\Ashampoo Burning Studio 2012_is1) (Version: 10.0.15 - Ashampoo GmbH & Co. KG)
Ashampoo Internet Accelerator 3 v.3.30 (HKLM-x32\...\{4209F371-C803-200D-89A4-5479B6569259}_is1) (Version: 3.3.0 - Ashampoo GmbH & Co. KG)
Ashampoo Photo Commander 9 v.9.4.3 (HKLM-x32\...\Ashampoo Photo Commander 9_is1) (Version: 9.4.3 - Ashampoo GmbH & Co. KG)
Ashampoo Photo Optimizer 4 v.4.0.3 (HKLM-x32\...\Ashampoo Photo Optimizer 4_is1) (Version: 4.0.3 - Ashampoo GmbH & Co. KG)
Ashampoo WinOptimizer 11 v.11.00.41 (HKLM-x32\...\{4209F371-8D72-8119-66FA-897D2D41E27F}_is1) (Version: 11.00.41 - Ashampoo GmbH & Co. KG)
Ashampoo WinOptimizer 2014 v.1.0.0 (HKLM-x32\...\{4209F371-99CD-68CB-1C29-9910F8F9BD96}_is1) (Version: 1.0.0 - Ashampoo GmbH & Co. KG)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.0.22 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{33B98264-A889-4913-A0CA-C364A75032B3}) (Version: 1.1.45 - ASUS)
ASUS SmartLogon (HKLM-x32\...\{64452561-169F-4A36-A2FF-B5E118EC65F5}) (Version: 1.0.0011 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.02.0031 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{AECA3622-E634-4A55-A696-70A511CBE06E}) (Version: 2.0.0 - AsusTek Computer Inc.)
ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.21 - asus)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0010 - ASUS)
avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2021 - AVAST Software)
Avira SearchFree Toolbar (HKLM-x32\...\{41564952-412D-5637-00A7-A758B70C0A00}) (Version: 12.10.0.2949 - APN, LLC)
Bitdefender Antivirus Free Edition (HKLM\...\BitDefender Gonzales) (Version: 1.0.21.1099 - Bitdefender)
CCleaner (HKLM\...\CCleaner) (Version: 3.22 - Piriform)
COMPUTERBILD-Abzockschutz (HKLM-x32\...\{2664E454-FECE-42E9-A7EF-6B5EB62AC67B}) (Version: 1.0.58 - J3S)
Control ActiveX de Windows Live Mesh para conexiones remotas (HKLM-x32\...\{04668DF2-D32F-4555-9C7E-35523DCD6544}) (Version: 15.4.5722.2 - Microsoft Corporation)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
Controlo ActiveX do Windows Live Mesh para Ligações Remotas (HKLM-x32\...\{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}) (Version: 15.4.5722.2 - Microsoft Corporation)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Driver Booster 2 (HKLM-x32\...\Driver Booster_is1) (Version: 2.0 - IObit)
ETDWare PS/2-X64 8.0.5.1_WHQL (HKLM\...\Elantech) (Version: 8.0.5.1 - ELAN Microelectronic Corp.)
Fast Boot (HKLM\...\{13F4A7F3-EABC-4261-AF6B-1317777F0755}) (Version: 1.0.9 - ASUS)
FileViewPro (HKLM\...\FileViewPro_is1) (Version: 4.0 - Solvusoft Corporation)
Free PDF to Word Doc Converter v1.1 (HKLM-x32\...\Free PDF to Word Doc Converter_is1) (Version: 1.1 - Free PDF to Word Doc Converter - easy and powerful pdf converter software.)
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Update Helper (x32 Version: 1.3.21.153 - Google Inc.) Hidden
iCloud (HKLM\...\{EAFB2AD8-D92B-464C-8D97-B9CB94703C4A}) (Version: 3.0.2.163 - Apple Inc.)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.2.1004 - Intel Corporation)
Intel(R) Turbo Boost Technology Monitor 2.0 (HKLM\...\{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}) (Version: 2.1.23.0 - Intel)
IObit Malware Fighter (HKLM-x32\...\IObit Malware Fighter_is1) (Version: 2.5 - IObit)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 4.0.4.30 - IObit)
iTunes (HKLM\...\{1CF5754A-545B-4360-BFDE-2847BC728DFC}) (Version: 11.2.0.115 - Apple Inc.)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Java(TM) 7 Update 5 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417005FF}) (Version: 7.0.50 - Oracle)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Malwarebytes Anti-Malware Version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
McAfee Internet Security (HKLM-x32\...\MSC) (Version: 12.8.992 - McAfee, Inc.)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
McAfee SiteAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 3.7.143 - McAfee, Inc.)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 15.0.4659.1001 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-733679015-3351541572-3055150241-1001\...\OneDriveSetup.exe) (Version: 17.3.1229.0918 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mobile Partner (HKLM-x32\...\Mobile Partner) (Version: 21.005.15.02.382 - Huawei Technologies Co.,Ltd)
Mozilla Firefox 33.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 33.1 (x86 de)) (Version: 33.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.0 - Mozilla)
NVIDIA 3D Vision Treiber 314.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 314.22 - NVIDIA Corporation)
NVIDIA Grafiktreiber 314.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 314.22 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.23.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.23.1 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.12.1031 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA Update 1.12.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.12.12 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4659.1001 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4659.1001 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4659.1001 - Microsoft Corporation) Hidden
Paragon Backup and Recovery™ 2014 Free (HKLM\...\{C268B5E1-A5DA-11DF-A289-005056C00008}) (Version: 90.00.0003 - Paragon Software)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.41.216.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6370 - Realtek Semiconductor Corp.)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Ship Simulator Extremes (HKLM-x32\...\ShipSimExtremes) (Version: - )
Smart Defrag 3 (HKLM-x32\...\Smart Defrag 3_is1) (Version: 3.3 - IObit)
Snap.Do (HKLM-x32\...\{254006BC-97DE-4C82-A1A1-A2BAD2520083}) (Version: 10.239.1.14117 - ReSoft Ltd.) <==== ATTENTION
Snap.Do Engine (HKU\S-1-5-21-733679015-3351541572-3055150241-1001\...\{7ff8ba44-2f36-4e97-a0bb-59fc8d4daa2c}) (Version: 10.239.1.14117 - ReSoft Ltd.) <==== ATTENTION
Steganos Online Shield (HKLM-x32\...\{896614ED-00BD-4E0C-99AB-01C76EE416D9}) (Version: 1.4.11 - Steganos Software GmbH)
Steganos Privacy Suite 15 (HKLM-x32\...\{704C8372-B1C3-4A76-AA5C-B91021B1DCFA}) (Version: 15.2.4 - Steganos Software GmbH)
Surfing Protection (HKLM-x32\...\IObit Surfing Protection_is1) (Version: 1.0 - IObit)
syncables desktop SE (HKLM-x32\...\{341697D8-9923-445E-B42A-529E5A99CB7A}) (Version: 5.5.746.11492 - syncables)
System Requirements Lab (HKLM-x32\...\SystemRequirementsLab) (Version: - )
TapinRadio 1.60.1 (HKU\S-1-5-21-733679015-3351541572-3055150241-1001\...\TapinRadio_is1) (Version: - Raimersoft)
TomTom HOME (HKLM-x32\...\{7A2BB1C8-903D-4585-9F3B-CADD67D07D37}) (Version: 2.9.8 - Ihr Firmenname)
TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
TuneUp Utilities 2013 (HKLM-x32\...\TuneUp Utilities 2013) (Version: 13.0.4000.245 - TuneUp Software)
TuneUp Utilities 2013 (x32 Version: 13.0.4000.245 - TuneUp Software) Hidden
TuneUp Utilities Language Pack (de-DE) (x32 Version: 13.0.4000.245 - TuneUp Software) Hidden
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (HKLM-x32\...\{C32CE55C-12BA-4951-8797-0967FDEF556F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinRAR 4.01 (32-Bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
WinRAR 5.11 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)
Wireless Console 3 (HKLM-x32\...\{8150221C-8F7E-4997-AD4E-AFDEE7F4B410}) (Version: 3.0.21 - ASUS)
Wise Care 365 3.21 (HKLM-x32\...\Wise Care 365_is1) (Version: 3.21 - WiseCleaner.com, Inc.)
Wise Care 365 version 2.03 (HKLM-x32\...\{E864A1C8-EEE1-47D0-A7F8-00CC86D26D5E}_is1) (Version: 2.9.3 - WiseCleaner.com, Inc.)
WISO Steuer-Sparbuch 2013 (HKU\S-1-5-21-733679015-3351541572-3055150241-1001\...\{D6CC2FAF-F827-4091-96A1-D32CC9B69C79}) (Version: 20.02.8171 - Buhl Data Service GmbH)
WISO Steuer-Sparbuch 2014 (HKLM-x32\...\{2D3BBBB5-C1F2-44B2-B754-4A47C2F8EF5F}) (Version: 21.00.8480 - Buhl Data Service GmbH)
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
بريد Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
معرض صور Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-733679015-3351541572-3055150241-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\schingels\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-733679015-3351541572-3055150241-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\schingels\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-733679015-3351541572-3055150241-1001_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\schingels\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-733679015-3351541572-3055150241-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\schingels\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-733679015-3351541572-3055150241-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\schingels\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\FileSyncApi64.dll (Microsoft Corporation)

==================== Restore Points =========================

07-11-2014 08:12:12 Installed SpyHunter
07-11-2014 09:43:07 Removed SpyHunter
08-11-2014 18:50:20 已移除適用遠端連線的 Windows Live Mesh ActiveX 控制項
08-11-2014 19:11:29 Removed WinFlash
08-11-2014 19:12:30 Removed QuickTime 7
08-11-2014 19:15:04 Removed Fast Boot
08-11-2014 19:23:23 Removed Fast Boot
08-11-2014 19:27:24 Removed Bonjour
11-11-2014 08:21:35 IObit Uninstaller restore point
11-11-2014 08:26:51 IObit Uninstaller restore point
11-11-2014 08:31:07 Konfiguriert Power2Go
11-11-2014 16:56:12 Removed ASUS Live Update
11-11-2014 17:17:20 Removed Renesas Electronics USB 3.0 Host Controller Driver
11-11-2014 17:19:30 Entfernt Realtek USB 2.0 Reader Driver
12-11-2014 06:33:43 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {021F5962-CFBB-4D7B-866A-6007A3ED7044} - System32\Tasks\ASUS SmartLogon Console Sensor => C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe [2010-11-15] (ASUS)
Task: {06A885F6-E193-4D6D-B444-4CEB56C434FC} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2013\OneClick.exe [2014-01-28] (TuneUp Software)
Task: {1D55F36F-1ABC-45A6-BE11-0DA43363CBD7} - \Feven 1.2-chromeinstaller No Task File <==== ATTENTION
Task: {237B1A2F-C0D2-4EBF-93D6-FAC026DE1728} - System32\Tasks\Wise Turbo Checker => C:\Program Files (x86)\Wise\Wise Care 365\WiseTurbo.exe [2014-07-07] (WiseCleaner.COM)
Task: {24156976-081B-4C1B-B66B-8FA80D38BEC0} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe
Task: {28CBFA2D-3602-448E-92B6-8C212C21C46C} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2014-09-25] (Microsoft Corporation)
Task: {2C815E4E-327C-4F85-A0A7-01C02411528E} - System32\Tasks\SpyHunter4Startup => C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe
Task: {36FAB605-8069-4280-8CFF-77672CBB5522} - System32\Tasks\ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2010-08-17] (ASUS)
Task: {40BF27A8-9327-4AB7-AF0D-5FF03176D93D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2012-08-22] (Piriform Ltd)
Task: {4476F211-03EC-4AC6-B6F5-C1C50323522F} - \Feven 1.2-firefoxinstaller No Task File <==== ATTENTION
Task: {4D35DD80-8C0F-429E-ADDF-04A1D49DD898} - \Feven 1.2-enabler No Task File <==== ATTENTION
Task: {4E18AC64-CCD9-4CE6-B493-90E7DFA57CEB} - \Plus-HD-4.8-chromeinstaller No Task File <==== ATTENTION
Task: {502C0A29-99A7-4AE1-8868-A42D3C395C9C} - System32\Tasks\Driver Booster SkipUAC (schingels) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2014-10-28] (IObit)
Task: {577E01DE-D214-4816-A3B4-098CA767F0F6} - \Plus-HD-4.8-codedownloader No Task File <==== ATTENTION
Task: {5B99DF07-B12A-44D2-B626-6B4F472DC30B} - System32\Tasks\SmartDefrag3_Update => C:\Program Files (x86)\IObit\Smart Defrag 3\AutoUpdate.exe [2014-07-23] (IObit)
Task: {5F607E55-BB1B-4F28-A027-4EC4941782E2} - \Feven 1.2-updater No Task File <==== ATTENTION
Task: {5FEA9A87-FC8A-409B-825B-7DB6F19076C5} - \Plus-HD-4.8-firefoxinstaller No Task File <==== ATTENTION
Task: {6C34EE53-D2CB-447F-A604-0D3CB6BF8066} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-08-28] (AVAST Software)
Task: {73B543E7-7F4A-4EE1-8644-A434A97105D7} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-09-25] (Microsoft Corporation)
Task: {7C328703-C9B0-4FD1-AD91-98EA27AF44E0} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {81FB90A6-BA15-4322-8017-C16384C8A329} - System32\Tasks\Driver Booster Scan => C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe [2014-10-08] (IObit)
Task: {82BA10E0-53E7-4614-91CC-6E57C39D1720} - \Plus-HD-4.8-enabler No Task File <==== ATTENTION
Task: {85C0F9DD-CBE3-4BF1-AA37-5D9DD2CDDB09} - System32\Tasks\One-Click Optimizer WO11 => D:\Users\Ashampoo Internet Accelerator 3\Ashampoo WinOptimizer 11\WO11.exe [2014-08-05] (Ashampoo Development GmbH & Co. KG)
Task: {8E31A3D5-3C1E-45DF-8799-37E2428E78AC} - System32\Tasks\Driver Booster Update => C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe [2014-10-13] (IObit)
Task: {8FA7B28D-F6DA-4778-9308-5B5E35C0B8C0} - \Plus-HD-4.8-updater No Task File <==== ATTENTION
Task: {9096B9AA-D865-4850-9E99-BF4CFC1D4E66} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21] (Adobe Systems Incorporated)
Task: {9258562A-395D-4448-A80C-30B588206B71} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-10-07] (Oracle Corporation)
Task: {94D79261-968E-4D91-90C2-BA2BB058D3CA} - System32\Tasks\Abelssoft\Updater scan => C:\Program Files (x86)\CHIP Updater\CHIPUpdater.exe
Task: {963B6A25-005D-452D-9B23-8EDEF0F920CA} - System32\Tasks\RunAsStdUser Task for VeohWebPlayer => C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\veohwebplayer.exe
Task: {9BE4943D-1225-4F33-86BC-AD4EAC3B1659} - System32\Tasks\{D618E339-78DC-4056-AE3D-3870DD7D936B} => D:\Users\Downloads\DAVSRV.EXE [2011-11-21] (1&1 Internet AG)
Task: {A08D041D-720C-4255-B41E-AEEAE6E38820} - System32\Tasks\Microsoft Office 15 Sync Maintenance for schingels-PC-schingels schingels-PC => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2014-09-16] (Microsoft Corporation)
Task: {A301327C-9C30-4237-A79A-22BC22EA3E8B} - System32\Tasks\Wise Care 365 => C:\Program Files (x86)\Wise\Wise Care 365\WiseTray.exe [2014-07-18] (WiseCleaner.com)
Task: {AAD22420-12C6-4432-A983-88DC865666AB} - System32\Tasks\ASC7_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare 7\Monitor.exe [2014-08-20] (IObit)
Task: {B4639BAA-57B3-489A-8A8D-0045600A6723} - System32\Tasks\{4565DE98-4314-48CE-B670-D1CA4F40EB2F} => D:\Users\Downloads\DAVSRV.EXE [2011-11-21] (1&1 Internet AG)
Task: {BA62A6F4-7E91-49F6-997A-6F856A4D75BC} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-12] (Adobe Systems Incorporated)
Task: {C5ED3241-CC04-4E85-B37D-1B2B693650E5} - System32\Tasks\ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2010-08-02] (ASUS)
Task: {CFEAFC92-97D9-4C33-99B3-C10168CD7245} - System32\Tasks\Uninstaller_SkipUac_schingels => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2014-11-11] (IObit)
Task: {D152B3E6-095E-41D0-A4E5-CC2999012C57} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2013-09-14] (Apple Inc.)
Task: {D1B8D3EE-3FD3-4163-86CA-B3803A600D9C} - System32\Tasks\ASUS P4G => C:\Program Files\P4G\BatteryLife.exe [2011-06-01] (ASUS)
Task: {D406C7FA-24A7-47DC-9F42-A33FAF13EEAC} - System32\Tasks\AdvancedDriverUpdaterRunAtStartup => C:\Program Files (x86)\Advanced Driver Updater\adu.exe
Task: {D80B3393-E69B-4732-B3F3-C3A999B1C4A0} - System32\Tasks\ASC7_SkipUac_schingels => C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASC.exe [2014-08-22] (IObit)
Task: {D9859D8B-B290-4EBC-B37E-FFAFE9FB13BD} - System32\Tasks\One-Click Optimizer => C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 2014\WO2014.exe [2013-12-18] (Ashampoo Development GmbH & Co. KG)
Task: {E48CE7A2-11BF-465B-9EF4-4C3797CAD2AF} - System32\Tasks\{C6602E39-CEE7-453F-8873-21F65A16150A} => Firefox.exe
Task: {E7CCAB70-1251-4BEB-AD08-8ABAD64020A0} - System32\Tasks\{B0E86049-C9E4-4FB7-81CD-7112024A96B8} => C:\Users\schingels\Desktop\Downloads\World-of-Warcraft-Setup-deDE.exe
Task: {F29F0625-D113-43D0-9B06-F514FA400FF3} - \Feven 1.2-codedownloader No Task File <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => ?
Task: C:\Windows\Tasks\One-Click Optimizer WO11.job => ?
Task: C:\Windows\Tasks\One-Click Optimizer.job => ?
Task: C:\Windows\Tasks\Wise Care 365.job => ?
Task: C:\Windows\Tasks\Wise Turbo Checker.job => ?

==================== Loaded Modules (whitelisted) =============

2014-11-11 09:09 - 2013-03-19 12:07 - 00696632 _____ () D:\Users\Downloads\Bitdefender\Antivirus Free Edition\sqlite3.dll
2014-11-11 09:09 - 2013-09-03 14:29 - 00101328 _____ () D:\Users\Downloads\Bitdefender\Antivirus Free Edition\BDMetrics.dll
2012-10-07 21:09 - 2013-03-15 05:16 - 00086304 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-03-21 04:30 - 2014-05-20 08:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2011-03-14 16:27 - 2011-03-14 16:27 - 00346976 _____ () C:\ProgramData\DatacardService\HWDeviceService64.exe
2014-09-27 18:44 - 2014-09-27 18:43 - 00239968 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe
2014-01-28 09:37 - 2014-01-28 09:37 - 00741176 _____ () C:\Program Files (x86)\TuneUp Utilities 2013\avgrepliba.dll
2013-09-17 18:51 - 2010-09-30 13:00 - 00253264 _____ () D:\Benutzer\1&1 Surf-Stick\AssistantServices.exe
2014-10-21 08:15 - 2014-08-05 10:02 - 00223600 _____ () D:\Users\Ashampoo Internet Accelerator 3\Ashampoo WinOptimizer 11\LiveTunerService.exe
2014-07-29 15:25 - 2014-07-29 15:25 - 00220672 _____ () C:\Program Files (x86)\Steganos Privacy Suite 15\ShellExtension.dll
2010-07-15 01:11 - 2010-07-15 01:11 - 00031360 _____ () C:\Program Files\P4G\DevMng.dll
2011-06-20 15:01 - 2011-03-26 08:29 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2013-09-17 18:51 - 2010-09-30 13:00 - 00139088 _____ () D:\Benutzer\1&1 Surf-Stick\UIExec.exe
2010-11-30 00:04 - 2010-11-30 00:04 - 00403968 _____ () C:\Program Files\Intel\TurboBoost\de\SignalIslandUi.resources.dll
2014-02-18 15:00 - 2014-03-13 21:32 - 01398064 _____ () C:\WISO\Steuersoftware 2013\mshaktuell.exe
2014-11-12 08:57 - 2014-11-12 08:57 - 02140160 _____ () D:\Users\Downloads\adwcleaner_4.101.exe
2014-11-11 09:21 - 2013-10-25 12:08 - 00517408 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 7\sqlite3.dll
2014-08-28 07:32 - 2014-08-28 07:32 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll
2014-11-11 09:33 - 2014-11-11 09:33 - 02902016 _____ () C:\Program Files\AVAST Software\Avast\defs\14111100\algo.dll
2014-11-12 08:49 - 2014-11-12 08:49 - 02902016 _____ () C:\Program Files\AVAST Software\Avast\defs\14111104\algo.dll
2014-09-27 18:44 - 2014-09-27 18:43 - 00011362 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\mingwm10.dll
2014-09-27 18:44 - 2014-09-27 18:43 - 00043008 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\libgcc_s_dw2-1.dll
2014-09-27 18:44 - 2014-09-27 18:43 - 02415104 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QtCore4.dll
2014-09-27 18:44 - 2014-09-27 18:43 - 01148416 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QtNetwork4.dll
2014-09-27 18:44 - 2014-09-27 18:43 - 00383488 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QueryStrategy.dll
2014-09-27 18:44 - 2014-09-27 18:43 - 00398336 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QtXml4.dll
2014-10-17 09:21 - 2014-10-17 09:21 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\9b1cac8d98bd69d3e56a26ff2f96f266\IsdiInterop.ni.dll
2011-11-23 15:22 - 2011-01-13 02:56 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2014-11-11 09:21 - 2013-01-15 18:48 - 00348992 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 7\madExcept_.bpl
2014-11-11 09:21 - 2013-01-15 18:48 - 00183616 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 7\madBasic_.bpl
2014-11-11 09:21 - 2013-01-15 18:48 - 00051008 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 7\madDisAsm_.bpl
2014-11-11 09:21 - 2013-01-15 18:47 - 00893248 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 7\webres.dll
2013-09-14 01:51 - 2013-09-14 01:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\zlib1.dll
2013-09-14 01:50 - 2013-09-14 01:50 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\libxml2.dll
2014-10-09 09:52 - 2014-10-09 09:52 - 00081056 _____ () C:\Users\schingels\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\LoggingPlatform.dll
2011-01-31 09:45 - 2011-01-31 09:45 - 00559244 _____ () C:\Program Files (x86)\Steganos Online Shield\sqlite3.dll
2014-10-09 09:52 - 2014-10-09 09:52 - 00081056 _____ () C:\Users\schingels\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\LoggingPlatform.DLL
2014-08-28 07:32 - 2014-08-28 07:32 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-02-18 15:00 - 2014-03-13 21:34 - 08952624 _____ () C:\WISO\Steuersoftware 2013\wgui13.dll
2014-02-18 15:00 - 2014-03-13 21:32 - 00028672 _____ () C:\WISO\Steuersoftware 2013\rsdcom48.dll
2014-02-18 15:00 - 2014-03-13 21:32 - 00309040 _____ () C:\WISO\Steuersoftware 2013\rscorewinapi48.dll
2014-02-18 15:00 - 2014-03-13 21:32 - 00321328 _____ () C:\WISO\Steuersoftware 2013\rsguiwinapi48.dll
2014-02-18 14:59 - 2014-03-13 21:33 - 03506992 _____ () C:\WISO\Steuersoftware 2013\wcore13.dll
2014-02-18 15:00 - 2014-03-13 21:32 - 00136496 _____ () C:\WISO\Steuersoftware 2013\rsodbc48.dll
2014-02-18 14:59 - 2014-03-14 09:55 - 02194736 _____ () C:\WISO\Steuersoftware 2013\wfvie13.dll
2014-02-18 15:00 - 2014-03-13 21:33 - 01611056 _____ () C:\WISO\Steuersoftware 2013\wsteu13.dll
2014-02-18 15:00 - 2014-03-13 21:32 - 01739568 _____ () C:\WISO\Steuersoftware 2013\wreli13.dll
2014-02-18 14:59 - 2014-03-13 21:33 - 04273456 _____ () C:\WISO\Steuersoftware 2013\wauff13.dll
2013-01-17 14:30 - 2014-01-14 10:50 - 01043456 _____ () C:\WISO\Steuersoftware 2013\clucene-core.dll
2013-01-17 14:30 - 2014-01-14 10:50 - 00094720 _____ () C:\WISO\Steuersoftware 2013\clucene-shared.dll
2013-01-17 14:30 - 2014-01-14 10:50 - 00250368 _____ () C:\WISO\Steuersoftware 2013\clucene-contribs-lib.dll
2014-02-18 15:00 - 2014-03-13 21:32 - 01505584 _____ () C:\WISO\Steuersoftware 2013\wmain13.dll
2014-02-18 14:59 - 2014-03-13 21:33 - 04972336 _____ () C:\WISO\Steuersoftware 2013\wbae113.dll
2014-02-18 14:59 - 2014-03-13 21:33 - 01373488 _____ () C:\WISO\Steuersoftware 2013\wbae213.dll
2014-02-18 14:59 - 2014-03-13 21:33 - 01748784 _____ () C:\WISO\Steuersoftware 2013\wbae313.dll
2014-02-18 14:59 - 2014-03-13 21:33 - 01582896 _____ () C:\WISO\Steuersoftware 2013\wbae413.dll
2014-02-18 15:00 - 2014-03-13 21:33 - 01147184 _____ () C:\WISO\Steuersoftware 2013\whau113.dll
2014-02-18 15:00 - 2014-03-13 21:33 - 01230640 _____ () C:\WISO\Steuersoftware 2013\whau213.dll
2014-02-18 15:00 - 2014-03-13 21:33 - 01307952 _____ () C:\WISO\Steuersoftware 2013\wwerb13.dll
2014-02-18 15:00 - 2014-03-13 21:33 - 06789936 _____ () C:\WISO\Steuersoftware 2013\wkont13.dll
2014-02-18 15:00 - 2014-03-13 21:33 - 01253888 _____ () C:\WISO\Steuersoftware 2013\wimp13.dll
2014-02-18 14:59 - 2014-03-13 21:33 - 01317168 _____ () C:\WISO\Steuersoftware 2013\wfabu13.dll
2013-10-25 19:26 - 2013-10-25 19:26 - 01100784 _____ () C:\Program Files (x86)\Steganos Online Shield\avcodec-53.dll
2013-10-25 19:26 - 2013-10-25 19:26 - 00124400 _____ () C:\Program Files (x86)\Steganos Online Shield\avutil-51.dll
2013-10-25 19:26 - 2013-10-25 19:26 - 00191984 _____ () C:\Program Files (x86)\Steganos Online Shield\avformat-53.dll
2014-09-27 08:32 - 2014-09-27 08:32 - 00316576 _____ () C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\AppVIsvStream32.dll
2014-11-10 16:00 - 2014-11-10 16:00 - 03649648 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-10-24 06:40 - 2014-10-24 06:40 - 16832176 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll
2014-11-11 09:21 - 2013-12-02 19:06 - 01281312 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 7\Scan.dll
2014-10-31 21:24 - 2011-07-12 19:32 - 02293248 _____ () D:\Users\Downloads\TapinRadio\QtCore4.dll
2014-10-31 21:24 - 2011-03-30 07:16 - 08173568 _____ () D:\Users\Downloads\TapinRadio\QtGui4.dll
2014-10-31 21:24 - 2011-03-30 06:57 - 00339968 _____ () D:\Users\Downloads\TapinRadio\QtXml4.dll
2014-10-31 21:24 - 2011-03-30 06:59 - 00971776 _____ () D:\Users\Downloads\TapinRadio\QtNetwork4.dll
2014-10-31 21:24 - 2011-03-30 10:40 - 10837504 _____ () D:\Users\Downloads\TapinRadio\QtWebKit4.dll
2014-10-31 21:24 - 2011-03-30 07:31 - 00266752 _____ () D:\Users\Downloads\TapinRadio\phonon4.dll
2014-10-31 21:24 - 2011-03-30 10:48 - 00026624 _____ () D:\Users\Downloads\TapinRadio\imageformats\qgif4.dll
2014-10-31 21:24 - 2011-03-30 10:49 - 00028672 _____ () D:\Users\Downloads\TapinRadio\imageformats\qico4.dll
2014-10-31 21:24 - 2011-03-30 10:48 - 00196608 _____ () D:\Users\Downloads\TapinRadio\imageformats\qjpeg4.dll
2014-10-31 21:24 - 2011-03-30 10:48 - 00220672 _____ () D:\Users\Downloads\TapinRadio\imageformats\qmng4.dll
2014-10-31 21:24 - 2011-03-30 10:49 - 00284672 _____ () D:\Users\Downloads\TapinRadio\imageformats\qtiff4.dll
2014-10-31 21:24 - 2011-03-30 10:50 - 00170496 _____ () D:\Users\Downloads\TapinRadio\accessible\qtaccessiblewidgets4.dll
2014-11-12 09:15 - 2013-01-15 18:48 - 00348992 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\madExcept_.bpl
2014-11-12 09:15 - 2013-01-15 18:48 - 00183616 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\madBasic_.bpl
2014-11-12 09:15 - 2013-01-15 18:48 - 00051008 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\madDisAsm_.bpl
2014-11-12 09:15 - 2013-12-12 18:46 - 08001344 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\WebUI.dll
2014-11-12 09:15 - 2013-05-16 19:26 - 00182080 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\unrar.dll
2014-11-12 09:15 - 2013-10-16 22:17 - 00185168 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\libcurl-4.dll
2014-11-12 09:15 - 2013-05-16 19:26 - 00145216 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\zlibwapi.dll
2014-11-12 09:16 - 2014-10-08 15:51 - 00348992 _____ () C:\Program Files (x86)\IObit\Driver Booster\madExcept_.bpl
2014-11-12 09:16 - 2014-10-08 15:50 - 00183616 _____ () C:\Program Files (x86)\IObit\Driver Booster\madBasic_.bpl
2014-11-12 09:16 - 2014-10-08 15:50 - 00051008 _____ () C:\Program Files (x86)\IObit\Driver Booster\madDisAsm_.bpl
2014-11-12 09:16 - 2014-08-22 15:19 - 00893248 _____ () C:\Program Files (x86)\IObit\Driver Booster\webres.dll
2014-11-12 09:16 - 2014-09-02 20:53 - 00622912 _____ () C:\Program Files (x86)\IObit\Driver Booster\CommStat.dll
2014-11-12 09:16 - 2012-02-16 10:16 - 00516440 _____ () C:\Program Files (x86)\IObit\Driver Booster\sqlite3.dll
2014-11-12 09:18 - 2014-06-04 15:17 - 00892288 _____ () C:\Program Files (x86)\IObit\Smart Defrag 3\webres.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:373E1720

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

schrauber · 12.11.2014, 19:45

Das der Rechner überhaupt noch läuft gibt mich ein Wunder......

Deinstalliere ALLES an Schutzsoftware, ALLES, was irgenwie mit AV oder Schutz zu tun, bevor die Kiste abraucht! EIN AV Programm bleibt drauf, EINS, nicht 5

Lade Dir bitte von hier

Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.

Installiere und starte das Programm. (Bebilderte Anleitung zu Revo Uninstaller)
Klicke auf Optionen und wähle als Sprache Deutsch.
Suche im Uninstallerfeld nach den Programmen:

Snap.Do (HKLM-x32\...\{254006BC-97DE-4C82-A1A1-A2BAD2520083}) (Version: 10.239.1.14117 - ReSoft Ltd.) <==== ATTENTION
Snap.Do Engine (HKU\S-1-5-21-733679015-3351541572-3055150241-1001\...\{7ff8ba44-2f36-4e97-a0bb-59fc8d4daa2c}) (Version: 10.239.1.14117 - ReSoft Ltd.) <==== ATTENTION
Wähle die Programme nacheinander aus und klicke jedes Mal auf Uninstall.
Wähle anschließend den Modus "Moderat" aus.
Reste löschen:
Klicke auf dann auf und dann auf .

JEtzt bitte FRST öffnen, Haken setzen bei Addition und scannen, poste bitte beide Logs in Codetags.

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

ggoettling · 13.11.2014, 14:23

Hallo Schrauber, nach stunden löschen löschen löschen alles weg bis auf 1 und 1, nur Lollypop sit noch da, nervt, aber er muss weg.hier die beiden .txt
t) (x64) Version: 10-11-2014 FRST.txt und Addition.txt

Snapdo Snapdo engine ist weg .
Ran by schingels (administrator) on SCHINGELS-PC on 13-11-2014 13:35:00
Running from D:\Users\Downloads
Loaded Profile: schingels (Available profiles: schingels & UpdatusUser)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
() C:\ProgramData\DatacardService\HWDeviceService64.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
() C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe
() D:\Benutzer\1&1 Surf-Stick\AssistantServices.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
() D:\Users\Ashampoo Internet Accelerator 3\Ashampoo WinOptimizer 11\LiveTunerService.exe
(McAfee, Inc.) C:\Program Files\McAfee\MSC\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe
(WiseCleaner.com) C:\Program Files (x86)\Wise\Wise Care 365\WiseTray.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Ashampoo Development GmbH & Co. KG) D:\Users\Ashampoo Internet Accelerator 3\Ashampoo WinOptimizer 11\LiveTuner2.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(1&1 Internet AG) D:\Users\Downloads\DAVSRV.EXE
(Microsoft Corporation) C:\Users\schingels\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Alf - AG) D:\Users\Hallingstrasse\ALFBanCo5\AlfReminder5.exe
() D:\Benutzer\1&1 Surf-Stick\UIExec.exe
(ASUS) C:\Windows\AsScrPro.exe
(J3S GmbH) C:\Program Files (x86)\COMPUTERBILD-Abzockschutz\Bin\COMPUTERBILD-Abzockschutz.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Intel® Corporation) C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
() C:\WISO\Steuersoftware 2013\mshaktuell.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\csisyncclient.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe
(Intel(R) Corporation) C:\Program Files\Intel\TurboBoost\TurboBoost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2587944 2010-12-31] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2213992 2011-05-12] (Realtek Semiconductor)
HKLM\...\Run: [Ashampoo WinOptimizer Live-Tuner2] => D:\Users\Ashampoo Internet Accelerator 3\Ashampoo WinOptimizer 11\LiveTuner2.exe [3516784 2014-08-05] (Ashampoo Development GmbH & Co. KG)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [2018032 2011-04-13] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [UIExec] => D:\Benutzer\1&1 Surf-Stick\UIExec.exe [139088 2010-09-30] ()
HKLM-x32\...\Run: [mcui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-04-25] (McAfee, Inc.)
HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-04-25] (McAfee, Inc.)
HKLM-x32\...\Run: [ASUS Screen Saver Protector] => C:\Windows\AsScrPro.exe [3058304 2014-01-22] (ASUS)
HKLM-x32\...\Run: [COMPUTERBILD-Abzockschutz] => C:\Program Files (x86)\COMPUTERBILD-Abzockschutz\bin\COMPUTERBILD-Abzockschutz.exe [537664 2014-06-19] (J3S GmbH)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-733679015-3351541572-3055150241-1001\...\Run: [1&1_1&1 Upload-Manager] => D:\Users\Downloads\DAVSRV.EXE [989264 2011-11-21] (1&1 Internet AG)
HKU\S-1-5-21-733679015-3351541572-3055150241-1001\...\Run: [SkyDrive] => C:\Users\schingels\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [277672 2014-10-09] (Microsoft Corporation)
HKU\S-1-5-21-733679015-3351541572-3055150241-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-733679015-3351541572-3055150241-1001\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-733679015-3351541572-3055150241-1001\...\MountPoints2: {e8ee4c17-46ef-11e4-bbab-001e101f82a7} - F:\AutoRun.exe
HKU\S-1-5-21-733679015-3351541572-3055150241-1001\...\MountPoints2: {e8ee4c2f-46ef-11e4-bbab-001e101f82a7} - F:\AutoRun.exe
HKU\S-1-5-21-733679015-3351541572-3055150241-1001\...\MountPoints2: {e8ee4cab-46ef-11e4-bbab-001e101f82a7} - F:\AutoRun.exe
HKU\S-1-5-21-733679015-3351541572-3055150241-1001\...\MountPoints2: {f205f158-458a-11e4-9adb-5404a67455a1} - F:\AutoRun.exe
HKU\S-1-5-21-733679015-3351541572-3055150241-1001\...\MountPoints2: {f205f176-458a-11e4-9adb-5404a67455a1} - F:\AutoRun.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ALF-BanCo 5 Reminder.lnk
ShortcutTarget: ALF-BanCo 5 Reminder.lnk -> D:\Users\Hallingstrasse\ALFBanCo5\AlfReminder5.exe (Alf - AG)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WISO Mein Steuer-Sparbuch heute.lnk
ShortcutTarget: WISO Mein Steuer-Sparbuch heute.lnk -> C:\Program Files (x86)\WISO\Steuersoftware 2014\mshaktuell.exe ()
Startup: C:\Users\schingels\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Intel(R) Turbo Boost Technology Monitor 2.0.lnk
ShortcutTarget: Intel(R) Turbo Boost Technology Monitor 2.0.lnk -> C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe (Intel® Corporation)
Startup: C:\Users\schingels\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\WISO Mein Steuer-Sparbuch heute.lnk
ShortcutTarget: WISO Mein Steuer-Sparbuch heute.lnk -> C:\WISO\Steuersoftware 2013\mshaktuell.exe ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x55244F9E94E0CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - DefaultScope {8C6C6B5A-5D45-4A7C-8C98-1B520D0A59BD} URL = https://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=242154&p={searchTerms}
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKCU - {8C6C6B5A-5D45-4A7C-8C98-1B520D0A59BD} URL = https://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=242154&p={searchTerms}
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll (IObit)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: CBAbzockschutz.InitToolbarBHO -> {2e250b90-0e7a-42a3-9d65-e39f9f227fa4} -> C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM - Steganos Password Manager Toolbar - {9C65D12D-CF9D-454D-8049-61965D8C6FFF} - No File
Toolbar: HKLM-x32 - COMPUTERBILD-Abzockschutz - {353e2a48-6254-4bd3-88f4-3b51a0ca7870} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKU\S-1-5-21-733679015-3351541572-3055150241-1001 -> Steganos Password Manager Toolbar - {9C65D12D-CF9D-454D-8049-61965D8C6FFF} - No File
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: HKLM-x32 {1E54D648-B804-468d-BC78-4AFFED8E262F} hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{18635B9F-3EC8-4E9F-ADBE-EE60B251079C}: [NameServer] 193.189.244.225 193.189.244.206
Tcpip\..\Interfaces\{D94CFAFC-2545-4C5E-8871-4214E8A4994F}: [NameServer] 193.189.244.206 193.189.244.225
Tcpip\..\Interfaces\{E071EBF2-D3EB-4FB6-BDD2-6F1420F55AEE}: [NameServer] 193.189.244.225 193.189.244.206

FireFox:
========
FF ProfilePath: C:\Users\schingels\AppData\Roaming\Mozilla\Firefox\Profiles\yum8w33i.default
FF DefaultSearchEngine: Yahoo!
FF SelectedSearchEngine: Yahoo!
FF Homepage: hxxp://www.nok21.de/wp-admin/edit.php
FF Keyword.URL: https://de.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=242154&p=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_223.dll ()
FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_223.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF user.js: detected! => C:\Users\schingels\AppData\Roaming\Mozilla\Firefox\Profiles\yum8w33i.default\user.js
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\schingels\AppData\Roaming\Mozilla\Firefox\Profiles\yum8w33i.default\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\schingels\AppData\Roaming\Mozilla\Firefox\Profiles\yum8w33i.default\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\schingels\AppData\Roaming\Mozilla\Firefox\Profiles\yum8w33i.default\searchplugins\webde-suche.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\ddg.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\McSiteAdvisor.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Widget context - C:\Users\schingels\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\{140A2D0E-85CC-4ed3-9BA5-8FA35DA7FABA}.xpi [2013-12-15]
FF Extension: Advanced SystemCare Surfing Protection - C:\Users\schingels\AppData\Roaming\Mozilla\Firefox\Profiles\yum8w33i.default\Extensions\iobitascsurfingprotection@iobit.com [2014-11-13]
FF Extension: GMX MailCheck - C:\Users\schingels\AppData\Roaming\Mozilla\Firefox\Profiles\yum8w33i.default\Extensions\toolbar@gmx.net [2014-11-11]
FF Extension: Bluhell Firewall - C:\Users\schingels\AppData\Roaming\Mozilla\Firefox\Profiles\yum8w33i.default\Extensions\{6BB5760D-F97E-421B-AF5B-8457A90C3CED}.xpi [2013-12-31]
FF Extension: Steganos VPN Utility Plugin for Firefox - C:\Users\schingels\AppData\Roaming\Mozilla\Firefox\Profiles\yum8w33i.default\Extensions\{85098EAB-B16C-4339-A7C4-B8F6B0FC3C3D}.xpi [2014-11-02]
FF Extension: Adblock Plus - C:\Users\schingels\AppData\Roaming\Mozilla\Firefox\Profiles\yum8w33i.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-09-11]
FF Extension: COMPUTERBILD-Abzockschutz - C:\Users\schingels\AppData\Roaming\Mozilla\Firefox\Profiles\yum8w33i.default\Extensions\{d49175b3-3fd8-43b8-b28e-da5d47f3c398}.xpi [2013-09-11]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2014-11-10]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2014-11-10]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2014-11-10]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2013-10-14]
FF HKLM-x32\...\Firefox\Extensions: [{00F0643E-B367-4779-B45D-7046EBA37A88}] - C:\Program Files (x86)\Steganos Privacy Suite 15\spmplugin3
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\anti_banner@kaspersky.com
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\online_banking@kaspersky.com
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2013-10-14]
FF Extension: No Name - {4ED1F68A-5463-4931-9384-8FFF5ED91D92} [Not Found]

Chrome:
=======
CHR Profile: C:\Users\schingels\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (No Name) - C:\Users\schingels\AppData\Local\Google\Chrome\User Data\Default\Extensions\pigkdicgnehbfjnaopalgpelkbkcnbfa [2014-01-03]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2014-10-13]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2014-10-13]
CHR HKLM-x32\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\online_banking_chrome.crx [2014-10-13]
CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\ab.crx [2014-10-13]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2436280 2014-09-25] (Microsoft Corporation)
S2 Dnscache; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S2 Dnscache; C:\Windows\SysWOW64\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] ()
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2283296 2014-11-11] (IObit)
S4 McAfee SiteAdvisor Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [178528 2014-04-25] (McAfee, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [603424 2014-09-04] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1041192 2014-08-20] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-06-20] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [189912 2014-06-20] (McAfee, Inc.)
S2 Mobile Partner. RunOuc; D:\Users\Backup Handy\Mobile Partner\UpdateDog\ouc.exe [239968 2014-09-27] ()
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2412344 2014-01-28] (TuneUp Software)
R2 UI Assistant Service; D:\Benutzer\1&1 Surf-Stick\AssistantServices.exe [253264 2010-09-30] ()
S2 WiseBootAssistant; C:\Program Files (x86)\Wise\Wise Care 365\BootTime.exe [580232 2014-07-07] (WiseCleaner.com)
R2 WO_LiveService2; D:\Users\Ashampoo Internet Accelerator 3\Ashampoo WinOptimizer 11\LiveTunerService.exe [223600 2014-08-05] ()

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R0 53413803; C:\Windows\System32\DRIVERS\53413803.sys [460888 2013-10-13] (Kaspersky Lab ZAO)
S1 9152490drv; C:\Windows\System32\DRIVERS\9152490drv.sys [556632 2013-10-13] (Kaspersky Lab)
S3 BioNTDrv; C:\Program Files\Paragon Software\Backup and Recovery 2014 Free\program\BioNTDrv.SYS [18696 2014-05-19] (Paragon Software Group)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [72128 2014-06-20] (McAfee, Inc.)
S3 esgiguard; No ImagePath
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2014-11-07] ()
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
R2 LiveTuner2PM; D:\Users\Ashampoo Internet Accelerator 3\Ashampoo WinOptimizer 11\LiveTuner64.sys [14320 2014-03-20] ()
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [181704 2014-06-20] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [313544 2014-06-20] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [523792 2014-06-20] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [786296 2014-06-20] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [445512 2014-08-20] (McAfee, Inc.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [96592 2014-08-20] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [348552 2014-06-20] (McAfee, Inc.)
R1 nvkflt; C:\Windows\System32\DRIVERS\nvkflt.sys [284448 2013-03-15] (NVIDIA Corporation)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R1 SLEE_18_DRIVER; C:\Windows\Sleen1864.sys [109144 2014-07-29] (Softwareentwicklung Remus - ArchiCrypt - )
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [11880 2012-11-16] (TuneUp Software)
R1 ui11rdr; C:\Windows\System32\DRIVERS\ui11rdr.sys [199752 2011-11-21] (1&1 Internet AG)
R1 UimBus; C:\Windows\System32\DRIVERS\UimBus.sys [102664 2014-05-19] ()
R1 Uim_DEVIM; C:\Windows\System32\DRIVERS\uim_devim.sys [25992 2014-05-19] ()
R1 Uim_IM; C:\Windows\System32\DRIVERS\uim_im.sys [700296 2014-05-19] ()
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2012-12-13] (Apple, Inc.) [File not signed]
S3 athr; system32\DRIVERS\athrx.sys [X]
U3 DfSdkS; No ImagePath
S0 kl1; system32\DRIVERS\kl1.sys [X]
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
S3 RSUSBVSTOR; System32\Drivers\RtsUVStor.sys [X]
U2 TMAgent; No ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-13 13:18 - 2014-11-13 13:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2014-11-13 13:14 - 2014-11-13 13:14 - 00113432 _____ () C:\Users\schingels\AppData\Local\GDIPFONTCACHEV1.DAT
2014-11-13 13:12 - 2014-11-13 13:12 - 00442360 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-13 13:12 - 2014-11-13 13:12 - 00001478 _____ () C:\Windows\PFRO.log
2014-11-13 13:12 - 2014-11-13 13:12 - 00000056 _____ () C:\Windows\setupact.log
2014-11-13 13:12 - 2014-11-13 13:12 - 00000000 _____ () C:\Windows\setuperr.log
2014-11-13 11:00 - 2014-11-13 11:00 - 00000000 ____D () C:\Windows\System32\Tasks\Apple
2014-11-13 10:19 - 2014-11-13 10:19 - 00000000 __SHD () C:\Users\schingels\AppData\Local\EmieBrowserModeList
2014-11-13 08:55 - 2014-11-13 08:55 - 00098686 _____ () C:\ProgramData\1415864349.bdinstall.bin
2014-11-13 08:39 - 2014-11-13 08:39 - 00037852 _____ () C:\ProgramData\1415864347.bdinstall.bin
2014-11-13 00:54 - 2014-11-13 00:54 - 00000000 ____D () C:\ProgramData\bdch
2014-11-12 21:02 - 2014-11-12 21:02 - 00000000 ____D () C:\Windows\Tasks\ImCleanDisabled
2014-11-12 19:43 - 2014-11-12 19:43 - 00003286 _____ () C:\Windows\System32\Tasks\RunAsStdUser Task
2014-11-12 18:45 - 2014-11-13 09:40 - 00000000 ____D () C:\Users\schingels\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Moo0
2014-11-12 18:45 - 2014-11-13 09:40 - 00000000 ____D () C:\Program Files (x86)\Moo0
2014-11-12 18:09 - 2014-11-12 18:09 - 00319912 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-11-12 18:09 - 2014-11-12 18:09 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-11-12 18:09 - 2014-11-12 18:09 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-11-12 18:09 - 2014-11-12 18:09 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-11-12 18:09 - 2014-11-12 18:09 - 00000000 ____D () C:\Program Files\Java
2014-11-12 09:19 - 2014-06-04 15:17 - 00034080 _____ (IObit) C:\Windows\system32\SmartDefragBootTime.exe
2014-11-12 09:18 - 2014-06-04 15:17 - 00128288 _____ (IObit) C:\Windows\system32\IObitSmartDefragExtension.dll
2014-11-12 09:16 - 2014-11-12 15:09 - 00002862 _____ () C:\Windows\System32\Tasks\Driver Booster SkipUAC (schingels)
2014-11-12 07:18 - 2014-11-07 20:49 - 00388272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-11-12 07:18 - 2014-11-07 20:23 - 00341168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-11-12 07:18 - 2014-11-06 05:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-11-12 07:18 - 2014-11-06 05:03 - 25110016 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-11-12 07:18 - 2014-11-06 05:03 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-11-12 07:18 - 2014-11-06 04:47 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-11-12 07:18 - 2014-11-06 04:46 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-11-12 07:18 - 2014-11-06 04:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-11-12 07:18 - 2014-11-06 04:44 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-11-12 07:18 - 2014-11-06 04:43 - 02884096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-11-12 07:18 - 2014-11-06 04:36 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-11-12 07:18 - 2014-11-06 04:35 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-11-12 07:18 - 2014-11-06 04:31 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-11-12 07:18 - 2014-11-06 04:30 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-11-12 07:18 - 2014-11-06 04:30 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-11-12 07:18 - 2014-11-06 04:29 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-11-12 07:18 - 2014-11-06 04:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-11-12 07:18 - 2014-11-06 04:23 - 06040064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-11-12 07:18 - 2014-11-06 04:20 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-11-12 07:18 - 2014-11-06 04:16 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-11-12 07:18 - 2014-11-06 04:13 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-11-12 07:18 - 2014-11-06 04:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-11-12 07:18 - 2014-11-06 04:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-11-12 07:18 - 2014-11-06 04:10 - 19781632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-11-12 07:18 - 2014-11-06 04:10 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-11-12 07:18 - 2014-11-06 04:07 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-11-12 07:18 - 2014-11-06 04:05 - 02277376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-11-12 07:18 - 2014-11-06 04:04 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-11-12 07:18 - 2014-11-06 04:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-11-12 07:18 - 2014-11-06 04:02 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-11-12 07:18 - 2014-11-06 04:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-11-12 07:18 - 2014-11-06 04:00 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-11-12 07:18 - 2014-11-06 03:59 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-11-12 07:18 - 2014-11-06 03:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-11-12 07:18 - 2014-11-06 03:57 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-11-12 07:18 - 2014-11-06 03:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-11-12 07:18 - 2014-11-06 03:42 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-11-12 07:18 - 2014-11-06 03:41 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-11-12 07:18 - 2014-11-06 03:41 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-11-12 07:18 - 2014-11-06 03:39 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-11-12 07:18 - 2014-11-06 03:38 - 02124288 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-11-12 07:18 - 2014-11-06 03:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-11-12 07:18 - 2014-11-06 03:36 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-11-12 07:18 - 2014-11-06 03:34 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-11-12 07:18 - 2014-11-06 03:30 - 14390272 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-11-12 07:18 - 2014-11-06 03:22 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-11-12 07:18 - 2014-11-06 03:21 - 04298240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-11-12 07:18 - 2014-11-06 03:21 - 02051072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-11-12 07:18 - 2014-11-06 03:20 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-11-12 07:18 - 2014-11-06 03:17 - 02365440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-11-12 07:18 - 2014-11-06 03:04 - 01550336 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-11-12 07:18 - 2014-11-06 03:03 - 12819456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-11-12 07:18 - 2014-11-06 02:53 - 00799232 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-11-12 07:18 - 2014-11-06 02:52 - 01892864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-11-12 07:18 - 2014-11-06 02:48 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-11-12 07:18 - 2014-11-06 02:47 - 00708096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-11-12 07:18 - 2014-11-05 18:56 - 00304640 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-11-12 07:18 - 2014-11-05 18:56 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-11-12 07:18 - 2014-11-05 18:52 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-11-12 07:18 - 2014-10-14 03:16 - 00155064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-11-12 07:18 - 2014-10-14 03:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-11-12 07:18 - 2014-10-14 03:12 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-11-12 07:18 - 2014-10-14 03:09 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2014-11-12 07:18 - 2014-10-14 03:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-11-12 07:18 - 2014-10-14 02:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-11-12 07:18 - 2014-10-14 02:49 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-11-12 07:18 - 2014-10-14 02:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2014-11-12 07:18 - 2014-10-14 02:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2014-11-12 07:17 - 2014-10-25 02:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-11-12 07:17 - 2014-10-25 02:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-11-12 07:17 - 2014-10-14 03:13 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-11-12 07:17 - 2014-10-14 02:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-11-12 07:17 - 2014-10-10 01:57 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-11-12 07:17 - 2014-10-03 03:12 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-11-12 07:17 - 2014-10-03 03:11 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-11-12 07:17 - 2014-10-03 03:11 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-11-12 07:17 - 2014-10-03 03:11 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-11-12 07:17 - 2014-10-03 03:11 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-11-12 07:17 - 2014-10-03 02:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-11-12 07:17 - 2014-10-03 02:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-11-12 07:17 - 2014-10-03 02:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-11-12 07:17 - 2014-09-19 10:42 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-12 07:17 - 2014-09-19 10:42 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-11-12 07:17 - 2014-09-19 10:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-11-12 07:17 - 2014-09-19 10:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-11-12 07:17 - 2014-09-19 10:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-11-12 07:17 - 2014-09-19 10:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-11-12 07:17 - 2014-09-19 10:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-11-12 07:17 - 2014-09-19 10:23 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-11-12 07:17 - 2014-09-19 10:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-11-12 07:17 - 2014-09-19 10:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-11-12 07:17 - 2014-09-19 10:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-11-12 07:17 - 2014-09-19 10:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-11-12 07:17 - 2014-09-19 10:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-11-12 07:17 - 2014-09-19 10:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-11-12 07:17 - 2014-08-21 07:43 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-11-12 07:17 - 2014-08-21 07:40 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-11-12 07:17 - 2014-08-21 07:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-11-12 07:17 - 2014-08-21 07:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-11-12 07:17 - 2014-08-12 03:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2014-11-12 07:17 - 2014-08-12 02:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2014-11-12 07:16 - 2014-10-18 03:05 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-11-12 07:16 - 2014-10-18 02:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-11-11 18:23 - 2014-11-11 19:27 - 00000000 ____D () C:\Program Files (x86)\Kaspersky Lab
2014-11-11 18:23 - 2014-11-11 18:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security 2013
2014-11-11 09:20 - 2014-11-13 13:13 - 00000000 ____D () C:\ProgramData\ProductData
2014-11-11 09:20 - 2014-11-13 13:12 - 00000000 ____D () C:\Program Files (x86)\IObit
2014-11-11 09:20 - 2014-11-12 09:16 - 00000000 ____D () C:\Users\schingels\AppData\Roaming\IObit
2014-11-11 09:20 - 2014-11-12 09:16 - 00000000 ____D () C:\ProgramData\IObit
2014-11-11 09:20 - 2014-11-11 09:20 - 00002894 _____ () C:\Windows\System32\Tasks\Uninstaller_SkipUac_schingels
2014-11-11 09:20 - 2014-11-11 09:20 - 00001254 _____ () C:\Users\schingels\AppData\Roaming\Microsoft\Windows\Start Menu\Uninstall Programs.lnk
2014-11-11 09:20 - 2014-11-11 09:20 - 00001230 _____ () C:\Users\Public\Desktop\IObit Uninstaller.lnk
2014-11-11 09:20 - 2014-11-11 09:20 - 00000000 ____D () C:\Users\schingels\AppData\Roaming\ProductData
2014-11-11 09:18 - 2014-11-11 09:18 - 00210757 _____ () C:\ProgramData\1415693093.bdinstall.bin
2014-11-11 09:04 - 2014-11-11 09:07 - 00000000 ____D () C:\Users\schingels\AppData\Roaming\QuickScan
2014-11-10 16:00 - 2014-11-10 16:00 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-11-10 15:00 - 2014-11-10 15:00 - 00000000 ____D () C:\Program Files (x86)\Google
2014-11-10 14:42 - 2014-11-10 14:42 - 00002687 _____ () C:\Users\schingels\Desktop\JRT.txt
2014-11-09 16:47 - 2014-11-11 00:20 - 00000000 ____D () C:\ProgramData\Package Cache
2014-11-09 16:47 - 2014-11-09 16:47 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-11-09 16:45 - 2014-11-09 16:45 - 00000000 ____D () C:\Users\schingels\AppData\Roaming\Avira
2014-11-09 16:25 - 2014-11-11 00:20 - 00000000 ____D () C:\Users\schingels\AppData\Local\Tempf7eddb6ee0afd360be7fc7f5e70ab6ce
2014-11-09 16:25 - 2014-11-11 00:20 - 00000000 ____D () C:\Users\schingels\AppData\Local\Temp991f313088b215d209d2d97e3c209801
2014-11-09 16:25 - 2014-11-11 00:20 - 00000000 ____D () C:\Users\schingels\AppData\Local\Temp1270dc5f1665619a7e9941f8e54ac8ef
2014-11-07 10:44 - 2014-11-07 10:44 - 00003350 _____ () C:\Windows\System32\Tasks\SpyHunter4Startup
2014-11-07 10:44 - 2014-11-07 10:44 - 00000000 ____D () C:\Users\schingels\AppData\Roaming\Enigma Software Group
2014-11-07 10:44 - 2014-11-07 10:44 - 00000000 ____D () C:\sh4ldr
2014-11-07 09:12 - 2014-11-07 10:44 - 00022704 _____ () C:\Windows\system32\Drivers\EsgScanner.sys
2014-11-07 09:12 - 2014-11-07 10:43 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-11-07 08:38 - 2014-11-13 13:19 - 00421523 _____ () C:\Windows\WindowsUpdate.log
2014-11-07 08:28 - 2014-11-07 08:28 - 00000000 ____D () C:\Users\schingels\AppData\Local\Tempad3126ee63524b68efcd1700a6640da9
2014-11-07 08:28 - 2014-11-07 08:28 - 00000000 ____D () C:\Users\schingels\AppData\Local\Temp68d1ed6af116173792cd0c0fe2aaeb86
2014-11-06 07:53 - 2014-11-13 13:35 - 00000000 ____D () C:\FRST
2014-11-05 10:16 - 2014-11-05 10:16 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-11-04 06:32 - 2014-09-05 03:11 - 06584320 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-11-04 06:32 - 2014-09-05 02:52 - 05703168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-11-02 09:37 - 2013-10-02 03:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2014-11-02 09:37 - 2013-10-02 03:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2014-11-02 09:37 - 2013-10-02 03:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2014-11-02 09:37 - 2013-10-02 02:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2014-11-02 09:37 - 2013-10-02 02:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2014-11-02 09:37 - 2013-10-02 02:29 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-11-02 09:37 - 2013-10-02 02:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2014-11-02 09:37 - 2013-10-02 01:15 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2014-11-02 09:37 - 2013-10-02 01:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2014-11-02 09:37 - 2013-10-02 01:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2014-11-02 09:37 - 2013-10-02 01:08 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2014-11-02 09:37 - 2013-10-02 01:01 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2014-11-02 09:37 - 2013-10-02 00:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-11-02 09:37 - 2013-10-02 00:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-11-02 09:37 - 2013-10-02 00:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2014-11-02 09:37 - 2013-10-01 23:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-10-31 21:24 - 2014-10-31 21:24 - 00000904 _____ () C:\Users\schingels\Desktop\TapinRadio.lnk
2014-10-31 21:24 - 2014-10-31 21:24 - 00000000 ____D () C:\Users\schingels\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TapinRadio
2014-10-21 10:03 - 2014-11-07 07:05 - 00003156 _____ () C:\Windows\System32\Tasks\AdvancedDriverUpdaterRunAtStartup
2014-10-21 09:50 - 2014-10-21 09:50 - 00000987 _____ () C:\Users\Public\Desktop\Ashampoo Internet Accelerator 3.lnk
2014-10-21 08:18 - 2014-10-21 10:01 - 00000454 _____ () C:\Windows\Tasks\One-Click Optimizer WO11.job
2014-10-21 08:18 - 2014-10-21 08:18 - 00003294 _____ () C:\Windows\System32\Tasks\One-Click Optimizer WO11
2014-10-21 08:16 - 2014-10-21 08:16 - 00001226 _____ () C:\Users\Public\Desktop\Ein-Klick-Optimierung (WO11).lnk
2014-10-21 08:16 - 2014-10-21 08:16 - 00000974 _____ () C:\Users\Public\Desktop\Ashampoo WinOptimizer 11.lnk
2014-10-17 08:27 - 2014-11-12 14:47 - 04918960 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-10-16 06:38 - 2014-06-18 23:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-10-16 06:38 - 2014-06-18 23:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2014-10-16 06:38 - 2014-06-18 23:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2014-10-16 06:38 - 2014-06-18 23:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-10-16 06:38 - 2014-06-18 23:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2014-10-16 06:38 - 2014-06-18 23:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-10-16 06:37 - 2014-09-04 06:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-10-16 06:37 - 2014-09-04 06:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-10-16 06:37 - 2014-08-29 03:07 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-10-16 06:37 - 2014-07-17 03:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-10-16 06:37 - 2014-07-17 03:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2014-10-16 06:37 - 2014-07-17 03:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-10-16 06:37 - 2014-07-17 02:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2014-10-16 06:37 - 2014-07-17 02:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-10-16 06:37 - 2014-07-17 02:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-13 13:25 - 2014-08-28 11:17 - 00005168 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for schingels-PC-schingels schingels-PC
2014-11-13 13:21 - 2009-07-14 05:45 - 00009696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-13 13:21 - 2009-07-14 05:45 - 00009696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-13 13:18 - 2013-10-14 19:24 - 00001806 _____ () C:\Users\Public\Desktop\McAfee Internet Security.lnk
2014-11-13 13:14 - 2013-09-10 17:57 - 00000000 ____D () C:\Users\schingels\AppData\Roaming\Wise Care 365
2014-11-13 13:14 - 2013-09-10 17:03 - 00002056 _____ () C:\Users\Public\Desktop\Wise Care 365.lnk
2014-11-13 13:13 - 2013-09-10 18:00 - 00000430 _____ () C:\Windows\Tasks\Wise Care 365.job
2014-11-13 13:12 - 2014-07-30 13:47 - 00000000 __SHD () C:\Nsi.pending
2014-11-13 13:12 - 2011-11-23 15:28 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-11-13 13:12 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-13 10:13 - 2013-12-27 17:39 - 00000000 ____D () C:\Users\schingels\AppData\Roaming\Steganos
2014-11-13 09:36 - 2013-11-08 14:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2014-11-13 09:16 - 2011-04-13 03:47 - 00000000 ____D () C:\Program Files (x86)\ASUS
2014-11-13 09:06 - 2014-08-28 07:29 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-11-13 08:15 - 2014-06-24 09:31 - 00000000 ____D () C:\Users\schingels\AppData\Local\620966BE-20EC-402D-ADC7-17A075A3742B.aplzod
2014-11-13 08:10 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-11-13 07:55 - 2014-02-18 15:03 - 00000000 ____D () C:\Users\schingels\Documents\Mein Steuer-Sparbuch Heute
2014-11-12 22:30 - 2011-11-23 15:31 - 00000000 ____D () C:\Program Files (x86)\Realtek
2014-11-12 22:30 - 2011-11-23 15:22 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-11-12 21:19 - 2011-11-23 15:45 - 00004140 _____ () C:\Windows\system32\AutoRunFilter.ini
2014-11-12 20:43 - 2013-04-02 19:22 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-11-12 16:58 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-11-12 15:32 - 2013-04-02 19:22 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-11-12 15:32 - 2012-05-27 21:29 - 00000000 ____D () C:\Users\schingels\AppData\Local\Adobe
2014-11-12 15:32 - 2012-04-02 17:26 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-11-12 15:32 - 2011-12-25 20:29 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-11-12 15:20 - 2012-05-27 21:28 - 00000000 ____D () C:\ProgramData\Adobe
2014-11-12 15:07 - 2011-11-23 15:45 - 00002660 _____ () C:\Windows\system32\ServiceFilter.ini
2014-11-12 14:43 - 2014-05-01 05:25 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-11-12 08:59 - 2014-01-21 20:01 - 00000000 ____D () C:\AdwCleaner
2014-11-12 08:45 - 2009-07-29 07:03 - 00000000 ____D () C:\Windows\Panther
2014-11-12 07:43 - 2013-07-19 23:02 - 00000000 ____D () C:\Windows\system32\MRT
2014-11-12 07:36 - 2011-12-16 00:45 - 103374192 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-11-11 19:27 - 2014-01-21 17:53 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-11-11 18:48 - 2013-09-10 16:51 - 00000000 ____D () C:\Program Files (x86)\COMPUTERBILD-Abzockschutz
2014-11-11 18:33 - 2013-10-11 18:16 - 00000000 ____D () C:\ProgramData\Apple
2014-11-11 18:33 - 2013-10-11 18:16 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-11-11 18:26 - 2012-02-26 23:04 - 00000000 ____D () C:\Users\schingels\AppData\Roaming\DVDVideoSoft
2014-11-11 18:23 - 2012-09-03 19:25 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-11-11 18:18 - 2011-11-23 15:41 - 00000000 ____D () C:\Program Files (x86)\Renesas Electronics
2014-11-11 17:55 - 2011-12-15 19:45 - 00000000 ___HD () C:\ASUS.DAT
2014-11-11 17:55 - 2011-11-23 15:50 - 00000000 ____D () C:\Program Files (x86)\CyberLink
2014-11-11 17:55 - 2011-11-23 15:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS Utility
2014-11-11 17:52 - 2011-11-23 15:50 - 00000000 ____D () C:\ProgramData\CyberLink
2014-11-11 09:30 - 2013-10-21 19:34 - 00000000 ____D () C:\Program Files (x86)\concept design
2014-11-11 09:22 - 2013-10-11 18:18 - 00000000 ____D () C:\Users\schingels\AppData\Roaming\Apple Computer
2014-11-11 00:20 - 2013-10-23 19:04 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2014-11-11 00:20 - 2013-10-14 19:23 - 00000000 ____D () C:\Program Files (x86)\McAfee
2014-11-11 00:20 - 2011-11-23 15:44 - 00000000 ____D () C:\ProgramData\P4G
2014-11-11 00:20 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration
2014-11-10 20:42 - 2013-09-12 07:13 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-11-10 15:36 - 2011-12-15 19:44 - 00000000 ____D () C:\Users\schingels
2014-11-09 16:47 - 2013-10-13 19:33 - 00000000 ____D () C:\ProgramData\Avira
2014-11-07 19:38 - 2013-10-14 19:23 - 00000000 ____D () C:\Program Files\Common Files\McAfee
2014-11-04 08:08 - 2009-07-14 06:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-11-04 06:31 - 2011-02-19 05:24 - 00730014 _____ () C:\Windows\system32\perfh007.dat
2014-11-04 06:31 - 2011-02-19 05:24 - 00159592 _____ () C:\Windows\system32\perfc007.dat
2014-11-04 06:31 - 2009-07-14 06:13 - 01690812 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-03 10:59 - 2012-05-01 12:44 - 00000000 ____D () C:\Users\schingels\AppData\Local\Windows Live
2014-11-02 10:03 - 2012-10-07 21:13 - 00000000 ____D () C:\Windows\SysWOW64\NV
2014-11-02 10:03 - 2012-10-07 21:13 - 00000000 ____D () C:\Windows\system32\NV
2014-11-02 10:02 - 2009-07-14 04:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-11-01 09:56 - 2009-07-14 06:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-10-31 13:22 - 2014-03-11 17:30 - 00000000 ____D () C:\Users\schingels\AppData\Roaming\ALFBanCo5
2014-10-31 13:22 - 2014-03-11 17:30 - 00000000 ____D () C:\ProgramData\AlfBanCo5
2014-10-31 05:06 - 2014-08-22 05:17 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-10-31 05:06 - 2014-08-22 05:17 - 00000000 ____D () C:\Program Files (x86)\Java
2014-10-27 08:57 - 2014-08-22 14:46 - 00000000 ____D () C:\Users\schingels\AppData\Roaming\Steganos VPN
2014-10-24 08:05 - 2014-01-29 17:09 - 00000000 ____D () C:\Users\schingels\AppData\Local\Microsoft Help
2014-10-24 08:05 - 2013-09-11 08:16 - 00003704 _____ () C:\Windows\System32\Tasks\Java Update Scheduler
2014-10-24 06:39 - 2013-11-01 20:51 - 00000000 ____D () C:\ProgramData\Oracle
2014-10-24 06:39 - 2013-11-01 20:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-10-24 05:55 - 2013-09-10 17:48 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-10-22 06:20 - 2013-10-11 18:17 - 00000000 ____D () C:\Users\schingels\AppData\Local\Apple
2014-10-21 09:50 - 2013-09-10 16:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo
2014-10-21 09:50 - 2013-09-10 16:44 - 00000000 ____D () C:\ProgramData\ashampoo
2014-10-21 08:19 - 2013-09-10 16:52 - 00000000 ____D () C:\Users\schingels\AppData\Local\Ashampoo Photo Optimizer 4
2014-10-15 15:45 - 2013-10-27 23:28 - 00001332 _____ () C:\Windows\wininit.ini

Files to move or delete:
====================
C:\ProgramData\nud0repor.pad

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2013-10-31 00:16

==================== End Of Log ============================

Ran by schingels at 2014-11-13 13:36:43
Running from D:\Users\Downloads
Boot Mode: Normal
==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892}
AS: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {16C7C823-5972-5907-58FA-0004E2F9422F}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Firewall (Enabled) {959DA8E2-3527-57D1-4915-924367AD4FE9}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

1&1 Surf-Stick (HKLM-x32\...\{A9E5EDA7-2E6C-49E7-924B-A32B89C24A04}) (Version: 1.0.0.2 - )
1&1 Upload-Manager (HKLM-x32\...\1&1 Upload-Manager) (Version: 2.0.676 - 1&1 Internet AG)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.223 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.223 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
ALF-BanCo 5 (HKLM-x32\...\Alf-BanCo5_is1) (Version: 5.3.5 - ALF AG)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Ashampoo Burning Studio 2012 v10.0.15 (HKLM-x32\...\Ashampoo Burning Studio 2012_is1) (Version: 10.0.15 - Ashampoo GmbH & Co. KG)
Ashampoo Internet Accelerator 3 v.3.30 (HKLM-x32\...\{4209F371-C803-200D-89A4-5479B6569259}_is1) (Version: 3.3.0 - Ashampoo GmbH & Co. KG)
Ashampoo Photo Commander 9 v.9.4.3 (HKLM-x32\...\Ashampoo Photo Commander 9_is1) (Version: 9.4.3 - Ashampoo GmbH & Co. KG)
Ashampoo Photo Optimizer 4 v.4.0.3 (HKLM-x32\...\Ashampoo Photo Optimizer 4_is1) (Version: 4.0.3 - Ashampoo GmbH & Co. KG)
Ashampoo WinOptimizer 11 v.11.00.41 (HKLM-x32\...\{4209F371-8D72-8119-66FA-897D2D41E27F}_is1) (Version: 11.00.41 - Ashampoo GmbH & Co. KG)
Ashampoo WinOptimizer 2014 v.1.0.0 (HKLM-x32\...\{4209F371-99CD-68CB-1C29-9910F8F9BD96}_is1) (Version: 1.0.0 - Ashampoo GmbH & Co. KG)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.0.22 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{33B98264-A889-4913-A0CA-C364A75032B3}) (Version: 1.1.45 - ASUS)
ASUS SmartLogon (HKLM-x32\...\{64452561-169F-4A36-A2FF-B5E118EC65F5}) (Version: 1.0.0011 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.02.0031 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{AECA3622-E634-4A55-A696-70A511CBE06E}) (Version: 2.0.0 - AsusTek Computer Inc.)
ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.21 - asus)
CCleaner (HKLM\...\CCleaner) (Version: 3.22 - Piriform)
COMPUTERBILD-Abzockschutz (HKLM-x32\...\{2664E454-FECE-42E9-A7EF-6B5EB62AC67B}) (Version: 1.0.58 - J3S)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
ETDWare PS/2-X64 8.0.5.1_WHQL (HKLM\...\Elantech) (Version: 8.0.5.1 - ELAN Microelectronic Corp.)
Fast Boot (HKLM\...\{13F4A7F3-EABC-4261-AF6B-1317777F0755}) (Version: 1.0.9 - ASUS)
FileViewPro (HKLM\...\FileViewPro_is1) (Version: 4.0 - Solvusoft Corporation)
Free PDF to Word Doc Converter v1.1 (HKLM-x32\...\Free PDF to Word Doc Converter_is1) (Version: 1.1 - www.hellopdf.com)
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Update Helper (x32 Version: 1.3.21.153 - Google Inc.) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.2.1004 - Intel Corporation)
Intel(R) Turbo Boost Technology Monitor 2.0 (HKLM\...\{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}) (Version: 2.1.23.0 - Intel)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 4.0.4.30 - IObit)
iTunes (HKLM\...\{1CF5754A-545B-4360-BFDE-2847BC728DFC}) (Version: 11.2.0.115 - Apple Inc.)
Java 7 Update 67 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417067FF}) (Version: 7.0.670 - Oracle)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
McAfee Internet Security (HKLM-x32\...\MSC) (Version: 12.8.992 - McAfee, Inc.)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
McAfee SiteAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 3.7.143 - McAfee, Inc.)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 15.0.4659.1001 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-733679015-3351541572-3055150241-1001\...\OneDriveSetup.exe) (Version: 17.3.1229.0918 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mobile Partner (HKLM-x32\...\Mobile Partner) (Version: 21.005.15.02.382 - Huawei Technologies Co.,Ltd)
Mozilla Firefox 33.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 33.1 (x86 de)) (Version: 33.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.0 - Mozilla)
NVIDIA 3D Vision Treiber 314.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 314.22 - NVIDIA Corporation)
NVIDIA Grafiktreiber 314.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 314.22 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.23.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.23.1 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.12.1031 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA Update 1.12.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.12.12 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4659.1001 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4659.1001 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4659.1001 - Microsoft Corporation) Hidden
Paragon Backup and Recovery™ 2014 Free (HKLM\...\{C268B5E1-A5DA-11DF-A289-005056C00008}) (Version: 90.00.0003 - Paragon Software)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6370 - Realtek Semiconductor Corp.)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Ship Simulator Extremes (HKLM-x32\...\ShipSimExtremes) (Version: - )
System Requirements Lab (HKLM-x32\...\SystemRequirementsLab) (Version: - )
TapinRadio 1.60.1 (HKU\S-1-5-21-733679015-3351541572-3055150241-1001\...\TapinRadio_is1) (Version: - Raimersoft)
TomTom HOME (HKLM-x32\...\{7A2BB1C8-903D-4585-9F3B-CADD67D07D37}) (Version: 2.9.8 - Ihr Firmenname)
TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
TuneUp Utilities 2013 (HKLM-x32\...\TuneUp Utilities 2013) (Version: 13.0.4000.245 - TuneUp Software)
TuneUp Utilities 2013 (x32 Version: 13.0.4000.245 - TuneUp Software) Hidden
TuneUp Utilities Language Pack (de-DE) (x32 Version: 13.0.4000.245 - TuneUp Software) Hidden
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (HKLM-x32\...\{C32CE55C-12BA-4951-8797-0967FDEF556F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinRAR 4.01 (32-Bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
WinRAR 5.11 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)
Wireless Console 3 (HKLM-x32\...\{8150221C-8F7E-4997-AD4E-AFDEE7F4B410}) (Version: 3.0.21 - ASUS)
Wise Care 365 3.21 (HKLM-x32\...\Wise Care 365_is1) (Version: 3.21 - WiseCleaner.com, Inc.)
Wise Care 365 version 2.03 (HKLM-x32\...\{E864A1C8-EEE1-47D0-A7F8-00CC86D26D5E}_is1) (Version: 2.9.3 - WiseCleaner.com, Inc.)
WISO Steuer-Sparbuch 2013 (HKU\S-1-5-21-733679015-3351541572-3055150241-1001\...\{D6CC2FAF-F827-4091-96A1-D32CC9B69C79}) (Version: 20.02.8171 - Buhl Data Service GmbH)
WISO Steuer-Sparbuch 2014 (HKLM-x32\...\{2D3BBBB5-C1F2-44B2-B754-4A47C2F8EF5F}) (Version: 21.00.8480 - Buhl Data Service GmbH)
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
بريد Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
معرض صور Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-733679015-3351541572-3055150241-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\schingels\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-733679015-3351541572-3055150241-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\schingels\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-733679015-3351541572-3055150241-1001_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\schingels\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-733679015-3351541572-3055150241-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\schingels\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-733679015-3351541572-3055150241-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\schingels\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\FileSyncApi64.dll (Microsoft Corporation)

==================== Restore Points =========================

11-11-2014 08:21:35 IObit Uninstaller restore point
11-11-2014 08:26:51 IObit Uninstaller restore point
11-11-2014 08:31:07 Konfiguriert Power2Go
11-11-2014 16:56:12 Removed ASUS Live Update
11-11-2014 17:17:20 Removed Renesas Electronics USB 3.0 Host Controller Driver
11-11-2014 17:19:30 Entfernt Realtek USB 2.0 Reader Driver
12-11-2014 06:33:43 Windows Update
12-11-2014 20:00:05 Revo Uninstaller's restore point - Advanced SystemCare 7
12-11-2014 20:04:25 Revo Uninstaller's restore point - Avira SearchFree Toolbar
12-11-2014 20:06:27 Revo Uninstaller's restore point - Driver Booster 2
12-11-2014 20:08:08 Revo Uninstaller's restore point - Smart Defrag 3
12-11-2014 20:12:55 Revo Uninstaller's restore point - Avira SearchFree Toolbar
12-11-2014 20:13:56 Revo Uninstaller's restore point - Surfing Protection

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {021F5962-CFBB-4D7B-866A-6007A3ED7044} - System32\Tasks\ASUS SmartLogon Console Sensor => C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe [2010-11-15] (ASUS)
Task: {06A885F6-E193-4D6D-B444-4CEB56C434FC} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2013\OneClick.exe [2014-01-28] (TuneUp Software)
Task: {1D55F36F-1ABC-45A6-BE11-0DA43363CBD7} - \Feven 1.2-chromeinstaller No Task File <==== ATTENTION
Task: {237B1A2F-C0D2-4EBF-93D6-FAC026DE1728} - System32\Tasks\Wise Turbo Checker => C:\Program Files (x86)\Wise\Wise Care 365\WiseTurbo.exe [2014-07-07] (WiseCleaner.COM)
Task: {28CBFA2D-3602-448E-92B6-8C212C21C46C} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2014-09-25] (Microsoft Corporation)
Task: {2C815E4E-327C-4F85-A0A7-01C02411528E} - System32\Tasks\SpyHunter4Startup => C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe
Task: {40BF27A8-9327-4AB7-AF0D-5FF03176D93D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2012-08-22] (Piriform Ltd)
Task: {4476F211-03EC-4AC6-B6F5-C1C50323522F} - \Feven 1.2-firefoxinstaller No Task File <==== ATTENTION
Task: {4D35DD80-8C0F-429E-ADDF-04A1D49DD898} - \Feven 1.2-enabler No Task File <==== ATTENTION
Task: {4E18AC64-CCD9-4CE6-B493-90E7DFA57CEB} - \Plus-HD-4.8-chromeinstaller No Task File <==== ATTENTION
Task: {502C0A29-99A7-4AE1-8868-A42D3C395C9C} - System32\Tasks\Driver Booster SkipUAC (schingels) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
Task: {577E01DE-D214-4816-A3B4-098CA767F0F6} - \Plus-HD-4.8-codedownloader No Task File <==== ATTENTION
Task: {5DA1326E-C3AD-40A9-B6FD-3A04EFE28854} - \Moo0 System Monitor 1.76 No Task File <==== ATTENTION
Task: {5F607E55-BB1B-4F28-A027-4EC4941782E2} - \Feven 1.2-updater No Task File <==== ATTENTION
Task: {5FEA9A87-FC8A-409B-825B-7DB6F19076C5} - \Plus-HD-4.8-firefoxinstaller No Task File <==== ATTENTION
Task: {73B543E7-7F4A-4EE1-8644-A434A97105D7} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-09-25] (Microsoft Corporation)
Task: {7C328703-C9B0-4FD1-AD91-98EA27AF44E0} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {82BA10E0-53E7-4614-91CC-6E57C39D1720} - \Plus-HD-4.8-enabler No Task File <==== ATTENTION
Task: {85C0F9DD-CBE3-4BF1-AA37-5D9DD2CDDB09} - System32\Tasks\One-Click Optimizer WO11 => D:\Users\Ashampoo Internet Accelerator 3\Ashampoo WinOptimizer 11\WO11.exe [2014-08-05] (Ashampoo Development GmbH & Co. KG)
Task: {8FA7B28D-F6DA-4778-9308-5B5E35C0B8C0} - \Plus-HD-4.8-updater No Task File <==== ATTENTION
Task: {9096B9AA-D865-4850-9E99-BF4CFC1D4E66} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21] (Adobe Systems Incorporated)
Task: {9258562A-395D-4448-A80C-30B588206B71} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-10-07] (Oracle Corporation)
Task: {94D79261-968E-4D91-90C2-BA2BB058D3CA} - System32\Tasks\Abelssoft\Updater scan => C:\Program Files (x86)\CHIP Updater\CHIPUpdater.exe
Task: {963B6A25-005D-452D-9B23-8EDEF0F920CA} - System32\Tasks\RunAsStdUser Task for VeohWebPlayer => C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\veohwebplayer.exe
Task: {9BE4943D-1225-4F33-86BC-AD4EAC3B1659} - System32\Tasks\{D618E339-78DC-4056-AE3D-3870DD7D936B} => D:\Users\Downloads\DAVSRV.EXE [2011-11-21] (1&1 Internet AG)
Task: {A08D041D-720C-4255-B41E-AEEAE6E38820} - System32\Tasks\Microsoft Office 15 Sync Maintenance for schingels-PC-schingels schingels-PC => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2014-09-16] (Microsoft Corporation)
Task: {A301327C-9C30-4237-A79A-22BC22EA3E8B} - System32\Tasks\Wise Care 365 => C:\Program Files (x86)\Wise\Wise Care 365\WiseTray.exe [2014-07-18] (WiseCleaner.com)
Task: {ABAA8D8C-81F4-4B65-BDA8-6408D8CB56C8} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe
Task: {B4639BAA-57B3-489A-8A8D-0045600A6723} - System32\Tasks\{4565DE98-4314-48CE-B670-D1CA4F40EB2F} => D:\Users\Downloads\DAVSRV.EXE [2011-11-21] (1&1 Internet AG)
Task: {B81625A9-A5CF-4246-84A9-8CB11AD75A8F} - System32\Tasks\RunAsStdUser Task => D:\Users\Downloads\ConnectionWatcher 1.56\ConnectionWatcher.exe
Task: {BA62A6F4-7E91-49F6-997A-6F856A4D75BC} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-12] (Adobe Systems Incorporated)
Task: {C5ED3241-CC04-4E85-B37D-1B2B693650E5} - System32\Tasks\ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2010-08-02] (ASUS)
Task: {CFEAFC92-97D9-4C33-99B3-C10168CD7245} - System32\Tasks\Uninstaller_SkipUac_schingels => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2014-11-11] (IObit)
Task: {D152B3E6-095E-41D0-A4E5-CC2999012C57} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe
Task: {D1B8D3EE-3FD3-4163-86CA-B3803A600D9C} - System32\Tasks\ASUS P4G => C:\Program Files\P4G\BatteryLife.exe [2011-06-01] (ASUS)
Task: {D406C7FA-24A7-47DC-9F42-A33FAF13EEAC} - System32\Tasks\AdvancedDriverUpdaterRunAtStartup => C:\Program Files (x86)\Advanced Driver Updater\adu.exe
Task: {D9859D8B-B290-4EBC-B37E-FFAFE9FB13BD} - System32\Tasks\One-Click Optimizer => C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 2014\WO2014.exe [2013-12-18] (Ashampoo Development GmbH & Co. KG)
Task: {E48CE7A2-11BF-465B-9EF4-4C3797CAD2AF} - System32\Tasks\{C6602E39-CEE7-453F-8873-21F65A16150A} => Firefox.exe
Task: {E7CCAB70-1251-4BEB-AD08-8ABAD64020A0} - System32\Tasks\{B0E86049-C9E4-4FB7-81CD-7112024A96B8} => C:\Users\schingels\Desktop\Downloads\World-of-Warcraft-Setup-deDE.exe
Task: {F29F0625-D113-43D0-9B06-F514FA400FF3} - \Feven 1.2-codedownloader No Task File <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\One-Click Optimizer WO11.job => D:\Users\Ashampoo Internet Accelerator 3\Ashampoo WinOptimizer 11\WO11.exe
Task: C:\Windows\Tasks\One-Click Optimizer.job => C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 2014\WO2014.exe
Task: C:\Windows\Tasks\Wise Care 365.job => C:\Program Files (x86)\Wise\Wise Care 365\WiseTray.exe
Task: C:\Windows\Tasks\Wise Turbo Checker.job => C:\Program Files (x86)\Wise\Wise Care 365\WiseTurbo.exe

==================== Loaded Modules (whitelisted) =============

2012-10-07 21:09 - 2013-03-15 05:16 - 00086304 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-03-21 04:30 - 2014-05-20 08:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2011-03-14 16:27 - 2011-03-14 16:27 - 00346976 _____ () C:\ProgramData\DatacardService\HWDeviceService64.exe
2014-09-27 18:44 - 2014-09-27 18:43 - 00239968 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe
2014-01-28 09:37 - 2014-01-28 09:37 - 00741176 _____ () C:\Program Files (x86)\TuneUp Utilities 2013\avgrepliba.dll
2013-09-17 18:51 - 2010-09-30 13:00 - 00253264 _____ () D:\Benutzer\1&1 Surf-Stick\AssistantServices.exe
2014-10-21 08:15 - 2014-08-05 10:02 - 00223600 _____ () D:\Users\Ashampoo Internet Accelerator 3\Ashampoo WinOptimizer 11\LiveTunerService.exe
2011-06-20 15:01 - 2011-03-26 08:29 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2013-09-17 18:51 - 2010-09-30 13:00 - 00139088 _____ () D:\Benutzer\1&1 Surf-Stick\UIExec.exe
2010-11-30 00:04 - 2010-11-30 00:04 - 00403968 _____ () C:\Program Files\Intel\TurboBoost\de\SignalIslandUi.resources.dll
2014-02-18 15:00 - 2014-03-13 21:32 - 01398064 _____ () C:\WISO\Steuersoftware 2013\mshaktuell.exe
2014-09-27 18:44 - 2014-09-27 18:43 - 00011362 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\mingwm10.dll
2014-09-27 18:44 - 2014-09-27 18:43 - 00043008 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\libgcc_s_dw2-1.dll
2014-09-27 18:44 - 2014-09-27 18:43 - 02415104 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QtCore4.dll
2014-09-27 18:44 - 2014-09-27 18:43 - 01148416 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QtNetwork4.dll
2014-09-27 18:44 - 2014-09-27 18:43 - 00383488 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QueryStrategy.dll
2014-09-27 18:44 - 2014-09-27 18:43 - 00398336 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QtXml4.dll
2014-10-09 09:52 - 2014-10-09 09:52 - 00081056 _____ () C:\Users\schingels\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\LoggingPlatform.dll
2014-10-09 09:52 - 2014-10-09 09:52 - 00081056 _____ () C:\Users\schingels\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\LoggingPlatform.DLL
2014-02-18 15:00 - 2014-03-13 21:34 - 08952624 _____ () C:\WISO\Steuersoftware 2013\wgui13.dll
2014-02-18 15:00 - 2014-03-13 21:32 - 00028672 _____ () C:\WISO\Steuersoftware 2013\rsdcom48.dll
2014-02-18 15:00 - 2014-03-13 21:32 - 00309040 _____ () C:\WISO\Steuersoftware 2013\rscorewinapi48.dll
2014-02-18 15:00 - 2014-03-13 21:32 - 00321328 _____ () C:\WISO\Steuersoftware 2013\rsguiwinapi48.dll
2014-02-18 14:59 - 2014-03-13 21:33 - 03506992 _____ () C:\WISO\Steuersoftware 2013\wcore13.dll
2014-02-18 15:00 - 2014-03-13 21:32 - 00136496 _____ () C:\WISO\Steuersoftware 2013\rsodbc48.dll
2014-02-18 14:59 - 2014-03-14 09:55 - 02194736 _____ () C:\WISO\Steuersoftware 2013\wfvie13.dll
2014-02-18 15:00 - 2014-03-13 21:33 - 01611056 _____ () C:\WISO\Steuersoftware 2013\wsteu13.dll
2014-02-18 15:00 - 2014-03-13 21:32 - 01739568 _____ () C:\WISO\Steuersoftware 2013\wreli13.dll
2014-02-18 14:59 - 2014-03-13 21:33 - 04273456 _____ () C:\WISO\Steuersoftware 2013\wauff13.dll
2013-01-17 14:30 - 2014-01-14 10:50 - 01043456 _____ () C:\WISO\Steuersoftware 2013\clucene-core.dll
2013-01-17 14:30 - 2014-01-14 10:50 - 00094720 _____ () C:\WISO\Steuersoftware 2013\clucene-shared.dll
2013-01-17 14:30 - 2014-01-14 10:50 - 00250368 _____ () C:\WISO\Steuersoftware 2013\clucene-contribs-lib.dll
2014-02-18 15:00 - 2014-03-13 21:32 - 01505584 _____ () C:\WISO\Steuersoftware 2013\wmain13.dll
2014-02-18 14:59 - 2014-03-13 21:33 - 04972336 _____ () C:\WISO\Steuersoftware 2013\wbae113.dll
2014-02-18 14:59 - 2014-03-13 21:33 - 01373488 _____ () C:\WISO\Steuersoftware 2013\wbae213.dll
2014-02-18 14:59 - 2014-03-13 21:33 - 01748784 _____ () C:\WISO\Steuersoftware 2013\wbae313.dll
2014-02-18 14:59 - 2014-03-13 21:33 - 01582896 _____ () C:\WISO\Steuersoftware 2013\wbae413.dll
2014-02-18 15:00 - 2014-03-13 21:33 - 01147184 _____ () C:\WISO\Steuersoftware 2013\whau113.dll
2014-02-18 15:00 - 2014-03-13 21:33 - 01230640 _____ () C:\WISO\Steuersoftware 2013\whau213.dll
2014-02-18 15:00 - 2014-03-13 21:33 - 01307952 _____ () C:\WISO\Steuersoftware 2013\wwerb13.dll
2014-02-18 15:00 - 2014-03-13 21:33 - 06789936 _____ () C:\WISO\Steuersoftware 2013\wkont13.dll
2014-02-18 15:00 - 2014-03-13 21:33 - 01253888 _____ () C:\WISO\Steuersoftware 2013\wimp13.dll
2014-02-18 14:59 - 2014-03-13 21:33 - 01317168 _____ () C:\WISO\Steuersoftware 2013\wfabu13.dll
2014-11-10 16:00 - 2014-11-10 16:00 - 03649648 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-09-27 08:32 - 2014-09-27 08:32 - 00316576 _____ () C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\AppVIsvStream32.dll
2014-10-17 09:21 - 2014-10-17 09:21 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\9b1cac8d98bd69d3e56a26ff2f96f266\IsdiInterop.ni.dll
2011-11-23 15:22 - 2011-01-13 02:56 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2012-09-23 20:43 - 2012-09-23 20:43 - 00313992 _____ () C:\Program Files (x86)\Adobe\Reader 11.0\Reader\sqlite.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:373E1720

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: ASUS Screen Saver Protector => C:\Windows\AsScrPro.exe
MSCONFIG\startupreg: ATKMEDIA => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
MSCONFIG\startupreg: ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
MSCONFIG\startupreg: CLMLServer => "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: HControlUser => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
MSCONFIG\startupreg: UpdateLBPShortCut => "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
MSCONFIG\startupreg: UpdateP2GoShortCut => "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
MSCONFIG\startupreg: Wireless Console 3 => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe

========================= Accounts: ==========================

Administrator (S-1-5-21-733679015-3351541572-3055150241-500 - Administrator - Disabled)
Gast (S-1-5-21-733679015-3351541572-3055150241-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-733679015-3351541572-3055150241-1006 - Limited - Enabled)
schingels (S-1-5-21-733679015-3351541572-3055150241-1001 - Administrator - Enabled) => C:\Users\schingels
UpdatusUser (S-1-5-21-733679015-3351541572-3055150241-1005 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Faulty Device Manager Devices =============

Name: Netzwerkcontroller
Description: Netzwerkcontroller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: USB2.0-CRW
Description: USB2.0-CRW
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: USB2.0 0.3M UVC WebCam
Description: USB-Videogerät
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: usbvideo
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

==================== Event log errors: =========================

Application errors:
==================
Error: (11/13/2014 01:13:12 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: Der Index kann nicht initialisiert werden.

Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)

Error: (11/13/2014 01:13:12 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Die Anwendung kann nicht initialisiert werden.

Kontext: Windows Anwendung

Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)

Error: (11/13/2014 01:13:12 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Das Gatherer-Objekt kann nicht initialisiert werden.

Kontext: Windows Anwendung, SystemIndex Katalog

Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)

Error: (11/13/2014 01:13:12 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Plug-In in <Search.TripoliIndexer> kann nicht initialisiert werden.

Kontext: Windows Anwendung, SystemIndex Katalog

Details:
Element nicht gefunden. (HRESULT : 0x80070490) (0x80070490)

Error: (11/13/2014 01:13:07 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Plug-In in <Search.JetPropStore> kann nicht initialisiert werden.

Kontext: Windows Anwendung, SystemIndex Katalog

Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)

Error: (11/13/2014 01:13:07 PM) (Source: Windows Search Service) (EventID: 9002) (User: )
Description: Die Eigenschaftenspeicherdaten können von Windows Search nicht geladen werden.

Kontext: Windows Anwendung, SystemIndex Katalog

Details:
Die Inhaltsindexdatenbank ist fehlerhaft. (HRESULT : 0xc0041800) (0xc0041800)

Error: (11/13/2014 01:13:07 PM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: Windows Search wird aufgrund eines Problems bei der Indizierung The catalog is corrupt beendet.

Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)

Error: (11/13/2014 01:13:07 PM) (Source: Windows Search Service) (EventID: 7040) (User: )
Description: Vom Suchdienst wurden beschädigte Datendateien im Index {id=4700} erkannt. Vom Dienst wird versucht, dieses Problem durch Neuerstellung des Indexes automatisch zu beheben.

Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)

Error: (11/13/2014 01:13:07 PM) (Source: Windows Search Service) (EventID: 9000) (User: )
Description: Der Jet-Eigenschaftenspeicher kann von Windows Search nicht geöffnet werden.

Details:
0x%08x (0xc0041800 - Die Inhaltsindexdatenbank ist fehlerhaft. (HRESULT : 0xc0041800))

Error: (11/13/2014 01:13:06 PM) (Source: ESENT) (EventID: 455) (User: )
Description: Windows (3520) Windows: Fehler -1811 beim Öffnen von Protokolldatei C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS00671.log.

System errors:
=============
Error: (11/13/2014 01:34:58 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "DNS-Client" wurde mit folgendem Fehler beendet:
%%2

Error: (11/13/2014 01:34:56 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "DNS-Client" wurde mit folgendem Fehler beendet:
%%2

Error: (11/13/2014 01:34:56 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "DNS-Client" wurde mit folgendem Fehler beendet:
%%2

Error: (11/13/2014 01:34:56 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "DNS-Client" wurde mit folgendem Fehler beendet:
%%2

Error: (11/13/2014 01:34:56 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "DNS-Client" wurde mit folgendem Fehler beendet:
%%2

Error: (11/13/2014 01:34:56 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "DNS-Client" wurde mit folgendem Fehler beendet:
%%2

Error: (11/13/2014 01:34:56 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "DNS-Client" wurde mit folgendem Fehler beendet:
%%2

Error: (11/13/2014 01:34:56 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "DNS-Client" wurde mit folgendem Fehler beendet:
%%2

Error: (11/13/2014 01:34:56 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "DNS-Client" wurde mit folgendem Fehler beendet:
%%2

Error: (11/13/2014 01:34:56 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "DNS-Client" wurde mit folgendem Fehler beendet:
%%2

Microsoft Office Sessions:
=========================
Error: (11/13/2014 01:13:12 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description:
Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)

Error: (11/13/2014 01:13:12 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Kontext: Windows Anwendung

Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)

Error: (11/13/2014 01:13:12 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Kontext: Windows Anwendung, SystemIndex Katalog

Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)

Error: (11/13/2014 01:13:12 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Kontext: Windows Anwendung, SystemIndex Katalog

Details:
Element nicht gefunden. (HRESULT : 0x80070490) (0x80070490)
Search.TripoliIndexer

Error: (11/13/2014 01:13:07 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Kontext: Windows Anwendung, SystemIndex Katalog

Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)
Search.JetPropStore

Error: (11/13/2014 01:13:07 PM) (Source: Windows Search Service) (EventID: 9002) (User: )
Description: Kontext: Windows Anwendung, SystemIndex Katalog

Details:
Die Inhaltsindexdatenbank ist fehlerhaft. (HRESULT : 0xc0041800) (0xc0041800)

Error: (11/13/2014 01:13:07 PM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description:
Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)
The catalog is corrupt

Error: (11/13/2014 01:13:07 PM) (Source: Windows Search Service) (EventID: 7040) (User: )
Description:
Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)
4700

Error: (11/13/2014 01:13:07 PM) (Source: Windows Search Service) (EventID: 9000) (User: )
Description:
Details:
0x%08x (0xc0041800 - Die Inhaltsindexdatenbank ist fehlerhaft. (HRESULT : 0xc0041800))

Error: (11/13/2014 01:13:06 PM) (Source: ESENT) (EventID: 455) (User: )
Description: Windows3520Windows: C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS00671.log-1811

CodeIntegrity Errors:
===================================
Date: 2014-10-27 17:29:41.718
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Alle geladene Programme\Program Files\Program Files\Common Files\McAfee\VSCore\mfeelamk.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2014-10-27 17:29:41.715
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Alle geladene Programme\Program Files\Program Files\Common Files\McAfee\VSCore\mfeelamk.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2014-10-27 17:29:41.712
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Alle geladene Programme\Program Files\Program Files\Common Files\McAfee\VSCore\mfeelamk.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2014-10-27 17:29:41.659
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Alle geladene Programme\Program Files\Program Files\Common Files\McAfee\VSCore\mfeelamk.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2014-10-27 17:20:17.575
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Alle geladene Programme\Program Files\Common Files\Mcafee\VSCore\mfeelamk.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2014-10-27 17:20:17.572
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Alle geladene Programme\Program Files\Common Files\Mcafee\VSCore\mfeelamk.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2014-10-27 17:20:17.569
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Alle geladene Programme\Program Files\Common Files\Mcafee\VSCore\mfeelamk.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2014-10-27 17:20:17.516
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Alle geladene Programme\Program Files\Common Files\Mcafee\VSCore\mfeelamk.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2014-09-05 10:08:11.614
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Alle geladene Programme\Program Files\Program Files\Common Files\McAfee\VSCore\mfeelamk.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2014-09-05 10:08:11.611
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Alle geladene Programme\Program Files\Program Files\Common Files\McAfee\VSCore\mfeelamk.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7-2670QM CPU @ 2.20GHz
Percentage of memory in use: 52%
Total physical RAM: 8100.97 MB
Available physical RAM: 3847.47 MB
Total Pagefile: 16200.13 MB
Available Pagefile: 11568.91 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:300.41 GB) (Free:233.51 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (DATA) (Fixed) (Total:215.5 GB) (Free:168.94 GB) NTFS
Drive e: (CHIP) (CDROM) (Total:1.73 GB) (Free:0 GB) UDF

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: AE14F3C6)
Partition 1: (Not Active) - (Size=25 GB) - (Type=1C)
Partition 2: (Active) - (Size=300.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=215.5 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=157.7 GB) - (Type=BC)

========================================================
Disk: 1 (Size: 14.8 GB) (Disk ID: 66205247)
No partition Table on disk 1.

========================================================
Disk: 3 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: E0E01FFB)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 4 (Size: 76.7 GB) (Disk ID: 65620000)
No partition Table on disk 4.

==================== End Of Log ============================

schrauber · 14.11.2014, 07:22

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

und ein frisches FRST log bitte.

ggoettling · 14.11.2014, 09:54

FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-11-2014 02
Ran by schingels (administrator) on SCHINGELS-PC on 14-11-2014 07:59:56
Running from D:\Users\Downloads
Loaded Profile: schingels (Available profiles: schingels & UpdatusUser)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
() C:\ProgramData\DatacardService\HWDeviceService64.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
() C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
(AVG Technologies) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
() D:\Benutzer\1&1 Surf-Stick\AssistantServices.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
() D:\Users\Ashampoo Internet Accelerator 3\Ashampoo WinOptimizer 11\LiveTunerService.exe
(McAfee, Inc.) C:\Program Files\McAfee\MSC\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(AVG Technologies) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe
(WiseCleaner.com) C:\Program Files (x86)\Wise\Wise Care 365\WiseTray.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Ashampoo Development GmbH & Co. KG) D:\Users\Ashampoo Internet Accelerator 3\Ashampoo WinOptimizer 11\LiveTuner2.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(1&1 Internet AG) D:\Users\Downloads\DAVSRV.EXE
(Microsoft Corporation) C:\Users\schingels\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
() D:\Benutzer\1&1 Surf-Stick\UIExec.exe
(Alf - AG) D:\Users\Hallingstrasse\ALFBanCo5\AlfReminder5.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(ASUS) C:\Windows\AsScrPro.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(J3S GmbH) C:\Program Files (x86)\COMPUTERBILD-Abzockschutz\Bin\COMPUTERBILD-Abzockschutz.exe
(Intel® Corporation) C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe
() C:\WISO\Steuersoftware 2013\mshaktuell.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(WiseCleaner.com) C:\Program Files (x86)\Wise\Wise Care 365\WiseCare365.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\csisyncclient.exe
(Intel(R) Corporation) C:\Program Files\Intel\TurboBoost\TurboBoost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2587944 2010-12-31] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2213992 2011-05-12] (Realtek Semiconductor)
HKLM\...\Run: [Ashampoo WinOptimizer Live-Tuner2] => D:\Users\Ashampoo Internet Accelerator 3\Ashampoo WinOptimizer 11\LiveTuner2.exe [3516784 2014-08-05] (Ashampoo Development GmbH & Co. KG)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [2018032 2011-04-13] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [UIExec] => D:\Benutzer\1&1 Surf-Stick\UIExec.exe [139088 2010-09-30] ()
HKLM-x32\...\Run: [mcui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-04-25] (McAfee, Inc.)
HKLM-x32\...\Run: [ASUS Screen Saver Protector] => C:\Windows\AsScrPro.exe [3058304 2014-01-22] (ASUS)
HKLM-x32\...\Run: [COMPUTERBILD-Abzockschutz] => C:\Program Files (x86)\COMPUTERBILD-Abzockschutz\bin\COMPUTERBILD-Abzockschutz.exe [537664 2014-06-19] (J3S GmbH)
HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-04-25] (McAfee, Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-733679015-3351541572-3055150241-1001\...\Run: [1&1_1&1 Upload-Manager] => D:\Users\Downloads\DAVSRV.EXE [989264 2011-11-21] (1&1 Internet AG)
HKU\S-1-5-21-733679015-3351541572-3055150241-1001\...\Run: [SkyDrive] => C:\Users\schingels\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [277672 2014-10-09] (Microsoft Corporation)
HKU\S-1-5-21-733679015-3351541572-3055150241-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-733679015-3351541572-3055150241-1001\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-733679015-3351541572-3055150241-1001\...\MountPoints2: {e8ee4c17-46ef-11e4-bbab-001e101f82a7} - F:\AutoRun.exe
HKU\S-1-5-21-733679015-3351541572-3055150241-1001\...\MountPoints2: {e8ee4c2f-46ef-11e4-bbab-001e101f82a7} - F:\AutoRun.exe
HKU\S-1-5-21-733679015-3351541572-3055150241-1001\...\MountPoints2: {e8ee4cab-46ef-11e4-bbab-001e101f82a7} - F:\AutoRun.exe
HKU\S-1-5-21-733679015-3351541572-3055150241-1001\...\MountPoints2: {f205f158-458a-11e4-9adb-5404a67455a1} - F:\AutoRun.exe
HKU\S-1-5-21-733679015-3351541572-3055150241-1001\...\MountPoints2: {f205f176-458a-11e4-9adb-5404a67455a1} - F:\AutoRun.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ALF-BanCo 5 Reminder.lnk
ShortcutTarget: ALF-BanCo 5 Reminder.lnk -> D:\Users\Hallingstrasse\ALFBanCo5\AlfReminder5.exe (Alf - AG)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WISO Mein Steuer-Sparbuch heute.lnk
ShortcutTarget: WISO Mein Steuer-Sparbuch heute.lnk -> C:\Program Files (x86)\WISO\Steuersoftware 2014\mshaktuell.exe ()
Startup: C:\Users\schingels\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Intel(R) Turbo Boost Technology Monitor 2.0.lnk
ShortcutTarget: Intel(R) Turbo Boost Technology Monitor 2.0.lnk -> C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe (Intel® Corporation)
Startup: C:\Users\schingels\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\WISO Mein Steuer-Sparbuch heute.lnk
ShortcutTarget: WISO Mein Steuer-Sparbuch heute.lnk -> C:\WISO\Steuersoftware 2013\mshaktuell.exe ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x55244F9E94E0CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - DefaultScope {8C6C6B5A-5D45-4A7C-8C98-1B520D0A59BD} URL = https://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=242154&p={searchTerms}
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
SearchScopes: HKCU - {8C6C6B5A-5D45-4A7C-8C98-1B520D0A59BD} URL = https://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=242154&p={searchTerms}
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll (IObit)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: CBAbzockschutz.InitToolbarBHO -> {2e250b90-0e7a-42a3-9d65-e39f9f227fa4} -> C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Steganos Password Manager Toolbar - {9C65D12D-CF9D-454D-8049-61965D8C6FFF} -  No File
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM-x32 - COMPUTERBILD-Abzockschutz - {353e2a48-6254-4bd3-88f4-3b51a0ca7870} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKU\S-1-5-21-733679015-3351541572-3055150241-1001 -> Steganos Password Manager Toolbar - {9C65D12D-CF9D-454D-8049-61965D8C6FFF} -  No File
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: HKLM-x32 {1E54D648-B804-468d-BC78-4AFFED8E262F} hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{18635B9F-3EC8-4E9F-ADBE-EE60B251079C}: [NameServer] 193.189.244.225 193.189.244.206
Tcpip\..\Interfaces\{D94CFAFC-2545-4C5E-8871-4214E8A4994F}: [NameServer] 193.189.244.206 193.189.244.225
Tcpip\..\Interfaces\{E071EBF2-D3EB-4FB6-BDD2-6F1420F55AEE}: [NameServer] 193.189.244.225 193.189.244.206

FireFox:
========
FF ProfilePath: C:\Users\schingels\AppData\Roaming\Mozilla\Firefox\Profiles\yum8w33i.default
FF DefaultSearchEngine: Yahoo!
FF SelectedSearchEngine: Yahoo!
FF Homepage: hxxp://www.nok21.de/wp-admin/edit.php
FF Keyword.URL: https://de.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=242154&p=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_223.dll ()
FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_223.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @mcafee.com/SAFFPlugin -> C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF user.js: detected! => C:\Users\schingels\AppData\Roaming\Mozilla\Firefox\Profiles\yum8w33i.default\user.js
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\schingels\AppData\Roaming\Mozilla\Firefox\Profiles\yum8w33i.default\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\schingels\AppData\Roaming\Mozilla\Firefox\Profiles\yum8w33i.default\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\schingels\AppData\Roaming\Mozilla\Firefox\Profiles\yum8w33i.default\searchplugins\webde-suche.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\ddg.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\McSiteAdvisor.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Widget context - C:\Users\schingels\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\{140A2D0E-85CC-4ed3-9BA5-8FA35DA7FABA}.xpi [2013-12-15]
FF Extension: Advanced SystemCare Surfing Protection - C:\Users\schingels\AppData\Roaming\Mozilla\Firefox\Profiles\yum8w33i.default\Extensions\iobitascsurfingprotection@iobit.com [2014-11-13]
FF Extension: GMX MailCheck - C:\Users\schingels\AppData\Roaming\Mozilla\Firefox\Profiles\yum8w33i.default\Extensions\toolbar@gmx.net [2014-11-11]
FF Extension: Bluhell Firewall - C:\Users\schingels\AppData\Roaming\Mozilla\Firefox\Profiles\yum8w33i.default\Extensions\{6BB5760D-F97E-421B-AF5B-8457A90C3CED}.xpi [2013-12-31]
FF Extension: Steganos VPN Utility Plugin for Firefox - C:\Users\schingels\AppData\Roaming\Mozilla\Firefox\Profiles\yum8w33i.default\Extensions\{85098EAB-B16C-4339-A7C4-B8F6B0FC3C3D}.xpi [2014-11-02]
FF Extension: Adblock Plus - C:\Users\schingels\AppData\Roaming\Mozilla\Firefox\Profiles\yum8w33i.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-09-11]
FF Extension: COMPUTERBILD-Abzockschutz - C:\Users\schingels\AppData\Roaming\Mozilla\Firefox\Profiles\yum8w33i.default\Extensions\{d49175b3-3fd8-43b8-b28e-da5d47f3c398}.xpi [2013-09-11]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2014-11-10]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2014-11-10]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2014-11-10]
FF HKLM-x32\...\Firefox\Extensions: [{00F0643E-B367-4779-B45D-7046EBA37A88}] - C:\Program Files (x86)\Steganos Privacy Suite 15\spmplugin3
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\anti_banner@kaspersky.com
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\online_banking@kaspersky.com
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2014-11-13]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2014-11-13]
FF Extension: No Name - {4ED1F68A-5463-4931-9384-8FFF5ED91D92} [Not Found]

Chrome: 
=======
CHR Profile: C:\Users\schingels\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (No Name) - C:\Users\schingels\AppData\Local\Google\Chrome\User Data\Default\Extensions\pigkdicgnehbfjnaopalgpelkbkcnbfa [2014-01-03]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2014-11-13]
CHR HKLM-x32\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\online_banking_chrome.crx [2014-11-13]
CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\ab.crx [2014-11-13]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 0287501415947404mcinstcleanup; C:\Windows\TEMP\028750~1.EXE [836168 2014-03-13] (McAfee, Inc.)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2436280 2014-09-25] (Microsoft Corporation)
S2 Dnscache; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S2 Dnscache; C:\Windows\SysWOW64\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] ()
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2283296 2014-11-11] (IObit)
R2 McAfee SiteAdvisor Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [178528 2014-04-25] (McAfee, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [603424 2014-09-04] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1041192 2014-08-20] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-06-20] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [189912 2014-06-20] (McAfee, Inc.)
S2 Mobile Partner. RunOuc; D:\Users\Backup Handy\Mobile Partner\UpdateDog\ouc.exe [239968 2014-09-27] ()
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [2589496 2014-10-17] (AVG Technologies)
R2 UI Assistant Service; D:\Benutzer\1&1 Surf-Stick\AssistantServices.exe [253264 2010-09-30] ()
S2 WiseBootAssistant; C:\Program Files (x86)\Wise\Wise Care 365\BootTime.exe [580232 2014-07-07] (WiseCleaner.com)
R2 WO_LiveService2; D:\Users\Ashampoo Internet Accelerator 3\Ashampoo WinOptimizer 11\LiveTunerService.exe [223600 2014-08-05] ()

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R0 53413803; C:\Windows\System32\DRIVERS\53413803.sys [460888 2013-10-13] (Kaspersky Lab ZAO)
S1 9152490drv; C:\Windows\System32\DRIVERS\9152490drv.sys [556632 2013-10-13] (Kaspersky Lab)
S3 BioNTDrv; C:\Program Files\Paragon Software\Backup and Recovery 2014 Free\program\BioNTDrv.SYS [18696 2014-05-19] (Paragon Software Group)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [72128 2014-06-20] (McAfee, Inc.)
S3 esgiguard; No ImagePath
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2014-11-07] ()
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
R2 LiveTuner2PM; D:\Users\Ashampoo Internet Accelerator 3\Ashampoo WinOptimizer 11\LiveTuner64.sys [14320 2014-03-20] ()
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [181704 2014-06-20] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [313544 2014-06-20] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [523792 2014-06-20] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [786296 2014-06-20] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [445512 2014-08-20] (McAfee, Inc.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [96592 2014-08-20] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [348552 2014-06-20] (McAfee, Inc.)
R1 nvkflt; C:\Windows\System32\DRIVERS\nvkflt.sys [284448 2013-03-15] (NVIDIA Corporation)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R1 SLEE_18_DRIVER; C:\Windows\Sleen1864.sys [109144 2014-07-29] (Softwareentwicklung Remus - ArchiCrypt - )
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [14112 2014-09-09] (TuneUp Software)
R1 ui11rdr; C:\Windows\System32\DRIVERS\ui11rdr.sys [199752 2011-11-21] (1&1 Internet AG)
R1 UimBus; C:\Windows\System32\DRIVERS\UimBus.sys [102664 2014-05-19] ()
R1 Uim_DEVIM; C:\Windows\System32\DRIVERS\uim_devim.sys [25992 2014-05-19] ()
R1 Uim_IM; C:\Windows\System32\DRIVERS\uim_im.sys [700296 2014-05-19] ()
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2012-12-13] (Apple, Inc.) [File not signed]
S3 athr; system32\DRIVERS\athrx.sys [X]
U3 DfSdkS; No ImagePath
S0 kl1; system32\DRIVERS\kl1.sys [X]
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
S3 RSUSBVSTOR; System32\Drivers\RtsUVStor.sys [X]
U2 TMAgent; No ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-14 07:50 - 2014-11-14 07:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2014-11-13 22:06 - 2013-09-23 13:49 - 00197704 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\HipShieldK.sys
2014-11-13 21:30 - 2014-11-14 07:50 - 00001806 _____ () C:\Users\Public\Desktop\McAfee Internet Security.lnk
2014-11-13 21:29 - 2014-11-14 07:43 - 00000000 ____D () C:\Program Files (x86)\McAfee
2014-11-13 21:29 - 2014-11-13 21:29 - 00000000 ____D () C:\Program Files\McAfee.com
2014-11-13 21:29 - 2014-11-13 21:29 - 00000000 ____D () C:\Program Files (x86)\McAfee.com
2014-11-13 21:29 - 2014-06-20 10:38 - 00072128 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\cfwids.sys
2014-11-13 21:29 - 2014-06-20 10:23 - 00523792 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\mfefirek.sys
2014-11-13 21:29 - 2014-06-20 10:21 - 00313544 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\mfeavfk.sys
2014-11-13 16:09 - 2014-11-13 16:09 - 00002227 _____ () C:\Users\Public\Desktop\AVG 1-Klick-Wartung.lnk
2014-11-13 16:09 - 2014-11-13 16:09 - 00002215 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp 2015.lnk
2014-11-13 16:09 - 2014-11-13 16:09 - 00002203 _____ () C:\Users\Public\Desktop\AVG PC TuneUp 2015.lnk
2014-11-13 16:09 - 2014-11-13 16:09 - 00000000 ____D () C:\Users\schingels\AppData\Roaming\AVG
2014-11-13 16:09 - 2014-11-13 16:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp 2015
2014-11-13 16:09 - 2014-11-13 16:09 - 00000000 ____D () C:\Program Files (x86)\AVG
2014-11-13 16:09 - 2014-10-17 12:34 - 00040248 _____ (AVG Technologies) C:\Windows\system32\TURegOpt.exe
2014-11-13 16:09 - 2014-10-17 12:34 - 00029496 _____ (AVG Technologies) C:\Windows\system32\authuitu.dll
2014-11-13 16:09 - 2014-10-17 12:34 - 00025400 _____ (AVG Technologies) C:\Windows\SysWOW64\authuitu.dll
2014-11-13 16:08 - 2014-11-13 16:08 - 00000000 ____D () C:\Users\schingels\AppData\Local\Avg
2014-11-13 16:05 - 2014-11-13 16:12 - 00000000 ____D () C:\ProgramData\AVG
2014-11-13 14:00 - 2014-11-13 14:00 - 00002982 _____ () C:\Windows\System32\Tasks\{84DD6ED7-F7B5-48B4-98D6-2A9A25D7C8E8}
2014-11-13 13:50 - 2014-11-13 13:50 - 00002982 _____ () C:\Windows\System32\Tasks\{1953C392-23DC-4B98-AD0E-127D828D83ED}
2014-11-13 13:14 - 2014-11-13 13:14 - 00113432 _____ () C:\Users\schingels\AppData\Local\GDIPFONTCACHEV1.DAT
2014-11-13 13:12 - 2014-11-14 07:35 - 00000168 _____ () C:\Windows\setupact.log
2014-11-13 13:12 - 2014-11-14 07:34 - 00004454 _____ () C:\Windows\PFRO.log
2014-11-13 13:12 - 2014-11-13 13:12 - 00442360 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-13 13:12 - 2014-11-13 13:12 - 00000000 _____ () C:\Windows\setuperr.log
2014-11-13 11:00 - 2014-11-13 11:00 - 00000000 ____D () C:\Windows\System32\Tasks\Apple
2014-11-13 10:19 - 2014-11-13 10:19 - 00000000 __SHD () C:\Users\schingels\AppData\Local\EmieBrowserModeList
2014-11-13 08:55 - 2014-11-13 08:55 - 00098686 _____ () C:\ProgramData\1415864349.bdinstall.bin
2014-11-13 08:39 - 2014-11-13 08:39 - 00037852 _____ () C:\ProgramData\1415864347.bdinstall.bin
2014-11-13 00:54 - 2014-11-13 00:54 - 00000000 ____D () C:\ProgramData\bdch
2014-11-12 21:02 - 2014-11-12 21:02 - 00000000 ____D () C:\Windows\Tasks\ImCleanDisabled
2014-11-12 19:43 - 2014-11-12 19:43 - 00003286 _____ () C:\Windows\System32\Tasks\RunAsStdUser Task
2014-11-12 18:45 - 2014-11-13 09:40 - 00000000 ____D () C:\Users\schingels\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Moo0
2014-11-12 18:45 - 2014-11-13 09:40 - 00000000 ____D () C:\Program Files (x86)\Moo0
2014-11-12 18:09 - 2014-11-12 18:09 - 00319912 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-11-12 18:09 - 2014-11-12 18:09 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-11-12 18:09 - 2014-11-12 18:09 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-11-12 18:09 - 2014-11-12 18:09 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-11-12 18:09 - 2014-11-12 18:09 - 00000000 ____D () C:\Program Files\Java
2014-11-12 09:19 - 2014-06-04 15:17 - 00034080 _____ (IObit) C:\Windows\system32\SmartDefragBootTime.exe
2014-11-12 09:18 - 2014-06-04 15:17 - 00128288 _____ (IObit) C:\Windows\system32\IObitSmartDefragExtension.dll
2014-11-12 09:16 - 2014-11-12 15:09 - 00002862 _____ () C:\Windows\System32\Tasks\Driver Booster SkipUAC (schingels)
2014-11-12 07:18 - 2014-11-07 20:49 - 00388272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-11-12 07:18 - 2014-11-07 20:23 - 00341168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-11-12 07:18 - 2014-11-06 05:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-11-12 07:18 - 2014-11-06 05:03 - 25110016 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-11-12 07:18 - 2014-11-06 05:03 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-11-12 07:18 - 2014-11-06 04:47 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-11-12 07:18 - 2014-11-06 04:46 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-11-12 07:18 - 2014-11-06 04:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-11-12 07:18 - 2014-11-06 04:44 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-11-12 07:18 - 2014-11-06 04:43 - 02884096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-11-12 07:18 - 2014-11-06 04:36 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-11-12 07:18 - 2014-11-06 04:35 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-11-12 07:18 - 2014-11-06 04:31 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-11-12 07:18 - 2014-11-06 04:30 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-11-12 07:18 - 2014-11-06 04:30 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-11-12 07:18 - 2014-11-06 04:29 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-11-12 07:18 - 2014-11-06 04:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-11-12 07:18 - 2014-11-06 04:23 - 06040064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-11-12 07:18 - 2014-11-06 04:20 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-11-12 07:18 - 2014-11-06 04:16 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-11-12 07:18 - 2014-11-06 04:13 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-11-12 07:18 - 2014-11-06 04:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-11-12 07:18 - 2014-11-06 04:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-11-12 07:18 - 2014-11-06 04:10 - 19781632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-11-12 07:18 - 2014-11-06 04:10 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-11-12 07:18 - 2014-11-06 04:07 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-11-12 07:18 - 2014-11-06 04:05 - 02277376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-11-12 07:18 - 2014-11-06 04:04 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-11-12 07:18 - 2014-11-06 04:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-11-12 07:18 - 2014-11-06 04:02 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-11-12 07:18 - 2014-11-06 04:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-11-12 07:18 - 2014-11-06 04:00 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-11-12 07:18 - 2014-11-06 03:59 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-11-12 07:18 - 2014-11-06 03:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-11-12 07:18 - 2014-11-06 03:57 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-11-12 07:18 - 2014-11-06 03:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-11-12 07:18 - 2014-11-06 03:42 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-11-12 07:18 - 2014-11-06 03:41 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-11-12 07:18 - 2014-11-06 03:41 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-11-12 07:18 - 2014-11-06 03:39 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-11-12 07:18 - 2014-11-06 03:38 - 02124288 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-11-12 07:18 - 2014-11-06 03:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-11-12 07:18 - 2014-11-06 03:36 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-11-12 07:18 - 2014-11-06 03:34 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-11-12 07:18 - 2014-11-06 03:30 - 14390272 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-11-12 07:18 - 2014-11-06 03:22 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-11-12 07:18 - 2014-11-06 03:21 - 04298240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-11-12 07:18 - 2014-11-06 03:21 - 02051072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-11-12 07:18 - 2014-11-06 03:20 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-11-12 07:18 - 2014-11-06 03:17 - 02365440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-11-12 07:18 - 2014-11-06 03:04 - 01550336 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-11-12 07:18 - 2014-11-06 03:03 - 12819456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-11-12 07:18 - 2014-11-06 02:53 - 00799232 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-11-12 07:18 - 2014-11-06 02:52 - 01892864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-11-12 07:18 - 2014-11-06 02:48 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-11-12 07:18 - 2014-11-06 02:47 - 00708096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-11-12 07:18 - 2014-11-05 18:56 - 00304640 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-11-12 07:18 - 2014-11-05 18:56 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-11-12 07:18 - 2014-11-05 18:52 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-11-12 07:18 - 2014-10-14 03:16 - 00155064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-11-12 07:18 - 2014-10-14 03:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-11-12 07:18 - 2014-10-14 03:12 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-11-12 07:18 - 2014-10-14 03:09 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2014-11-12 07:18 - 2014-10-14 03:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-11-12 07:18 - 2014-10-14 02:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-11-12 07:18 - 2014-10-14 02:49 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-11-12 07:18 - 2014-10-14 02:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2014-11-12 07:18 - 2014-10-14 02:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2014-11-12 07:17 - 2014-10-25 02:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-11-12 07:17 - 2014-10-25 02:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-11-12 07:17 - 2014-10-14 03:13 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-11-12 07:17 - 2014-10-14 02:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-11-12 07:17 - 2014-10-10 01:57 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-11-12 07:17 - 2014-10-03 03:12 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-11-12 07:17 - 2014-10-03 03:11 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-11-12 07:17 - 2014-10-03 03:11 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-11-12 07:17 - 2014-10-03 03:11 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-11-12 07:17 - 2014-10-03 03:11 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-11-12 07:17 - 2014-10-03 02:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-11-12 07:17 - 2014-10-03 02:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-11-12 07:17 - 2014-10-03 02:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-11-12 07:17 - 2014-09-19 10:42 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-12 07:17 - 2014-09-19 10:42 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-11-12 07:17 - 2014-09-19 10:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-11-12 07:17 - 2014-09-19 10:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-11-12 07:17 - 2014-09-19 10:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-11-12 07:17 - 2014-09-19 10:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-11-12 07:17 - 2014-09-19 10:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-11-12 07:17 - 2014-09-19 10:23 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-11-12 07:17 - 2014-09-19 10:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-11-12 07:17 - 2014-09-19 10:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-11-12 07:17 - 2014-09-19 10:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-11-12 07:17 - 2014-09-19 10:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-11-12 07:17 - 2014-09-19 10:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-11-12 07:17 - 2014-09-19 10:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-11-12 07:17 - 2014-08-21 07:43 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-11-12 07:17 - 2014-08-21 07:40 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-11-12 07:17 - 2014-08-21 07:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-11-12 07:17 - 2014-08-21 07:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-11-12 07:17 - 2014-08-12 03:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2014-11-12 07:17 - 2014-08-12 02:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2014-11-12 07:16 - 2014-10-18 03:05 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-11-12 07:16 - 2014-10-18 02:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-11-11 18:23 - 2014-11-11 19:27 - 00000000 ____D () C:\Program Files (x86)\Kaspersky Lab
2014-11-11 18:23 - 2014-11-11 18:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security 2013
2014-11-11 09:20 - 2014-11-13 21:12 - 00000000 ____D () C:\ProgramData\ProductData
2014-11-11 09:20 - 2014-11-13 13:12 - 00000000 ____D () C:\Program Files (x86)\IObit
2014-11-11 09:20 - 2014-11-12 09:16 - 00000000 ____D () C:\Users\schingels\AppData\Roaming\IObit
2014-11-11 09:20 - 2014-11-12 09:16 - 00000000 ____D () C:\ProgramData\IObit
2014-11-11 09:20 - 2014-11-11 09:20 - 00002894 _____ () C:\Windows\System32\Tasks\Uninstaller_SkipUac_schingels
2014-11-11 09:20 - 2014-11-11 09:20 - 00001254 _____ () C:\Users\schingels\AppData\Roaming\Microsoft\Windows\Start Menu\Uninstall Programs.lnk
2014-11-11 09:20 - 2014-11-11 09:20 - 00001230 _____ () C:\Users\Public\Desktop\IObit Uninstaller.lnk
2014-11-11 09:20 - 2014-11-11 09:20 - 00000000 ____D () C:\Users\schingels\AppData\Roaming\ProductData
2014-11-11 09:18 - 2014-11-11 09:18 - 00210757 _____ () C:\ProgramData\1415693093.bdinstall.bin
2014-11-11 09:04 - 2014-11-11 09:07 - 00000000 ____D () C:\Users\schingels\AppData\Roaming\QuickScan
2014-11-10 16:00 - 2014-11-10 16:00 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-11-10 15:00 - 2014-11-10 15:00 - 00000000 ____D () C:\Program Files (x86)\Google
2014-11-10 14:42 - 2014-11-10 14:42 - 00002687 _____ () C:\Users\schingels\Desktop\JRT.txt
2014-11-09 16:47 - 2014-11-11 00:20 - 00000000 ____D () C:\ProgramData\Package Cache
2014-11-09 16:47 - 2014-11-09 16:47 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-11-09 16:45 - 2014-11-09 16:45 - 00000000 ____D () C:\Users\schingels\AppData\Roaming\Avira
2014-11-09 16:25 - 2014-11-11 00:20 - 00000000 ____D () C:\Users\schingels\AppData\Local\Tempf7eddb6ee0afd360be7fc7f5e70ab6ce
2014-11-09 16:25 - 2014-11-11 00:20 - 00000000 ____D () C:\Users\schingels\AppData\Local\Temp991f313088b215d209d2d97e3c209801
2014-11-09 16:25 - 2014-11-11 00:20 - 00000000 ____D () C:\Users\schingels\AppData\Local\Temp1270dc5f1665619a7e9941f8e54ac8ef
2014-11-07 10:44 - 2014-11-07 10:44 - 00003350 _____ () C:\Windows\System32\Tasks\SpyHunter4Startup
2014-11-07 10:44 - 2014-11-07 10:44 - 00000000 ____D () C:\Users\schingels\AppData\Roaming\Enigma Software Group
2014-11-07 10:44 - 2014-11-07 10:44 - 00000000 ____D () C:\sh4ldr
2014-11-07 09:12 - 2014-11-07 10:44 - 00022704 _____ () C:\Windows\system32\Drivers\EsgScanner.sys
2014-11-07 09:12 - 2014-11-07 10:43 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-11-07 08:38 - 2014-11-14 07:33 - 00456054 _____ () C:\Windows\WindowsUpdate.log
2014-11-07 08:28 - 2014-11-07 08:28 - 00000000 ____D () C:\Users\schingels\AppData\Local\Tempad3126ee63524b68efcd1700a6640da9
2014-11-07 08:28 - 2014-11-07 08:28 - 00000000 ____D () C:\Users\schingels\AppData\Local\Temp68d1ed6af116173792cd0c0fe2aaeb86
2014-11-06 07:53 - 2014-11-14 08:00 - 00000000 ____D () C:\FRST
2014-11-05 10:16 - 2014-11-05 10:16 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-11-04 06:32 - 2014-09-05 03:11 - 06584320 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-11-04 06:32 - 2014-09-05 02:52 - 05703168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-11-02 09:37 - 2013-10-02 03:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2014-11-02 09:37 - 2013-10-02 03:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2014-11-02 09:37 - 2013-10-02 03:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2014-11-02 09:37 - 2013-10-02 02:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2014-11-02 09:37 - 2013-10-02 02:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2014-11-02 09:37 - 2013-10-02 02:29 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-11-02 09:37 - 2013-10-02 02:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2014-11-02 09:37 - 2013-10-02 01:15 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2014-11-02 09:37 - 2013-10-02 01:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2014-11-02 09:37 - 2013-10-02 01:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2014-11-02 09:37 - 2013-10-02 01:08 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2014-11-02 09:37 - 2013-10-02 01:01 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2014-11-02 09:37 - 2013-10-02 00:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-11-02 09:37 - 2013-10-02 00:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-11-02 09:37 - 2013-10-02 00:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2014-11-02 09:37 - 2013-10-01 23:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-10-31 21:24 - 2014-10-31 21:24 - 00000904 _____ () C:\Users\schingels\Desktop\TapinRadio.lnk
2014-10-31 21:24 - 2014-10-31 21:24 - 00000000 ____D () C:\Users\schingels\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TapinRadio
2014-10-21 10:03 - 2014-11-07 07:05 - 00003156 _____ () C:\Windows\System32\Tasks\AdvancedDriverUpdaterRunAtStartup
2014-10-21 09:50 - 2014-10-21 09:50 - 00000987 _____ () C:\Users\Public\Desktop\Ashampoo Internet Accelerator 3.lnk
2014-10-21 08:18 - 2014-10-21 10:01 - 00000454 _____ () C:\Windows\Tasks\One-Click Optimizer WO11.job
2014-10-21 08:18 - 2014-10-21 08:18 - 00003294 _____ () C:\Windows\System32\Tasks\One-Click Optimizer WO11
2014-10-21 08:16 - 2014-10-21 08:16 - 00001226 _____ () C:\Users\Public\Desktop\Ein-Klick-Optimierung (WO11).lnk
2014-10-21 08:16 - 2014-10-21 08:16 - 00000974 _____ () C:\Users\Public\Desktop\Ashampoo WinOptimizer 11.lnk
2014-10-17 08:27 - 2014-11-12 14:47 - 04918960 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-10-16 06:38 - 2014-06-18 23:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-10-16 06:38 - 2014-06-18 23:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2014-10-16 06:38 - 2014-06-18 23:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2014-10-16 06:38 - 2014-06-18 23:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-10-16 06:38 - 2014-06-18 23:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2014-10-16 06:38 - 2014-06-18 23:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-10-16 06:37 - 2014-09-04 06:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-10-16 06:37 - 2014-09-04 06:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-10-16 06:37 - 2014-08-29 03:07 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-10-16 06:37 - 2014-07-17 03:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-10-16 06:37 - 2014-07-17 03:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2014-10-16 06:37 - 2014-07-17 03:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-10-16 06:37 - 2014-07-17 02:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2014-10-16 06:37 - 2014-07-17 02:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-10-16 06:37 - 2014-07-17 02:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-14 07:57 - 2014-08-28 11:17 - 00005168 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for schingels-PC-schingels schingels-PC
2014-11-14 07:47 - 2013-09-10 17:57 - 00000000 ____D () C:\Users\schingels\AppData\Roaming\Wise Care 365
2014-11-14 07:46 - 2013-09-10 18:00 - 00000430 _____ () C:\Windows\Tasks\Wise Care 365.job
2014-11-14 07:46 - 2013-09-10 17:03 - 00002056 _____ () C:\Users\Public\Desktop\Wise Care 365.lnk
2014-11-14 07:43 - 2009-07-14 05:45 - 00009696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-14 07:43 - 2009-07-14 05:45 - 00009696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-14 07:35 - 2013-10-14 19:23 - 00000000 ____D () C:\Program Files\Common Files\McAfee
2014-11-14 07:35 - 2013-10-14 18:28 - 00000000 ____D () C:\ProgramData\McAfee
2014-11-14 07:35 - 2011-11-23 15:28 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-11-14 07:35 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-13 21:30 - 2013-10-14 19:23 - 00000000 ____D () C:\Program Files\McAfee
2014-11-13 16:34 - 2013-12-22 15:36 - 00000000 ____D () C:\Program Files\stinger
2014-11-13 16:08 - 2013-09-10 17:58 - 00000000 ____D () C:\Program Files (x86)\TuneUp Utilities 2013
2014-11-13 14:06 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-11-13 13:12 - 2014-07-30 13:47 - 00000000 __SHD () C:\Nsi.pending
2014-11-13 10:13 - 2013-12-27 17:39 - 00000000 ____D () C:\Users\schingels\AppData\Roaming\Steganos
2014-11-13 09:36 - 2013-11-08 14:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2014-11-13 09:16 - 2011-04-13 03:47 - 00000000 ____D () C:\Program Files (x86)\ASUS
2014-11-13 09:06 - 2014-08-28 07:29 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-11-13 08:15 - 2014-06-24 09:31 - 00000000 ____D () C:\Users\schingels\AppData\Local\620966BE-20EC-402D-ADC7-17A075A3742B.aplzod
2014-11-13 07:55 - 2014-02-18 15:03 - 00000000 ____D () C:\Users\schingels\Documents\Mein Steuer-Sparbuch Heute
2014-11-12 22:30 - 2011-11-23 15:31 - 00000000 ____D () C:\Program Files (x86)\Realtek
2014-11-12 22:30 - 2011-11-23 15:22 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-11-12 21:19 - 2011-11-23 15:45 - 00004140 _____ () C:\Windows\system32\AutoRunFilter.ini
2014-11-12 20:43 - 2013-04-02 19:22 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-11-12 16:58 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-11-12 15:32 - 2013-04-02 19:22 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-11-12 15:32 - 2012-05-27 21:29 - 00000000 ____D () C:\Users\schingels\AppData\Local\Adobe
2014-11-12 15:32 - 2012-04-02 17:26 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-11-12 15:32 - 2011-12-25 20:29 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-11-12 15:20 - 2012-05-27 21:28 - 00000000 ____D () C:\ProgramData\Adobe
2014-11-12 15:07 - 2011-11-23 15:45 - 00002660 _____ () C:\Windows\system32\ServiceFilter.ini
2014-11-12 14:43 - 2014-05-01 05:25 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-11-12 08:59 - 2014-01-21 20:01 - 00000000 ____D () C:\AdwCleaner
2014-11-12 08:45 - 2009-07-29 07:03 - 00000000 ____D () C:\Windows\Panther
2014-11-12 07:43 - 2013-07-19 23:02 - 00000000 ____D () C:\Windows\system32\MRT
2014-11-12 07:36 - 2011-12-16 00:45 - 103374192 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-11-11 19:27 - 2014-01-21 17:53 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-11-11 18:48 - 2013-09-10 16:51 - 00000000 ____D () C:\Program Files (x86)\COMPUTERBILD-Abzockschutz
2014-11-11 18:33 - 2013-10-11 18:16 - 00000000 ____D () C:\ProgramData\Apple
2014-11-11 18:33 - 2013-10-11 18:16 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-11-11 18:26 - 2012-02-26 23:04 - 00000000 ____D () C:\Users\schingels\AppData\Roaming\DVDVideoSoft
2014-11-11 18:23 - 2012-09-03 19:25 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-11-11 18:18 - 2011-11-23 15:41 - 00000000 ____D () C:\Program Files (x86)\Renesas Electronics
2014-11-11 17:55 - 2011-12-15 19:45 - 00000000 ___HD () C:\ASUS.DAT
2014-11-11 17:55 - 2011-11-23 15:50 - 00000000 ____D () C:\Program Files (x86)\CyberLink
2014-11-11 17:55 - 2011-11-23 15:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS Utility
2014-11-11 17:52 - 2011-11-23 15:50 - 00000000 ____D () C:\ProgramData\CyberLink
2014-11-11 09:30 - 2013-10-21 19:34 - 00000000 ____D () C:\Program Files (x86)\concept design
2014-11-11 09:22 - 2013-10-11 18:18 - 00000000 ____D () C:\Users\schingels\AppData\Roaming\Apple Computer
2014-11-11 00:20 - 2013-10-23 19:04 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2014-11-11 00:20 - 2011-11-23 15:44 - 00000000 ____D () C:\ProgramData\P4G
2014-11-11 00:20 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration
2014-11-10 20:42 - 2013-09-12 07:13 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-11-10 15:36 - 2011-12-15 19:44 - 00000000 ____D () C:\Users\schingels
2014-11-09 16:47 - 2013-10-13 19:33 - 00000000 ____D () C:\ProgramData\Avira
2014-11-04 08:08 - 2009-07-14 06:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-11-04 06:31 - 2011-02-19 05:24 - 00730014 _____ () C:\Windows\system32\perfh007.dat
2014-11-04 06:31 - 2011-02-19 05:24 - 00159592 _____ () C:\Windows\system32\perfc007.dat
2014-11-04 06:31 - 2009-07-14 06:13 - 01690812 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-03 10:59 - 2012-05-01 12:44 - 00000000 ____D () C:\Users\schingels\AppData\Local\Windows Live
2014-11-02 10:03 - 2012-10-07 21:13 - 00000000 ____D () C:\Windows\SysWOW64\NV
2014-11-02 10:03 - 2012-10-07 21:13 - 00000000 ____D () C:\Windows\system32\NV
2014-11-02 10:02 - 2009-07-14 04:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-11-01 09:56 - 2009-07-14 06:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-10-31 13:22 - 2014-03-11 17:30 - 00000000 ____D () C:\Users\schingels\AppData\Roaming\ALFBanCo5
2014-10-31 13:22 - 2014-03-11 17:30 - 00000000 ____D () C:\ProgramData\AlfBanCo5
2014-10-31 05:06 - 2014-08-22 05:17 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-10-31 05:06 - 2014-08-22 05:17 - 00000000 ____D () C:\Program Files (x86)\Java
2014-10-27 08:57 - 2014-08-22 14:46 - 00000000 ____D () C:\Users\schingels\AppData\Roaming\Steganos VPN
2014-10-24 08:05 - 2014-01-29 17:09 - 00000000 ____D () C:\Users\schingels\AppData\Local\Microsoft Help
2014-10-24 08:05 - 2013-09-11 08:16 - 00003704 _____ () C:\Windows\System32\Tasks\Java Update Scheduler
2014-10-24 06:39 - 2013-11-01 20:51 - 00000000 ____D () C:\ProgramData\Oracle
2014-10-24 06:39 - 2013-11-01 20:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-10-24 05:55 - 2013-09-10 17:48 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-10-22 06:20 - 2013-10-11 18:17 - 00000000 ____D () C:\Users\schingels\AppData\Local\Apple
2014-10-21 09:50 - 2013-09-10 16:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo
2014-10-21 09:50 - 2013-09-10 16:44 - 00000000 ____D () C:\ProgramData\ashampoo
2014-10-21 08:19 - 2013-09-10 16:52 - 00000000 ____D () C:\Users\schingels\AppData\Local\Ashampoo Photo Optimizer 4
2014-10-15 15:45 - 2013-10-27 23:28 - 00001332 _____ () C:\Windows\wininit.ini

Files to move or delete:
====================
C:\ProgramData\nud0repor.pad


Some content of TEMP:
====================
C:\Users\schingels\AppData\Local\Temp\0068581415910597mcinst.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2013-10-31 00:16

==================== End Of Log ============================

--- --- ---

--- --- ---

--- --- ---

--- --- ---

--- --- ---

Moin Moin aus dem Norden nach Bavaria. Bin Schwabe und mit 16 nach Hamburg gekommen , neu geboren in Hamburg, ;-) erstmal danke für deine Hilfe , habe mich jetzt an Anweisung gehalten, hatte zu wenig Erfahrung, jetzt hat geklappt , nur jetzt kam nur First.txt. Freundliche Grüsse Günther

Code:

ATTFilter

# AdwCleaner v4.101 - Bericht erstellt am 14/11/2014 um 09:11:03
# Aktualisiert 09/11/2014 von Xplode
# Database : 2014-11-13.1 [Live]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : schingels - SCHINGELS-PC
# Gestartet von : D:\Users\Downloads\adwcleaner_4.101.exe
# Option : Suchen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Datei Gefunden : C:\Users\schingels\AppData\Roaming\Mozilla\Firefox\Profiles\yum8w33i.default\user.js
Ordner Gefunden : C:\Users\schingels\AppData\Roaming\Bonanza
Ordner Gefunden : C:\Users\schingels\AppData\Roaming\Mozilla\Firefox\Profiles\mData\Extensions\sparpilot@sparpilot.com

***** [ Tasks ] *****

Task Gefunden : RunAsStdUser Task

***** [ Verknüpfungen ] *****

Code:

ATTFilter


~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\update buzzsearch
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\util buzzsearch



~~~ Files

Successfully deleted: [File] C:\Windows\Tasks\One-Click Optimizer WO11.job
Successfully deleted: [File] C:\Windows\Tasks\One-Click Optimizer.job
Successfully deleted: [File] "C:\Windows\wininit.ini"



~~~ Folders



~~~ FireFox

Successfully deleted: [Folder] C:\Users\schingels\AppData\Roaming\mozilla\firefox\profiles\yum8w33i.default\extensions\toolbar@gmx.net
Successfully deleted the following from C:\Users\schingels\AppData\Roaming\mozilla\firefox\profiles\yum8w33i.default\prefs.js

user_pref("browser.uiCustomization.state", "{\"placements\":{\"PanelUI-contents\":[\"edit-controls\",\"zoom-controls\",\"new-window-button\",\"privatebrowsing-button\",\"save-
user_pref("extensions.iobitascsurfingprotection@iobit.com.install-event-fired", true);
Emptied folder: C:\Users\schingels\AppData\Roaming\mozilla\firefox\profiles\yum8w33i.default\minidumps [7 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 14.11.2014 at  9:36:45,47
End of JRT log

Moin noch mal , alle 3 abgearbeitet, 1 gar nichts, 2 Protokolle geschickt. Lolipop war bis jetzt das schlimmste Spamprogramm, 1 hatte ich vor 3 Monaten schon selber wegbekommen. Das blinken nervt am meiste. Blöde, dass man sich so etwas einfängt. danke freundliche Grüsse Günther

schrauber · 15.11.2014, 10:04

BEstehen die Probleme noch? Wenn ja in welchem Browser?

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Downloade Dir bitte

SecurityCheck und:

Speichere es auf dem Desktop.
Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.

Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?

ggoettling · 16.11.2014, 18:22

Hallo bis jetzt hatte ich noch keinen
Erfolg.Bin in Lahnstein.Mein Browser
ist Firefox.Aber Explorer ist genauso a gegriffe
befallen von lollipop Freundliche Gruesse Guenther
und nur der Laptop.

Hallo Schrauber, ich sitze hier in Lahnstein , meine Frau macht einen Ernährungsberaterkurs, ich bin mit Tschibo extrem langsam im Netz, Vorteil, die Seite von Lollipop war einsehbar : Advs.adgorthms.com und beim googeln kam das anghängt bei raus. Ich fand aber nichts auf meinem Computer mit dem link. Hilft das weiter ? freundliche Grüsse Günther

Ungefähr 39.800 Ergebnisse (0,44 Sekunden)

Cookies helfen uns bei der Bereitstellung unserer Dienste. Durch die Nutzung unserer Dienste erklären Sie sich damit einverstanden, dass wir Cookies setzen.
Mehr erfahren
OK
Suchergebnisse

advs.adgorithms.com/
Aufgrund der robots.txt dieser Website ist keine Beschreibung für dieses Ergebnis verfügbar. Weitere Informationen
Adgorithms | Artificial Intelligence Advertising
adgorithms.com/Diese Seite übersetzen
Adgorithms has taken on the next step in the ad tech evolution. We have developed proprietary, decision making technology which automates all aspects of ...
‎Solutions - ‎Contact us - ‎About Us - ‎Technology
Adgorithms | Display Advertising_new
adgorithms.com/display-advertising/Diese Seite übersetzen
Display Advertising. As a performance advertising company, Adgorithms ...
Adgorithms | Solutions for advertisers_new
adgorithms.com/solutions-for-advertisers/Diese Seite übersetzen
Home · Solutions · Display · Mobile · Video ... Solutions for Advertisers ...
Adgorithms | Technology_new
adgorithms.com/technology/Diese Seite übersetzen
Our technology was built by marketers for marketers. All we did was take the ...
Squid Analysis Report Generator Squid User Access ...
https://cacti.eepis-its.edu/.../tt10.252.131.174-advs_...Diese Seite übersetzen
25.10.2014 - advs.adgorithms.com, 10/25/2014, 15:37:15. advs.adgorithms.com, 10/25/2014, 15:37:17. advs.adgorithms.com, 10/25/2014, 15:37:29.
Squid Analysis Report Generator Squid User Access ...
https://cacti.eepis-its.edu/.../tt10.252.111.141-advs_...Diese Seite übersetzen
26.10.2014 - advs.adgorithms.com, 10/26/2014, 16:43:24. advs.adgorithms.com, 10/26/2014, 16:43:25. advs.adgorithms.com, 10/26/2014, 16:46:53.
Advs.adgorithms.com Traffic Statistics by SimilarWeb
www.similarweb.com/website/advs.adgorithms.comDiese Seite übersetzen
Advs.adgorithms.com is ranked 0 in the world for Unknown. Get their full traffic statistics with SimilarWeb and uncover their online marketing strategy.
debian - How to block requests for virtual hosts that dont ...
serverfault.com/.../how-to-block-requests-for-virtual...Diese Seite übersetzen
11.04.2014 - XXXXXX.co.uk:80 216.244.68.216 - - [10/Apr/2014:14:57:15 +0000] "GET hxxp://advs.adgorithms.com/ttj?id=2440545 HTTP/1.0" 404 527 ...
Scan report for hxxp://advs.adgorithms.com/ttj?id ... - VirusTotal
https://www.virustotal.com/en/url/.../analysis/Diese Seite übersetzen
VirusTotal's URL scan report for at 2014-07-02 13:46:37 UTC. 1 out of 53 scanners detected the site as malicious.

Hier noch einmal die Seite, die hinter lollipop steht AppNexus

jetzt nur noch weg damit fg Günther Vermutlich ?

Hier noch einmal die Seite, die hinter lollipop steht AppNexus

jetzt nur noch weg damit fg Günther Vermutlich ?

schrauber · 17.11.2014, 11:10

Mach bitte den obigen Onlinescan. Dann FRST öffnen, Haken setzen bei Addition und scannen. Poste dann beide Logfiles.

ggoettling · 17.11.2014, 12:24

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 16-11-2014 03
Ran by schingels (administrator) on SCHINGELS-PC on 17-11-2014 12:16:46
Running from D:\Users\Downloads
Loaded Profile: schingels (Available profiles: schingels & UpdatusUser)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
() C:\ProgramData\DatacardService\HWDeviceService64.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
() C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
(AVG Technologies) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
() D:\Users\Ashampoo Internet Accelerator 3\Ashampoo WinOptimizer 11\LiveTunerService.exe
(McAfee, Inc.) C:\Program Files\McAfee\MSC\McAPExe.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
(AVG Technologies) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe
(WiseCleaner.com) C:\Program Files (x86)\Wise\Wise Care 365\WiseTray.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
() D:\Users\Backup Handy\Mobile Partner\Mobile Partner.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Ashampoo Development GmbH & Co. KG) D:\Users\Ashampoo Internet Accelerator 3\Ashampoo WinOptimizer 11\LiveTuner2.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Users\schingels\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Alf - AG) D:\Users\Hallingstrasse\ALFBanCo5\AlfReminder5.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Intel® Corporation) C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe
() C:\WISO\Steuersoftware 2013\mshaktuell.exe
(ASUS) C:\Windows\AsScrPro.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Intel(R) Corporation) C:\Program Files\Intel\TurboBoost\TurboBoost.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\csisyncclient.exe
(Ashampoo GmbH & Co. KG) D:\Users\Downloads\Ashampoo Internet Accelerator 3\iac3.exe
(AVG Technologies) C:\Program Files (x86)\AVG\AVG PC TuneUp\OneClick.exe
(AVG Technologies) C:\Program Files (x86)\AVG\AVG PC TuneUp\TUDefragBackend64.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2587944 2010-12-31] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2213992 2011-05-12] (Realtek Semiconductor)
HKLM\...\Run: [Ashampoo WinOptimizer Live-Tuner2] => D:\Users\Ashampoo Internet Accelerator 3\Ashampoo WinOptimizer 11\LiveTuner2.exe [3516784 2014-08-05] (Ashampoo Development GmbH & Co. KG)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [2018032 2011-04-13] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [UIExec] => D:\Benutzer\1&1 Surf-Stick\UIExec.exe [139088 2010-09-30] ()
HKLM-x32\...\Run: [mcui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-04-25] (McAfee, Inc.)
HKLM-x32\...\Run: [ASUS Screen Saver Protector] => C:\Windows\AsScrPro.exe [3058304 2014-01-22] (ASUS)
HKLM-x32\...\Run: [COMPUTERBILD-Abzockschutz] => C:\Program Files (x86)\COMPUTERBILD-Abzockschutz\bin\COMPUTERBILD-Abzockschutz.exe [537664 2014-06-19] (J3S GmbH)
HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-04-25] (McAfee, Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-733679015-3351541572-3055150241-1001\...\Run: [1&1_1&1 Upload-Manager] => D:\Users\Downloads\DAVSRV.EXE [989264 2011-11-21] (1&1 Internet AG)
HKU\S-1-5-21-733679015-3351541572-3055150241-1001\...\Run: [SkyDrive] => C:\Users\schingels\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [277672 2014-10-09] (Microsoft Corporation)
HKU\S-1-5-21-733679015-3351541572-3055150241-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-733679015-3351541572-3055150241-1001\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-733679015-3351541572-3055150241-1001\...\MountPoints2: {c1225048-15de-11e1-b0e7-806e6f6e6963} - E:\autostart.exe
HKU\S-1-5-21-733679015-3351541572-3055150241-1001\...\MountPoints2: {e8ee4c17-46ef-11e4-bbab-001e101f82a7} - F:\AutoRun.exe
HKU\S-1-5-21-733679015-3351541572-3055150241-1001\...\MountPoints2: {e8ee4c2f-46ef-11e4-bbab-001e101f82a7} - F:\AutoRun.exe
HKU\S-1-5-21-733679015-3351541572-3055150241-1001\...\MountPoints2: {e8ee4cab-46ef-11e4-bbab-001e101f82a7} - F:\AutoRun.exe
HKU\S-1-5-21-733679015-3351541572-3055150241-1001\...\MountPoints2: {f205f158-458a-11e4-9adb-5404a67455a1} - F:\AutoRun.exe
HKU\S-1-5-21-733679015-3351541572-3055150241-1001\...\MountPoints2: {f205f176-458a-11e4-9adb-5404a67455a1} - F:\AutoRun.exe
IFEO\taskmgr.exe: [Debugger] C:\Program Files (x86)\AVG\AVG PC TuneUp\PMLauncher.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ALF-BanCo 5 Reminder.lnk
ShortcutTarget: ALF-BanCo 5 Reminder.lnk -> D:\Users\Hallingstrasse\ALFBanCo5\AlfReminder5.exe (Alf - AG)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WISO Mein Steuer-Sparbuch heute.lnk
ShortcutTarget: WISO Mein Steuer-Sparbuch heute.lnk -> C:\Program Files (x86)\WISO\Steuersoftware 2014\mshaktuell.exe ()
Startup: C:\Users\schingels\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Intel(R) Turbo Boost Technology Monitor 2.0.lnk
ShortcutTarget: Intel(R) Turbo Boost Technology Monitor 2.0.lnk -> C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe (Intel® Corporation)
Startup: C:\Users\schingels\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\WISO Mein Steuer-Sparbuch heute.lnk
ShortcutTarget: WISO Mein Steuer-Sparbuch heute.lnk -> C:\WISO\Steuersoftware 2013\mshaktuell.exe ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled.
ProxyServer: [.DEFAULT] => http=127.0.0.1:8897;https=127.0.0.1:8897;ftp=localhost:8123;socks=localhost:8123
HKU\S-1-5-21-733679015-3351541572-3055150241-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/
HKU\S-1-5-21-733679015-3351541572-3055150241-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x55244F9E94E0CE01
HKU\S-1-5-21-733679015-3351541572-3055150241-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - DefaultScope {AE4D481E-A7DF-46AB-B716-E2C57980ECE9} URL = hxxp://de.search.yahoo.com/search?fr=mcafee&type=A011DE843&p={SearchTerms}
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
SearchScopes: HKCU - {8C6C6B5A-5D45-4A7C-8C98-1B520D0A59BD} URL = https://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=242154&p={searchTerms}
SearchScopes: HKCU - {AE4D481E-A7DF-46AB-B716-E2C57980ECE9} URL = hxxp://de.search.yahoo.com/search?fr=mcafee&type=A011DE843&p={SearchTerms}
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll (IObit)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: CBAbzockschutz.InitToolbarBHO -> {2e250b90-0e7a-42a3-9d65-e39f9f227fa4} -> C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Steganos Password Manager Toolbar - {9C65D12D-CF9D-454D-8049-61965D8C6FFF} -  No File
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM-x32 - COMPUTERBILD-Abzockschutz - {353e2a48-6254-4bd3-88f4-3b51a0ca7870} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKU\S-1-5-21-733679015-3351541572-3055150241-1001 -> Steganos Password Manager Toolbar - {9C65D12D-CF9D-454D-8049-61965D8C6FFF} -  No File
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: HKLM-x32 {1E54D648-B804-468d-BC78-4AFFED8E262F} hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
Tcpip\..\Interfaces\{18635B9F-3EC8-4E9F-ADBE-EE60B251079C}: [NameServer] 193.189.244.225 193.189.244.206
Tcpip\..\Interfaces\{D94CFAFC-2545-4C5E-8871-4214E8A4994F}: [NameServer] 193.189.244.206 193.189.244.225
Tcpip\..\Interfaces\{E071EBF2-D3EB-4FB6-BDD2-6F1420F55AEE}: [NameServer] 193.189.244.225 193.189.244.206

FireFox:
========
FF ProfilePath: C:\Users\schingels\AppData\Roaming\Mozilla\Firefox\Profiles\yum8w33i.default
FF SearchEngineOrder.1: Sichere Suche
FF SelectedSearchEngine: Sichere Suche
FF Homepage: hxxp://www.nok21.de/wp-admin/edit.php
FF Keyword.URL: hxxp://de.search.yahoo.com/search?fr=mcafee&type=A111DE843&p=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_223.dll ()
FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_223.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\schingels\AppData\Roaming\Mozilla\Firefox\Profiles\yum8w33i.default\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\schingels\AppData\Roaming\Mozilla\Firefox\Profiles\yum8w33i.default\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\schingels\AppData\Roaming\Mozilla\Firefox\Profiles\yum8w33i.default\searchplugins\inbox-search.xml
FF SearchPlugin: C:\Users\schingels\AppData\Roaming\Mozilla\Firefox\Profiles\yum8w33i.default\searchplugins\webde-suche.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\McSiteAdvisor.xml
FF Extension: Widget context - C:\Users\schingels\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\{140A2D0E-85CC-4ed3-9BA5-8FA35DA7FABA}.xpi [2013-12-15]
FF Extension: GMX MailCheck - C:\Users\schingels\AppData\Roaming\Mozilla\Firefox\Profiles\yum8w33i.default\Extensions\toolbar@gmx.net [2014-11-14]
FF Extension: Adblock Plus - C:\Users\schingels\AppData\Roaming\Mozilla\Firefox\Profiles\yum8w33i.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-09-11]
FF Extension: COMPUTERBILD-Abzockschutz - C:\Users\schingels\AppData\Roaming\Mozilla\Firefox\Profiles\yum8w33i.default\Extensions\{d49175b3-3fd8-43b8-b28e-da5d47f3c398}.xpi [2013-09-11]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2014-11-10]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2014-11-10]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2014-11-10]
FF HKLM-x32\...\Firefox\Extensions: [{00F0643E-B367-4779-B45D-7046EBA37A88}] - C:\Program Files (x86)\Steganos Privacy Suite 15\spmplugin3
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\anti_banner@kaspersky.com
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\online_banking@kaspersky.com
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2014-11-13]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2014-11-13]
FF Extension: No Name - {4ED1F68A-5463-4931-9384-8FFF5ED91D92} [Not Found]

Chrome: 
=======
CHR Profile: C:\Users\schingels\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (No Name) - C:\Users\schingels\AppData\Local\Google\Chrome\User Data\Default\Extensions\pigkdicgnehbfjnaopalgpelkbkcnbfa [2014-01-03]
CHR HKLM-x32\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\online_banking_chrome.crx []
CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\ab.crx []

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2436280 2014-09-25] (Microsoft Corporation)
S2 Dnscache; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S2 Dnscache; C:\Windows\SysWOW64\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] ()
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2283296 2014-11-11] (IObit)
R2 McAfee SiteAdvisor Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [178528 2014-04-25] (McAfee, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [603424 2014-09-04] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1041192 2014-08-20] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-06-20] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [189912 2014-06-20] (McAfee, Inc.)
S2 Mobile Partner. RunOuc; D:\Users\Backup Handy\Mobile Partner\UpdateDog\ouc.exe [239968 2014-09-27] ()
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [2589496 2014-10-17] (AVG Technologies)
S4 UI Assistant Service; D:\Benutzer\1&1 Surf-Stick\AssistantServices.exe [253264 2010-09-30] ()
R2 UxTuneUp; C:\Windows\System32\uxtuneup.dll [42808 2014-10-17] (AVG Technologies)
R2 UxTuneUp; C:\Windows\SysWOW64\uxtuneup.dll [35640 2014-10-17] (AVG Technologies)
S2 WiseBootAssistant; C:\Program Files (x86)\Wise\Wise Care 365\BootTime.exe [580232 2014-07-07] (WiseCleaner.com)
R2 WO_LiveService2; D:\Users\Ashampoo Internet Accelerator 3\Ashampoo WinOptimizer 11\LiveTunerService.exe [223600 2014-08-05] ()

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R0 53413803; C:\Windows\System32\DRIVERS\53413803.sys [460888 2013-10-13] (Kaspersky Lab ZAO)
S1 9152490drv; C:\Windows\System32\DRIVERS\9152490drv.sys [556632 2013-10-13] (Kaspersky Lab)
S3 BioNTDrv; C:\Program Files\Paragon Software\Backup and Recovery 2014 Free\program\BioNTDrv.SYS [18696 2014-05-19] (Paragon Software Group)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [72128 2014-06-20] (McAfee, Inc.)
S3 esgiguard; No ImagePath
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2014-11-07] ()
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
R2 LiveTuner2PM; D:\Users\Ashampoo Internet Accelerator 3\Ashampoo WinOptimizer 11\LiveTuner64.sys [14320 2014-03-20] ()
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [181704 2014-06-20] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [313544 2014-06-20] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [523792 2014-06-20] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [786296 2014-06-20] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [445512 2014-08-20] (McAfee, Inc.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [96592 2014-08-20] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [348552 2014-06-20] (McAfee, Inc.)
R1 nvkflt; C:\Windows\System32\DRIVERS\nvkflt.sys [284448 2013-03-15] (NVIDIA Corporation)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R1 SLEE_18_DRIVER; C:\Windows\Sleen1864.sys [109144 2014-07-29] (Softwareentwicklung Remus - ArchiCrypt - )
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [14112 2014-09-09] (TuneUp Software)
R1 ui11rdr; C:\Windows\System32\DRIVERS\ui11rdr.sys [199752 2011-11-21] (1&1 Internet AG)
R1 UimBus; C:\Windows\System32\DRIVERS\UimBus.sys [102664 2014-05-19] ()
R1 Uim_DEVIM; C:\Windows\System32\DRIVERS\uim_devim.sys [25992 2014-05-19] ()
R1 Uim_IM; C:\Windows\System32\DRIVERS\uim_im.sys [700296 2014-05-19] ()
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2012-12-13] (Apple, Inc.) [File not signed]
S3 athr; system32\DRIVERS\athrx.sys [X]
U3 DfSdkS; No ImagePath
S0 kl1; system32\DRIVERS\kl1.sys [X]
S3 RSUSBVSTOR; System32\Drivers\RtsUVStor.sys [X]
U2 TMAgent; No ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-17 10:52 - 2014-11-17 10:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2014-11-17 10:51 - 2014-11-17 10:51 - 00006979 _____ () C:\Windows\WindowsUpdate.log
2014-11-17 10:50 - 2014-11-17 10:50 - 00002992 _____ () C:\Windows\System32\Tasks\{2E0A5BC6-3A1C-4594-A5D9-03B1D54913D7}
2014-11-17 10:47 - 2014-11-17 10:47 - 00000056 _____ () C:\Windows\setupact.log
2014-11-17 10:47 - 2014-11-17 10:47 - 00000000 _____ () C:\Windows\setuperr.log
2014-11-17 10:46 - 2014-11-17 10:46 - 00001404 _____ () C:\Windows\PFRO.log
2014-11-17 09:25 - 2014-10-17 12:34 - 00042808 _____ (AVG Technologies) C:\Windows\system32\uxtuneup.dll
2014-11-17 09:25 - 2014-10-17 12:34 - 00035640 _____ (AVG Technologies) C:\Windows\SysWOW64\uxtuneup.dll
2014-11-16 19:31 - 2014-11-16 19:31 - 00113432 _____ () C:\Users\schingels\AppData\Local\GDIPFONTCACHEV1.DAT
2014-11-16 19:14 - 2014-11-16 19:15 - 00442360 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-16 18:59 - 2014-11-16 18:59 - 00002972 _____ () C:\Windows\System32\Tasks\{9E32BAA2-B2F8-4BD8-9432-33043FBD0A96}
2014-11-14 17:24 - 2014-11-14 17:24 - 00002982 _____ () C:\Windows\System32\Tasks\{4C385B33-91AE-40F5-891A-8231887D2EF0}
2014-11-14 09:36 - 2014-11-14 09:36 - 00001892 _____ () C:\Users\schingels\Desktop\JRT.txt
2014-11-14 09:33 - 2014-11-14 09:33 - 00000000 ____D () C:\Windows\ERUNT
2014-11-14 08:41 - 2014-11-14 08:41 - 00002762 _____ () C:\Windows\System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013
2014-11-13 22:06 - 2013-09-23 13:49 - 00197704 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\HipShieldK.sys
2014-11-13 21:30 - 2014-11-17 10:52 - 00001806 _____ () C:\Users\Public\Desktop\McAfee Internet Security.lnk
2014-11-13 21:29 - 2014-11-16 19:03 - 00000000 ____D () C:\Program Files (x86)\McAfee
2014-11-13 21:29 - 2014-11-13 21:29 - 00000000 ____D () C:\Program Files\McAfee.com
2014-11-13 21:29 - 2014-11-13 21:29 - 00000000 ____D () C:\Program Files (x86)\McAfee.com
2014-11-13 21:29 - 2014-06-20 10:38 - 00072128 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\cfwids.sys
2014-11-13 21:29 - 2014-06-20 10:23 - 00523792 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\mfefirek.sys
2014-11-13 21:29 - 2014-06-20 10:21 - 00313544 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\mfeavfk.sys
2014-11-13 16:09 - 2014-11-13 16:09 - 00002227 _____ () C:\Users\Public\Desktop\AVG 1-Klick-Wartung.lnk
2014-11-13 16:09 - 2014-11-13 16:09 - 00002215 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp 2015.lnk
2014-11-13 16:09 - 2014-11-13 16:09 - 00002203 _____ () C:\Users\Public\Desktop\AVG PC TuneUp 2015.lnk
2014-11-13 16:09 - 2014-11-13 16:09 - 00000000 ____D () C:\Users\schingels\AppData\Roaming\AVG
2014-11-13 16:09 - 2014-11-13 16:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp 2015
2014-11-13 16:09 - 2014-11-13 16:09 - 00000000 ____D () C:\Program Files (x86)\AVG
2014-11-13 16:09 - 2014-10-17 12:34 - 00040248 _____ (AVG Technologies) C:\Windows\system32\TURegOpt.exe
2014-11-13 16:09 - 2014-10-17 12:34 - 00029496 _____ (AVG Technologies) C:\Windows\system32\authuitu.dll
2014-11-13 16:09 - 2014-10-17 12:34 - 00025400 _____ (AVG Technologies) C:\Windows\SysWOW64\authuitu.dll
2014-11-13 16:08 - 2014-11-13 16:08 - 00000000 ____D () C:\Users\schingels\AppData\Local\Avg
2014-11-13 16:05 - 2014-11-14 08:57 - 00000000 ____D () C:\ProgramData\AVG
2014-11-13 14:00 - 2014-11-13 14:00 - 00002982 _____ () C:\Windows\System32\Tasks\{84DD6ED7-F7B5-48B4-98D6-2A9A25D7C8E8}
2014-11-13 13:50 - 2014-11-13 13:50 - 00002982 _____ () C:\Windows\System32\Tasks\{1953C392-23DC-4B98-AD0E-127D828D83ED}
2014-11-13 11:00 - 2014-11-13 11:00 - 00000000 ____D () C:\Windows\System32\Tasks\Apple
2014-11-13 10:19 - 2014-11-13 10:19 - 00000000 __SHD () C:\Users\schingels\AppData\Local\EmieBrowserModeList
2014-11-13 08:55 - 2014-11-13 08:55 - 00098686 _____ () C:\ProgramData\1415864349.bdinstall.bin
2014-11-13 08:39 - 2014-11-13 08:39 - 00037852 _____ () C:\ProgramData\1415864347.bdinstall.bin
2014-11-13 00:54 - 2014-11-13 00:54 - 00000000 ____D () C:\ProgramData\bdch
2014-11-12 21:02 - 2014-11-12 21:02 - 00000000 ____D () C:\Windows\Tasks\ImCleanDisabled
2014-11-12 18:45 - 2014-11-13 09:40 - 00000000 ____D () C:\Users\schingels\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Moo0
2014-11-12 18:45 - 2014-11-13 09:40 - 00000000 ____D () C:\Program Files (x86)\Moo0
2014-11-12 18:09 - 2014-11-12 18:09 - 00319912 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-11-12 18:09 - 2014-11-12 18:09 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-11-12 18:09 - 2014-11-12 18:09 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-11-12 18:09 - 2014-11-12 18:09 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-11-12 18:09 - 2014-11-12 18:09 - 00000000 ____D () C:\Program Files\Java
2014-11-12 09:19 - 2014-06-04 15:17 - 00034080 _____ (IObit) C:\Windows\system32\SmartDefragBootTime.exe
2014-11-12 09:18 - 2014-06-04 15:17 - 00128288 _____ (IObit) C:\Windows\system32\IObitSmartDefragExtension.dll
2014-11-12 09:16 - 2014-11-12 15:09 - 00002862 _____ () C:\Windows\System32\Tasks\Driver Booster SkipUAC (schingels)
2014-11-12 07:18 - 2014-11-07 20:49 - 00388272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-11-12 07:18 - 2014-11-07 20:23 - 00341168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-11-12 07:18 - 2014-11-06 05:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-11-12 07:18 - 2014-11-06 05:03 - 25110016 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-11-12 07:18 - 2014-11-06 05:03 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-11-12 07:18 - 2014-11-06 04:47 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-11-12 07:18 - 2014-11-06 04:46 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-11-12 07:18 - 2014-11-06 04:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-11-12 07:18 - 2014-11-06 04:44 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-11-12 07:18 - 2014-11-06 04:43 - 02884096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-11-12 07:18 - 2014-11-06 04:36 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-11-12 07:18 - 2014-11-06 04:35 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-11-12 07:18 - 2014-11-06 04:31 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-11-12 07:18 - 2014-11-06 04:30 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-11-12 07:18 - 2014-11-06 04:30 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-11-12 07:18 - 2014-11-06 04:29 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-11-12 07:18 - 2014-11-06 04:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-11-12 07:18 - 2014-11-06 04:23 - 06040064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-11-12 07:18 - 2014-11-06 04:20 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-11-12 07:18 - 2014-11-06 04:16 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-11-12 07:18 - 2014-11-06 04:13 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-11-12 07:18 - 2014-11-06 04:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-11-12 07:18 - 2014-11-06 04:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-11-12 07:18 - 2014-11-06 04:10 - 19781632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-11-12 07:18 - 2014-11-06 04:10 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-11-12 07:18 - 2014-11-06 04:07 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-11-12 07:18 - 2014-11-06 04:05 - 02277376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-11-12 07:18 - 2014-11-06 04:04 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-11-12 07:18 - 2014-11-06 04:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-11-12 07:18 - 2014-11-06 04:02 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-11-12 07:18 - 2014-11-06 04:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-11-12 07:18 - 2014-11-06 04:00 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-11-12 07:18 - 2014-11-06 03:59 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-11-12 07:18 - 2014-11-06 03:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-11-12 07:18 - 2014-11-06 03:57 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-11-12 07:18 - 2014-11-06 03:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-11-12 07:18 - 2014-11-06 03:42 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-11-12 07:18 - 2014-11-06 03:41 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-11-12 07:18 - 2014-11-06 03:41 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-11-12 07:18 - 2014-11-06 03:39 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-11-12 07:18 - 2014-11-06 03:38 - 02124288 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-11-12 07:18 - 2014-11-06 03:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-11-12 07:18 - 2014-11-06 03:36 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-11-12 07:18 - 2014-11-06 03:34 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-11-12 07:18 - 2014-11-06 03:30 - 14390272 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-11-12 07:18 - 2014-11-06 03:22 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-11-12 07:18 - 2014-11-06 03:21 - 04298240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-11-12 07:18 - 2014-11-06 03:21 - 02051072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-11-12 07:18 - 2014-11-06 03:20 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-11-12 07:18 - 2014-11-06 03:17 - 02365440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-11-12 07:18 - 2014-11-06 03:04 - 01550336 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-11-12 07:18 - 2014-11-06 03:03 - 12819456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-11-12 07:18 - 2014-11-06 02:53 - 00799232 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-11-12 07:18 - 2014-11-06 02:52 - 01892864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-11-12 07:18 - 2014-11-06 02:48 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-11-12 07:18 - 2014-11-06 02:47 - 00708096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-11-12 07:18 - 2014-11-05 18:56 - 00304640 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-11-12 07:18 - 2014-11-05 18:56 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-11-12 07:18 - 2014-11-05 18:52 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-11-12 07:18 - 2014-10-14 03:16 - 00155064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-11-12 07:18 - 2014-10-14 03:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-11-12 07:18 - 2014-10-14 03:12 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-11-12 07:18 - 2014-10-14 03:09 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2014-11-12 07:18 - 2014-10-14 03:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-11-12 07:18 - 2014-10-14 02:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-11-12 07:18 - 2014-10-14 02:49 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-11-12 07:18 - 2014-10-14 02:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2014-11-12 07:18 - 2014-10-14 02:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2014-11-12 07:17 - 2014-10-25 02:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-11-12 07:17 - 2014-10-25 02:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-11-12 07:17 - 2014-10-14 03:13 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-11-12 07:17 - 2014-10-14 02:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-11-12 07:17 - 2014-10-10 01:57 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-11-12 07:17 - 2014-10-03 03:12 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-11-12 07:17 - 2014-10-03 03:11 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-11-12 07:17 - 2014-10-03 03:11 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-11-12 07:17 - 2014-10-03 03:11 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-11-12 07:17 - 2014-10-03 03:11 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-11-12 07:17 - 2014-10-03 02:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-11-12 07:17 - 2014-10-03 02:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-11-12 07:17 - 2014-10-03 02:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-11-12 07:17 - 2014-09-19 10:42 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-12 07:17 - 2014-09-19 10:42 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-11-12 07:17 - 2014-09-19 10:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-11-12 07:17 - 2014-09-19 10:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-11-12 07:17 - 2014-09-19 10:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-11-12 07:17 - 2014-09-19 10:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-11-12 07:17 - 2014-09-19 10:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-11-12 07:17 - 2014-09-19 10:23 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-11-12 07:17 - 2014-09-19 10:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-11-12 07:17 - 2014-09-19 10:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-11-12 07:17 - 2014-09-19 10:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-11-12 07:17 - 2014-09-19 10:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-11-12 07:17 - 2014-09-19 10:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-11-12 07:17 - 2014-09-19 10:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-11-12 07:17 - 2014-08-21 07:43 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-11-12 07:17 - 2014-08-21 07:40 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-11-12 07:17 - 2014-08-21 07:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-11-12 07:17 - 2014-08-21 07:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-11-12 07:17 - 2014-08-12 03:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2014-11-12 07:17 - 2014-08-12 02:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2014-11-12 07:16 - 2014-10-18 03:05 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-11-12 07:16 - 2014-10-18 02:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-11-11 18:23 - 2014-11-11 19:27 - 00000000 ____D () C:\Program Files (x86)\Kaspersky Lab
2014-11-11 09:20 - 2014-11-14 17:32 - 00000000 ____D () C:\ProgramData\ProductData
2014-11-11 09:20 - 2014-11-13 13:12 - 00000000 ____D () C:\Program Files (x86)\IObit
2014-11-11 09:20 - 2014-11-12 09:16 - 00000000 ____D () C:\Users\schingels\AppData\Roaming\IObit
2014-11-11 09:20 - 2014-11-12 09:16 - 00000000 ____D () C:\ProgramData\IObit
2014-11-11 09:20 - 2014-11-11 09:20 - 00002894 _____ () C:\Windows\System32\Tasks\Uninstaller_SkipUac_schingels
2014-11-11 09:20 - 2014-11-11 09:20 - 00001254 _____ () C:\Users\schingels\AppData\Roaming\Microsoft\Windows\Start Menu\Uninstall Programs.lnk
2014-11-11 09:20 - 2014-11-11 09:20 - 00001230 _____ () C:\Users\Public\Desktop\IObit Uninstaller.lnk
2014-11-11 09:20 - 2014-11-11 09:20 - 00000000 ____D () C:\Users\schingels\AppData\Roaming\ProductData
2014-11-11 09:18 - 2014-11-11 09:18 - 00210757 _____ () C:\ProgramData\1415693093.bdinstall.bin
2014-11-11 09:04 - 2014-11-14 08:56 - 00000000 ____D () C:\Users\schingels\AppData\Roaming\QuickScan
2014-11-10 16:00 - 2014-11-10 16:00 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-11-10 15:00 - 2014-11-10 15:00 - 00000000 ____D () C:\Program Files (x86)\Google
2014-11-09 16:47 - 2014-11-11 00:20 - 00000000 ____D () C:\ProgramData\Package Cache
2014-11-09 16:47 - 2014-11-09 16:47 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-11-09 16:45 - 2014-11-09 16:45 - 00000000 ____D () C:\Users\schingels\AppData\Roaming\Avira
2014-11-09 16:25 - 2014-11-11 00:20 - 00000000 ____D () C:\Users\schingels\AppData\Local\Tempf7eddb6ee0afd360be7fc7f5e70ab6ce
2014-11-09 16:25 - 2014-11-11 00:20 - 00000000 ____D () C:\Users\schingels\AppData\Local\Temp991f313088b215d209d2d97e3c209801
2014-11-09 16:25 - 2014-11-11 00:20 - 00000000 ____D () C:\Users\schingels\AppData\Local\Temp1270dc5f1665619a7e9941f8e54ac8ef
2014-11-07 10:44 - 2014-11-07 10:44 - 00003350 _____ () C:\Windows\System32\Tasks\SpyHunter4Startup
2014-11-07 10:44 - 2014-11-07 10:44 - 00000000 ____D () C:\Users\schingels\AppData\Roaming\Enigma Software Group
2014-11-07 10:44 - 2014-11-07 10:44 - 00000000 ____D () C:\sh4ldr
2014-11-07 09:12 - 2014-11-07 10:44 - 00022704 _____ () C:\Windows\system32\Drivers\EsgScanner.sys
2014-11-07 09:12 - 2014-11-07 10:43 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-11-07 08:28 - 2014-11-07 08:28 - 00000000 ____D () C:\Users\schingels\AppData\Local\Tempad3126ee63524b68efcd1700a6640da9
2014-11-07 08:28 - 2014-11-07 08:28 - 00000000 ____D () C:\Users\schingels\AppData\Local\Temp68d1ed6af116173792cd0c0fe2aaeb86
2014-11-06 07:53 - 2014-11-17 12:16 - 00000000 ____D () C:\FRST
2014-11-05 10:16 - 2014-11-05 10:16 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-11-04 06:32 - 2014-09-05 03:11 - 06584320 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-11-04 06:32 - 2014-09-05 02:52 - 05703168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-11-02 09:37 - 2013-10-02 03:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2014-11-02 09:37 - 2013-10-02 03:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2014-11-02 09:37 - 2013-10-02 03:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2014-11-02 09:37 - 2013-10-02 02:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2014-11-02 09:37 - 2013-10-02 02:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2014-11-02 09:37 - 2013-10-02 02:29 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-11-02 09:37 - 2013-10-02 02:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2014-11-02 09:37 - 2013-10-02 01:15 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2014-11-02 09:37 - 2013-10-02 01:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2014-11-02 09:37 - 2013-10-02 01:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2014-11-02 09:37 - 2013-10-02 01:08 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2014-11-02 09:37 - 2013-10-02 01:01 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2014-11-02 09:37 - 2013-10-02 00:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-11-02 09:37 - 2013-10-02 00:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-11-02 09:37 - 2013-10-02 00:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2014-11-02 09:37 - 2013-10-01 23:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-10-31 21:24 - 2014-10-31 21:24 - 00000904 _____ () C:\Users\schingels\Desktop\TapinRadio.lnk
2014-10-31 21:24 - 2014-10-31 21:24 - 00000000 ____D () C:\Users\schingels\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TapinRadio
2014-10-21 10:03 - 2014-11-07 07:05 - 00003156 _____ () C:\Windows\System32\Tasks\AdvancedDriverUpdaterRunAtStartup
2014-10-21 09:50 - 2014-10-21 09:50 - 00000987 _____ () C:\Users\Public\Desktop\Ashampoo Internet Accelerator 3.lnk
2014-10-21 08:16 - 2014-10-21 08:16 - 00001226 _____ () C:\Users\Public\Desktop\Ein-Klick-Optimierung (WO11).lnk
2014-10-21 08:16 - 2014-10-21 08:16 - 00000974 _____ () C:\Users\Public\Desktop\Ashampoo WinOptimizer 11.lnk

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-17 12:12 - 2014-08-28 11:17 - 00005166 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for schingels-PC-schingels schingels-PC
2014-11-17 10:56 - 2009-07-14 05:45 - 00009696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-17 10:56 - 2009-07-14 05:45 - 00009696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-17 10:49 - 2014-02-18 15:03 - 00000000 ____D () C:\Users\schingels\Documents\Mein Steuer-Sparbuch Heute
2014-11-17 10:48 - 2013-09-10 17:57 - 00000000 ____D () C:\Users\schingels\AppData\Roaming\Wise Care 365
2014-11-17 10:48 - 2013-09-10 17:03 - 00002056 _____ () C:\Users\Public\Desktop\Wise Care 365.lnk
2014-11-17 10:47 - 2013-09-10 18:00 - 00000430 _____ () C:\Windows\Tasks\Wise Care 365.job
2014-11-17 10:47 - 2011-11-23 15:28 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-11-17 10:47 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-17 10:40 - 2014-04-10 16:26 - 00000000 ____D () C:\Users\schingels\Documents\Recover Keys Online Store-Dateien
2014-11-17 10:40 - 2014-01-04 16:38 - 00000000 ____D () C:\Users\schingels\Documents\Sparkasse Westholstein (22250020) - SEPA Überweisung-Dateien
2014-11-16 19:10 - 2014-06-23 17:20 - 00002942 _____ () C:\Windows\System32\Tasks\{D618E339-78DC-4056-AE3D-3870DD7D936B}
2014-11-16 19:10 - 2014-06-23 17:19 - 00002942 _____ () C:\Windows\System32\Tasks\{4565DE98-4314-48CE-B670-D1CA4F40EB2F}
2014-11-16 09:51 - 2011-02-19 05:24 - 00730014 _____ () C:\Windows\system32\perfh007.dat
2014-11-16 09:51 - 2011-02-19 05:24 - 00159592 _____ () C:\Windows\system32\perfc007.dat
2014-11-16 09:51 - 2009-07-14 06:13 - 01690812 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-14 18:14 - 2013-10-14 18:28 - 00000000 ____D () C:\ProgramData\McAfee
2014-11-14 17:15 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-11-14 09:18 - 2014-01-21 20:01 - 00000000 ____D () C:\AdwCleaner
2014-11-14 07:35 - 2013-10-14 19:23 - 00000000 ____D () C:\Program Files\Common Files\McAfee
2014-11-13 21:30 - 2013-10-14 19:23 - 00000000 ____D () C:\Program Files\McAfee
2014-11-13 16:34 - 2013-12-22 15:36 - 00000000 ____D () C:\Program Files\stinger
2014-11-13 16:08 - 2013-09-10 17:58 - 00000000 ____D () C:\Program Files (x86)\TuneUp Utilities 2013
2014-11-13 13:12 - 2014-07-30 13:47 - 00000000 __SHD () C:\Nsi.pending
2014-11-13 10:13 - 2013-12-27 17:39 - 00000000 ____D () C:\Users\schingels\AppData\Roaming\Steganos
2014-11-13 09:16 - 2011-04-13 03:47 - 00000000 ____D () C:\Program Files (x86)\ASUS
2014-11-13 09:06 - 2014-08-28 07:29 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-11-13 08:15 - 2014-06-24 09:31 - 00000000 ____D () C:\Users\schingels\AppData\Local\620966BE-20EC-402D-ADC7-17A075A3742B.aplzod
2014-11-12 22:30 - 2011-11-23 15:31 - 00000000 ____D () C:\Program Files (x86)\Realtek
2014-11-12 22:30 - 2011-11-23 15:22 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-11-12 21:19 - 2011-11-23 15:45 - 00004140 _____ () C:\Windows\system32\AutoRunFilter.ini
2014-11-12 20:43 - 2013-04-02 19:22 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-11-12 16:58 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-11-12 15:32 - 2013-04-02 19:22 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-11-12 15:32 - 2012-05-27 21:29 - 00000000 ____D () C:\Users\schingels\AppData\Local\Adobe
2014-11-12 15:32 - 2012-04-02 17:26 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-11-12 15:32 - 2011-12-25 20:29 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-11-12 15:20 - 2012-05-27 21:28 - 00000000 ____D () C:\ProgramData\Adobe
2014-11-12 15:07 - 2011-11-23 15:45 - 00002660 _____ () C:\Windows\system32\ServiceFilter.ini
2014-11-12 14:47 - 2014-10-17 08:27 - 04918960 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-11-12 14:43 - 2014-05-01 05:25 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-11-12 08:45 - 2009-07-29 07:03 - 00000000 ____D () C:\Windows\Panther
2014-11-12 07:43 - 2013-07-19 23:02 - 00000000 ____D () C:\Windows\system32\MRT
2014-11-12 07:36 - 2011-12-16 00:45 - 103374192 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-11-11 19:27 - 2014-01-21 17:53 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-11-11 18:48 - 2013-09-10 16:51 - 00000000 ____D () C:\Program Files (x86)\COMPUTERBILD-Abzockschutz
2014-11-11 18:33 - 2013-10-11 18:16 - 00000000 ____D () C:\ProgramData\Apple
2014-11-11 18:33 - 2013-10-11 18:16 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-11-11 18:26 - 2012-02-26 23:04 - 00000000 ____D () C:\Users\schingels\AppData\Roaming\DVDVideoSoft
2014-11-11 18:23 - 2012-09-03 19:25 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-11-11 18:18 - 2011-11-23 15:41 - 00000000 ____D () C:\Program Files (x86)\Renesas Electronics
2014-11-11 17:55 - 2011-12-15 19:45 - 00000000 ___HD () C:\ASUS.DAT
2014-11-11 17:55 - 2011-11-23 15:50 - 00000000 ____D () C:\Program Files (x86)\CyberLink
2014-11-11 17:55 - 2011-11-23 15:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS Utility
2014-11-11 17:52 - 2011-11-23 15:50 - 00000000 ____D () C:\ProgramData\CyberLink
2014-11-11 09:30 - 2013-10-21 19:34 - 00000000 ____D () C:\Program Files (x86)\concept design
2014-11-11 09:22 - 2013-10-11 18:18 - 00000000 ____D () C:\Users\schingels\AppData\Roaming\Apple Computer
2014-11-11 00:20 - 2013-10-23 19:04 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2014-11-11 00:20 - 2011-11-23 15:44 - 00000000 ____D () C:\ProgramData\P4G
2014-11-11 00:20 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration
2014-11-10 20:42 - 2013-09-12 07:13 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-11-10 15:36 - 2011-12-15 19:44 - 00000000 ____D () C:\Users\schingels
2014-11-09 16:47 - 2013-10-13 19:33 - 00000000 ____D () C:\ProgramData\Avira
2014-11-04 08:08 - 2009-07-14 06:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-11-03 10:59 - 2012-05-01 12:44 - 00000000 ____D () C:\Users\schingels\AppData\Local\Windows Live
2014-11-02 10:03 - 2012-10-07 21:13 - 00000000 ____D () C:\Windows\SysWOW64\NV
2014-11-02 10:03 - 2012-10-07 21:13 - 00000000 ____D () C:\Windows\system32\NV
2014-11-02 10:02 - 2009-07-14 04:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-11-01 09:56 - 2009-07-14 06:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-10-31 13:22 - 2014-03-11 17:30 - 00000000 ____D () C:\Users\schingels\AppData\Roaming\ALFBanCo5
2014-10-31 13:22 - 2014-03-11 17:30 - 00000000 ____D () C:\ProgramData\AlfBanCo5
2014-10-31 05:06 - 2014-08-22 05:17 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-10-31 05:06 - 2014-08-22 05:17 - 00000000 ____D () C:\Program Files (x86)\Java
2014-10-27 08:57 - 2014-08-22 14:46 - 00000000 ____D () C:\Users\schingels\AppData\Roaming\Steganos VPN
2014-10-24 08:05 - 2014-01-29 17:09 - 00000000 ____D () C:\Users\schingels\AppData\Local\Microsoft Help
2014-10-24 08:05 - 2013-09-11 08:16 - 00003704 _____ () C:\Windows\System32\Tasks\Java Update Scheduler
2014-10-24 06:39 - 2013-11-01 20:51 - 00000000 ____D () C:\ProgramData\Oracle
2014-10-24 06:39 - 2013-11-01 20:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-10-24 05:55 - 2013-09-10 17:48 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-10-22 06:20 - 2013-10-11 18:17 - 00000000 ____D () C:\Users\schingels\AppData\Local\Apple
2014-10-21 09:50 - 2013-09-10 16:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo
2014-10-21 09:50 - 2013-09-10 16:44 - 00000000 ____D () C:\ProgramData\ashampoo
2014-10-21 08:19 - 2013-09-10 16:52 - 00000000 ____D () C:\Users\schingels\AppData\Local\Ashampoo Photo Optimizer 4

Files to move or delete:
====================
C:\ProgramData\nud0repor.pad


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2013-10-31 00:16

==================== End Of Log ============================

--- --- ---

--- --- ---

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 16-11-2014 03
Ran by schingels (administrator) on SCHINGELS-PC on 17-11-2014 12:16:46
Running from D:\Users\Downloads
Loaded Profile: schingels (Available profiles: schingels & UpdatusUser)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
() C:\ProgramData\DatacardService\HWDeviceService64.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
() C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
(AVG Technologies) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
() D:\Users\Ashampoo Internet Accelerator 3\Ashampoo WinOptimizer 11\LiveTunerService.exe
(McAfee, Inc.) C:\Program Files\McAfee\MSC\McAPExe.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
(AVG Technologies) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe
(WiseCleaner.com) C:\Program Files (x86)\Wise\Wise Care 365\WiseTray.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
() D:\Users\Backup Handy\Mobile Partner\Mobile Partner.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Ashampoo Development GmbH & Co. KG) D:\Users\Ashampoo Internet Accelerator 3\Ashampoo WinOptimizer 11\LiveTuner2.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Users\schingels\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Alf - AG) D:\Users\Hallingstrasse\ALFBanCo5\AlfReminder5.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Intel® Corporation) C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe
() C:\WISO\Steuersoftware 2013\mshaktuell.exe
(ASUS) C:\Windows\AsScrPro.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Intel(R) Corporation) C:\Program Files\Intel\TurboBoost\TurboBoost.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\csisyncclient.exe
(Ashampoo GmbH & Co. KG) D:\Users\Downloads\Ashampoo Internet Accelerator 3\iac3.exe
(AVG Technologies) C:\Program Files (x86)\AVG\AVG PC TuneUp\OneClick.exe
(AVG Technologies) C:\Program Files (x86)\AVG\AVG PC TuneUp\TUDefragBackend64.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2587944 2010-12-31] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2213992 2011-05-12] (Realtek Semiconductor)
HKLM\...\Run: [Ashampoo WinOptimizer Live-Tuner2] => D:\Users\Ashampoo Internet Accelerator 3\Ashampoo WinOptimizer 11\LiveTuner2.exe [3516784 2014-08-05] (Ashampoo Development GmbH & Co. KG)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [2018032 2011-04-13] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [UIExec] => D:\Benutzer\1&1 Surf-Stick\UIExec.exe [139088 2010-09-30] ()
HKLM-x32\...\Run: [mcui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-04-25] (McAfee, Inc.)
HKLM-x32\...\Run: [ASUS Screen Saver Protector] => C:\Windows\AsScrPro.exe [3058304 2014-01-22] (ASUS)
HKLM-x32\...\Run: [COMPUTERBILD-Abzockschutz] => C:\Program Files (x86)\COMPUTERBILD-Abzockschutz\bin\COMPUTERBILD-Abzockschutz.exe [537664 2014-06-19] (J3S GmbH)
HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-04-25] (McAfee, Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-733679015-3351541572-3055150241-1001\...\Run: [1&1_1&1 Upload-Manager] => D:\Users\Downloads\DAVSRV.EXE [989264 2011-11-21] (1&1 Internet AG)
HKU\S-1-5-21-733679015-3351541572-3055150241-1001\...\Run: [SkyDrive] => C:\Users\schingels\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [277672 2014-10-09] (Microsoft Corporation)
HKU\S-1-5-21-733679015-3351541572-3055150241-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-733679015-3351541572-3055150241-1001\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-733679015-3351541572-3055150241-1001\...\MountPoints2: {c1225048-15de-11e1-b0e7-806e6f6e6963} - E:\autostart.exe
HKU\S-1-5-21-733679015-3351541572-3055150241-1001\...\MountPoints2: {e8ee4c17-46ef-11e4-bbab-001e101f82a7} - F:\AutoRun.exe
HKU\S-1-5-21-733679015-3351541572-3055150241-1001\...\MountPoints2: {e8ee4c2f-46ef-11e4-bbab-001e101f82a7} - F:\AutoRun.exe
HKU\S-1-5-21-733679015-3351541572-3055150241-1001\...\MountPoints2: {e8ee4cab-46ef-11e4-bbab-001e101f82a7} - F:\AutoRun.exe
HKU\S-1-5-21-733679015-3351541572-3055150241-1001\...\MountPoints2: {f205f158-458a-11e4-9adb-5404a67455a1} - F:\AutoRun.exe
HKU\S-1-5-21-733679015-3351541572-3055150241-1001\...\MountPoints2: {f205f176-458a-11e4-9adb-5404a67455a1} - F:\AutoRun.exe
IFEO\taskmgr.exe: [Debugger] C:\Program Files (x86)\AVG\AVG PC TuneUp\PMLauncher.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ALF-BanCo 5 Reminder.lnk
ShortcutTarget: ALF-BanCo 5 Reminder.lnk -> D:\Users\Hallingstrasse\ALFBanCo5\AlfReminder5.exe (Alf - AG)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WISO Mein Steuer-Sparbuch heute.lnk
ShortcutTarget: WISO Mein Steuer-Sparbuch heute.lnk -> C:\Program Files (x86)\WISO\Steuersoftware 2014\mshaktuell.exe ()
Startup: C:\Users\schingels\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Intel(R) Turbo Boost Technology Monitor 2.0.lnk
ShortcutTarget: Intel(R) Turbo Boost Technology Monitor 2.0.lnk -> C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe (Intel® Corporation)
Startup: C:\Users\schingels\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\WISO Mein Steuer-Sparbuch heute.lnk
ShortcutTarget: WISO Mein Steuer-Sparbuch heute.lnk -> C:\WISO\Steuersoftware 2013\mshaktuell.exe ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled.
ProxyServer: [.DEFAULT] => http=127.0.0.1:8897;https=127.0.0.1:8897;ftp=localhost:8123;socks=localhost:8123
HKU\S-1-5-21-733679015-3351541572-3055150241-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/
HKU\S-1-5-21-733679015-3351541572-3055150241-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x55244F9E94E0CE01
HKU\S-1-5-21-733679015-3351541572-3055150241-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - DefaultScope {AE4D481E-A7DF-46AB-B716-E2C57980ECE9} URL = hxxp://de.search.yahoo.com/search?fr=mcafee&type=A011DE843&p={SearchTerms}
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
SearchScopes: HKCU - {8C6C6B5A-5D45-4A7C-8C98-1B520D0A59BD} URL = https://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=242154&p={searchTerms}
SearchScopes: HKCU - {AE4D481E-A7DF-46AB-B716-E2C57980ECE9} URL = hxxp://de.search.yahoo.com/search?fr=mcafee&type=A011DE843&p={SearchTerms}
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll (IObit)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: CBAbzockschutz.InitToolbarBHO -> {2e250b90-0e7a-42a3-9d65-e39f9f227fa4} -> C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Steganos Password Manager Toolbar - {9C65D12D-CF9D-454D-8049-61965D8C6FFF} -  No File
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM-x32 - COMPUTERBILD-Abzockschutz - {353e2a48-6254-4bd3-88f4-3b51a0ca7870} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKU\S-1-5-21-733679015-3351541572-3055150241-1001 -> Steganos Password Manager Toolbar - {9C65D12D-CF9D-454D-8049-61965D8C6FFF} -  No File
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: HKLM-x32 {1E54D648-B804-468d-BC78-4AFFED8E262F} hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
Tcpip\..\Interfaces\{18635B9F-3EC8-4E9F-ADBE-EE60B251079C}: [NameServer] 193.189.244.225 193.189.244.206
Tcpip\..\Interfaces\{D94CFAFC-2545-4C5E-8871-4214E8A4994F}: [NameServer] 193.189.244.206 193.189.244.225
Tcpip\..\Interfaces\{E071EBF2-D3EB-4FB6-BDD2-6F1420F55AEE}: [NameServer] 193.189.244.225 193.189.244.206

FireFox:
========
FF ProfilePath: C:\Users\schingels\AppData\Roaming\Mozilla\Firefox\Profiles\yum8w33i.default
FF SearchEngineOrder.1: Sichere Suche
FF SelectedSearchEngine: Sichere Suche
FF Homepage: hxxp://www.nok21.de/wp-admin/edit.php
FF Keyword.URL: hxxp://de.search.yahoo.com/search?fr=mcafee&type=A111DE843&p=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_223.dll ()
FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_223.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\schingels\AppData\Roaming\Mozilla\Firefox\Profiles\yum8w33i.default\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\schingels\AppData\Roaming\Mozilla\Firefox\Profiles\yum8w33i.default\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\schingels\AppData\Roaming\Mozilla\Firefox\Profiles\yum8w33i.default\searchplugins\inbox-search.xml
FF SearchPlugin: C:\Users\schingels\AppData\Roaming\Mozilla\Firefox\Profiles\yum8w33i.default\searchplugins\webde-suche.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\McSiteAdvisor.xml
FF Extension: Widget context - C:\Users\schingels\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\{140A2D0E-85CC-4ed3-9BA5-8FA35DA7FABA}.xpi [2013-12-15]
FF Extension: GMX MailCheck - C:\Users\schingels\AppData\Roaming\Mozilla\Firefox\Profiles\yum8w33i.default\Extensions\toolbar@gmx.net [2014-11-14]
FF Extension: Adblock Plus - C:\Users\schingels\AppData\Roaming\Mozilla\Firefox\Profiles\yum8w33i.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-09-11]
FF Extension: COMPUTERBILD-Abzockschutz - C:\Users\schingels\AppData\Roaming\Mozilla\Firefox\Profiles\yum8w33i.default\Extensions\{d49175b3-3fd8-43b8-b28e-da5d47f3c398}.xpi [2013-09-11]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2014-11-10]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2014-11-10]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2014-11-10]
FF HKLM-x32\...\Firefox\Extensions: [{00F0643E-B367-4779-B45D-7046EBA37A88}] - C:\Program Files (x86)\Steganos Privacy Suite 15\spmplugin3
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\anti_banner@kaspersky.com
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\online_banking@kaspersky.com
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2014-11-13]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2014-11-13]
FF Extension: No Name - {4ED1F68A-5463-4931-9384-8FFF5ED91D92} [Not Found]

Chrome: 
=======
CHR Profile: C:\Users\schingels\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (No Name) - C:\Users\schingels\AppData\Local\Google\Chrome\User Data\Default\Extensions\pigkdicgnehbfjnaopalgpelkbkcnbfa [2014-01-03]
CHR HKLM-x32\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\online_banking_chrome.crx []
CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\ab.crx []

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2436280 2014-09-25] (Microsoft Corporation)
S2 Dnscache; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S2 Dnscache; C:\Windows\SysWOW64\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] ()
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2283296 2014-11-11] (IObit)
R2 McAfee SiteAdvisor Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [178528 2014-04-25] (McAfee, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [603424 2014-09-04] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1041192 2014-08-20] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-06-20] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [189912 2014-06-20] (McAfee, Inc.)
S2 Mobile Partner. RunOuc; D:\Users\Backup Handy\Mobile Partner\UpdateDog\ouc.exe [239968 2014-09-27] ()
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [2589496 2014-10-17] (AVG Technologies)
S4 UI Assistant Service; D:\Benutzer\1&1 Surf-Stick\AssistantServices.exe [253264 2010-09-30] ()
R2 UxTuneUp; C:\Windows\System32\uxtuneup.dll [42808 2014-10-17] (AVG Technologies)
R2 UxTuneUp; C:\Windows\SysWOW64\uxtuneup.dll [35640 2014-10-17] (AVG Technologies)
S2 WiseBootAssistant; C:\Program Files (x86)\Wise\Wise Care 365\BootTime.exe [580232 2014-07-07] (WiseCleaner.com)
R2 WO_LiveService2; D:\Users\Ashampoo Internet Accelerator 3\Ashampoo WinOptimizer 11\LiveTunerService.exe [223600 2014-08-05] ()

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R0 53413803; C:\Windows\System32\DRIVERS\53413803.sys [460888 2013-10-13] (Kaspersky Lab ZAO)
S1 9152490drv; C:\Windows\System32\DRIVERS\9152490drv.sys [556632 2013-10-13] (Kaspersky Lab)
S3 BioNTDrv; C:\Program Files\Paragon Software\Backup and Recovery 2014 Free\program\BioNTDrv.SYS [18696 2014-05-19] (Paragon Software Group)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [72128 2014-06-20] (McAfee, Inc.)
S3 esgiguard; No ImagePath
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2014-11-07] ()
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
R2 LiveTuner2PM; D:\Users\Ashampoo Internet Accelerator 3\Ashampoo WinOptimizer 11\LiveTuner64.sys [14320 2014-03-20] ()
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [181704 2014-06-20] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [313544 2014-06-20] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [523792 2014-06-20] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [786296 2014-06-20] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [445512 2014-08-20] (McAfee, Inc.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [96592 2014-08-20] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [348552 2014-06-20] (McAfee, Inc.)
R1 nvkflt; C:\Windows\System32\DRIVERS\nvkflt.sys [284448 2013-03-15] (NVIDIA Corporation)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R1 SLEE_18_DRIVER; C:\Windows\Sleen1864.sys [109144 2014-07-29] (Softwareentwicklung Remus - ArchiCrypt - )
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [14112 2014-09-09] (TuneUp Software)
R1 ui11rdr; C:\Windows\System32\DRIVERS\ui11rdr.sys [199752 2011-11-21] (1&1 Internet AG)
R1 UimBus; C:\Windows\System32\DRIVERS\UimBus.sys [102664 2014-05-19] ()
R1 Uim_DEVIM; C:\Windows\System32\DRIVERS\uim_devim.sys [25992 2014-05-19] ()
R1 Uim_IM; C:\Windows\System32\DRIVERS\uim_im.sys [700296 2014-05-19] ()
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2012-12-13] (Apple, Inc.) [File not signed]
S3 athr; system32\DRIVERS\athrx.sys [X]
U3 DfSdkS; No ImagePath
S0 kl1; system32\DRIVERS\kl1.sys [X]
S3 RSUSBVSTOR; System32\Drivers\RtsUVStor.sys [X]
U2 TMAgent; No ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-17 10:52 - 2014-11-17 10:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2014-11-17 10:51 - 2014-11-17 10:51 - 00006979 _____ () C:\Windows\WindowsUpdate.log
2014-11-17 10:50 - 2014-11-17 10:50 - 00002992 _____ () C:\Windows\System32\Tasks\{2E0A5BC6-3A1C-4594-A5D9-03B1D54913D7}
2014-11-17 10:47 - 2014-11-17 10:47 - 00000056 _____ () C:\Windows\setupact.log
2014-11-17 10:47 - 2014-11-17 10:47 - 00000000 _____ () C:\Windows\setuperr.log
2014-11-17 10:46 - 2014-11-17 10:46 - 00001404 _____ () C:\Windows\PFRO.log
2014-11-17 09:25 - 2014-10-17 12:34 - 00042808 _____ (AVG Technologies) C:\Windows\system32\uxtuneup.dll
2014-11-17 09:25 - 2014-10-17 12:34 - 00035640 _____ (AVG Technologies) C:\Windows\SysWOW64\uxtuneup.dll
2014-11-16 19:31 - 2014-11-16 19:31 - 00113432 _____ () C:\Users\schingels\AppData\Local\GDIPFONTCACHEV1.DAT
2014-11-16 19:14 - 2014-11-16 19:15 - 00442360 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-16 18:59 - 2014-11-16 18:59 - 00002972 _____ () C:\Windows\System32\Tasks\{9E32BAA2-B2F8-4BD8-9432-33043FBD0A96}
2014-11-14 17:24 - 2014-11-14 17:24 - 00002982 _____ () C:\Windows\System32\Tasks\{4C385B33-91AE-40F5-891A-8231887D2EF0}
2014-11-14 09:36 - 2014-11-14 09:36 - 00001892 _____ () C:\Users\schingels\Desktop\JRT.txt
2014-11-14 09:33 - 2014-11-14 09:33 - 00000000 ____D () C:\Windows\ERUNT
2014-11-14 08:41 - 2014-11-14 08:41 - 00002762 _____ () C:\Windows\System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013
2014-11-13 22:06 - 2013-09-23 13:49 - 00197704 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\HipShieldK.sys
2014-11-13 21:30 - 2014-11-17 10:52 - 00001806 _____ () C:\Users\Public\Desktop\McAfee Internet Security.lnk
2014-11-13 21:29 - 2014-11-16 19:03 - 00000000 ____D () C:\Program Files (x86)\McAfee
2014-11-13 21:29 - 2014-11-13 21:29 - 00000000 ____D () C:\Program Files\McAfee.com
2014-11-13 21:29 - 2014-11-13 21:29 - 00000000 ____D () C:\Program Files (x86)\McAfee.com
2014-11-13 21:29 - 2014-06-20 10:38 - 00072128 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\cfwids.sys
2014-11-13 21:29 - 2014-06-20 10:23 - 00523792 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\mfefirek.sys
2014-11-13 21:29 - 2014-06-20 10:21 - 00313544 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\mfeavfk.sys
2014-11-13 16:09 - 2014-11-13 16:09 - 00002227 _____ () C:\Users\Public\Desktop\AVG 1-Klick-Wartung.lnk
2014-11-13 16:09 - 2014-11-13 16:09 - 00002215 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp 2015.lnk
2014-11-13 16:09 - 2014-11-13 16:09 - 00002203 _____ () C:\Users\Public\Desktop\AVG PC TuneUp 2015.lnk
2014-11-13 16:09 - 2014-11-13 16:09 - 00000000 ____D () C:\Users\schingels\AppData\Roaming\AVG
2014-11-13 16:09 - 2014-11-13 16:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp 2015
2014-11-13 16:09 - 2014-11-13 16:09 - 00000000 ____D () C:\Program Files (x86)\AVG
2014-11-13 16:09 - 2014-10-17 12:34 - 00040248 _____ (AVG Technologies) C:\Windows\system32\TURegOpt.exe
2014-11-13 16:09 - 2014-10-17 12:34 - 00029496 _____ (AVG Technologies) C:\Windows\system32\authuitu.dll
2014-11-13 16:09 - 2014-10-17 12:34 - 00025400 _____ (AVG Technologies) C:\Windows\SysWOW64\authuitu.dll
2014-11-13 16:08 - 2014-11-13 16:08 - 00000000 ____D () C:\Users\schingels\AppData\Local\Avg
2014-11-13 16:05 - 2014-11-14 08:57 - 00000000 ____D () C:\ProgramData\AVG
2014-11-13 14:00 - 2014-11-13 14:00 - 00002982 _____ () C:\Windows\System32\Tasks\{84DD6ED7-F7B5-48B4-98D6-2A9A25D7C8E8}
2014-11-13 13:50 - 2014-11-13 13:50 - 00002982 _____ () C:\Windows\System32\Tasks\{1953C392-23DC-4B98-AD0E-127D828D83ED}
2014-11-13 11:00 - 2014-11-13 11:00 - 00000000 ____D () C:\Windows\System32\Tasks\Apple
2014-11-13 10:19 - 2014-11-13 10:19 - 00000000 __SHD () C:\Users\schingels\AppData\Local\EmieBrowserModeList
2014-11-13 08:55 - 2014-11-13 08:55 - 00098686 _____ () C:\ProgramData\1415864349.bdinstall.bin
2014-11-13 08:39 - 2014-11-13 08:39 - 00037852 _____ () C:\ProgramData\1415864347.bdinstall.bin
2014-11-13 00:54 - 2014-11-13 00:54 - 00000000 ____D () C:\ProgramData\bdch
2014-11-12 21:02 - 2014-11-12 21:02 - 00000000 ____D () C:\Windows\Tasks\ImCleanDisabled
2014-11-12 18:45 - 2014-11-13 09:40 - 00000000 ____D () C:\Users\schingels\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Moo0
2014-11-12 18:45 - 2014-11-13 09:40 - 00000000 ____D () C:\Program Files (x86)\Moo0
2014-11-12 18:09 - 2014-11-12 18:09 - 00319912 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-11-12 18:09 - 2014-11-12 18:09 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-11-12 18:09 - 2014-11-12 18:09 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-11-12 18:09 - 2014-11-12 18:09 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-11-12 18:09 - 2014-11-12 18:09 - 00000000 ____D () C:\Program Files\Java
2014-11-12 09:19 - 2014-06-04 15:17 - 00034080 _____ (IObit) C:\Windows\system32\SmartDefragBootTime.exe
2014-11-12 09:18 - 2014-06-04 15:17 - 00128288 _____ (IObit) C:\Windows\system32\IObitSmartDefragExtension.dll
2014-11-12 09:16 - 2014-11-12 15:09 - 00002862 _____ () C:\Windows\System32\Tasks\Driver Booster SkipUAC (schingels)
2014-11-12 07:18 - 2014-11-07 20:49 - 00388272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-11-12 07:18 - 2014-11-07 20:23 - 00341168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-11-12 07:18 - 2014-11-06 05:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-11-12 07:18 - 2014-11-06 05:03 - 25110016 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-11-12 07:18 - 2014-11-06 05:03 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-11-12 07:18 - 2014-11-06 04:47 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-11-12 07:18 - 2014-11-06 04:46 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-11-12 07:18 - 2014-11-06 04:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-11-12 07:18 - 2014-11-06 04:44 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-11-12 07:18 - 2014-11-06 04:43 - 02884096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-11-12 07:18 - 2014-11-06 04:36 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-11-12 07:18 - 2014-11-06 04:35 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-11-12 07:18 - 2014-11-06 04:31 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-11-12 07:18 - 2014-11-06 04:30 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-11-12 07:18 - 2014-11-06 04:30 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-11-12 07:18 - 2014-11-06 04:29 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-11-12 07:18 - 2014-11-06 04:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-11-12 07:18 - 2014-11-06 04:23 - 06040064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-11-12 07:18 - 2014-11-06 04:20 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-11-12 07:18 - 2014-11-06 04:16 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-11-12 07:18 - 2014-11-06 04:13 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-11-12 07:18 - 2014-11-06 04:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-11-12 07:18 - 2014-11-06 04:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-11-12 07:18 - 2014-11-06 04:10 - 19781632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-11-12 07:18 - 2014-11-06 04:10 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-11-12 07:18 - 2014-11-06 04:07 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-11-12 07:18 - 2014-11-06 04:05 - 02277376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-11-12 07:18 - 2014-11-06 04:04 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-11-12 07:18 - 2014-11-06 04:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-11-12 07:18 - 2014-11-06 04:02 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-11-12 07:18 - 2014-11-06 04:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-11-12 07:18 - 2014-11-06 04:00 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-11-12 07:18 - 2014-11-06 03:59 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-11-12 07:18 - 2014-11-06 03:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-11-12 07:18 - 2014-11-06 03:57 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-11-12 07:18 - 2014-11-06 03:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-11-12 07:18 - 2014-11-06 03:42 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-11-12 07:18 - 2014-11-06 03:41 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-11-12 07:18 - 2014-11-06 03:41 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-11-12 07:18 - 2014-11-06 03:39 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-11-12 07:18 - 2014-11-06 03:38 - 02124288 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-11-12 07:18 - 2014-11-06 03:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-11-12 07:18 - 2014-11-06 03:36 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-11-12 07:18 - 2014-11-06 03:34 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-11-12 07:18 - 2014-11-06 03:30 - 14390272 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-11-12 07:18 - 2014-11-06 03:22 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-11-12 07:18 - 2014-11-06 03:21 - 04298240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-11-12 07:18 - 2014-11-06 03:21 - 02051072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-11-12 07:18 - 2014-11-06 03:20 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-11-12 07:18 - 2014-11-06 03:17 - 02365440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-11-12 07:18 - 2014-11-06 03:04 - 01550336 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-11-12 07:18 - 2014-11-06 03:03 - 12819456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-11-12 07:18 - 2014-11-06 02:53 - 00799232 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-11-12 07:18 - 2014-11-06 02:52 - 01892864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-11-12 07:18 - 2014-11-06 02:48 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-11-12 07:18 - 2014-11-06 02:47 - 00708096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-11-12 07:18 - 2014-11-05 18:56 - 00304640 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-11-12 07:18 - 2014-11-05 18:56 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-11-12 07:18 - 2014-11-05 18:52 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-11-12 07:18 - 2014-10-14 03:16 - 00155064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-11-12 07:18 - 2014-10-14 03:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-11-12 07:18 - 2014-10-14 03:12 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-11-12 07:18 - 2014-10-14 03:09 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2014-11-12 07:18 - 2014-10-14 03:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-11-12 07:18 - 2014-10-14 02:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-11-12 07:18 - 2014-10-14 02:49 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-11-12 07:18 - 2014-10-14 02:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2014-11-12 07:18 - 2014-10-14 02:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2014-11-12 07:17 - 2014-10-25 02:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-11-12 07:17 - 2014-10-25 02:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-11-12 07:17 - 2014-10-14 03:13 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-11-12 07:17 - 2014-10-14 02:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-11-12 07:17 - 2014-10-10 01:57 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-11-12 07:17 - 2014-10-03 03:12 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-11-12 07:17 - 2014-10-03 03:11 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-11-12 07:17 - 2014-10-03 03:11 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-11-12 07:17 - 2014-10-03 03:11 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-11-12 07:17 - 2014-10-03 03:11 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-11-12 07:17 - 2014-10-03 02:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-11-12 07:17 - 2014-10-03 02:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-11-12 07:17 - 2014-10-03 02:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-11-12 07:17 - 2014-09-19 10:42 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-12 07:17 - 2014-09-19 10:42 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-11-12 07:17 - 2014-09-19 10:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-11-12 07:17 - 2014-09-19 10:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-11-12 07:17 - 2014-09-19 10:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-11-12 07:17 - 2014-09-19 10:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-11-12 07:17 - 2014-09-19 10:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-11-12 07:17 - 2014-09-19 10:23 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-11-12 07:17 - 2014-09-19 10:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-11-12 07:17 - 2014-09-19 10:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-11-12 07:17 - 2014-09-19 10:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-11-12 07:17 - 2014-09-19 10:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-11-12 07:17 - 2014-09-19 10:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-11-12 07:17 - 2014-09-19 10:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-11-12 07:17 - 2014-08-21 07:43 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-11-12 07:17 - 2014-08-21 07:40 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-11-12 07:17 - 2014-08-21 07:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-11-12 07:17 - 2014-08-21 07:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-11-12 07:17 - 2014-08-12 03:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2014-11-12 07:17 - 2014-08-12 02:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2014-11-12 07:16 - 2014-10-18 03:05 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-11-12 07:16 - 2014-10-18 02:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-11-11 18:23 - 2014-11-11 19:27 - 00000000 ____D () C:\Program Files (x86)\Kaspersky Lab
2014-11-11 09:20 - 2014-11-14 17:32 - 00000000 ____D () C:\ProgramData\ProductData
2014-11-11 09:20 - 2014-11-13 13:12 - 00000000 ____D () C:\Program Files (x86)\IObit
2014-11-11 09:20 - 2014-11-12 09:16 - 00000000 ____D () C:\Users\schingels\AppData\Roaming\IObit
2014-11-11 09:20 - 2014-11-12 09:16 - 00000000 ____D () C:\ProgramData\IObit
2014-11-11 09:20 - 2014-11-11 09:20 - 00002894 _____ () C:\Windows\System32\Tasks\Uninstaller_SkipUac_schingels
2014-11-11 09:20 - 2014-11-11 09:20 - 00001254 _____ () C:\Users\schingels\AppData\Roaming\Microsoft\Windows\Start Menu\Uninstall Programs.lnk
2014-11-11 09:20 - 2014-11-11 09:20 - 00001230 _____ () C:\Users\Public\Desktop\IObit Uninstaller.lnk
2014-11-11 09:20 - 2014-11-11 09:20 - 00000000 ____D () C:\Users\schingels\AppData\Roaming\ProductData
2014-11-11 09:18 - 2014-11-11 09:18 - 00210757 _____ () C:\ProgramData\1415693093.bdinstall.bin
2014-11-11 09:04 - 2014-11-14 08:56 - 00000000 ____D () C:\Users\schingels\AppData\Roaming\QuickScan
2014-11-10 16:00 - 2014-11-10 16:00 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-11-10 15:00 - 2014-11-10 15:00 - 00000000 ____D () C:\Program Files (x86)\Google
2014-11-09 16:47 - 2014-11-11 00:20 - 00000000 ____D () C:\ProgramData\Package Cache
2014-11-09 16:47 - 2014-11-09 16:47 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-11-09 16:45 - 2014-11-09 16:45 - 00000000 ____D () C:\Users\schingels\AppData\Roaming\Avira
2014-11-09 16:25 - 2014-11-11 00:20 - 00000000 ____D () C:\Users\schingels\AppData\Local\Tempf7eddb6ee0afd360be7fc7f5e70ab6ce
2014-11-09 16:25 - 2014-11-11 00:20 - 00000000 ____D () C:\Users\schingels\AppData\Local\Temp991f313088b215d209d2d97e3c209801
2014-11-09 16:25 - 2014-11-11 00:20 - 00000000 ____D () C:\Users\schingels\AppData\Local\Temp1270dc5f1665619a7e9941f8e54ac8ef
2014-11-07 10:44 - 2014-11-07 10:44 - 00003350 _____ () C:\Windows\System32\Tasks\SpyHunter4Startup
2014-11-07 10:44 - 2014-11-07 10:44 - 00000000 ____D () C:\Users\schingels\AppData\Roaming\Enigma Software Group
2014-11-07 10:44 - 2014-11-07 10:44 - 00000000 ____D () C:\sh4ldr
2014-11-07 09:12 - 2014-11-07 10:44 - 00022704 _____ () C:\Windows\system32\Drivers\EsgScanner.sys
2014-11-07 09:12 - 2014-11-07 10:43 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-11-07 08:28 - 2014-11-07 08:28 - 00000000 ____D () C:\Users\schingels\AppData\Local\Tempad3126ee63524b68efcd1700a6640da9
2014-11-07 08:28 - 2014-11-07 08:28 - 00000000 ____D () C:\Users\schingels\AppData\Local\Temp68d1ed6af116173792cd0c0fe2aaeb86
2014-11-06 07:53 - 2014-11-17 12:16 - 00000000 ____D () C:\FRST
2014-11-05 10:16 - 2014-11-05 10:16 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-11-04 06:32 - 2014-09-05 03:11 - 06584320 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-11-04 06:32 - 2014-09-05 02:52 - 05703168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-11-02 09:37 - 2013-10-02 03:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2014-11-02 09:37 - 2013-10-02 03:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2014-11-02 09:37 - 2013-10-02 03:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2014-11-02 09:37 - 2013-10-02 02:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2014-11-02 09:37 - 2013-10-02 02:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2014-11-02 09:37 - 2013-10-02 02:29 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-11-02 09:37 - 2013-10-02 02:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2014-11-02 09:37 - 2013-10-02 01:15 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2014-11-02 09:37 - 2013-10-02 01:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2014-11-02 09:37 - 2013-10-02 01:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2014-11-02 09:37 - 2013-10-02 01:08 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2014-11-02 09:37 - 2013-10-02 01:01 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2014-11-02 09:37 - 2013-10-02 00:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-11-02 09:37 - 2013-10-02 00:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-11-02 09:37 - 2013-10-02 00:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2014-11-02 09:37 - 2013-10-01 23:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-10-31 21:24 - 2014-10-31 21:24 - 00000904 _____ () C:\Users\schingels\Desktop\TapinRadio.lnk
2014-10-31 21:24 - 2014-10-31 21:24 - 00000000 ____D () C:\Users\schingels\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TapinRadio
2014-10-21 10:03 - 2014-11-07 07:05 - 00003156 _____ () C:\Windows\System32\Tasks\AdvancedDriverUpdaterRunAtStartup
2014-10-21 09:50 - 2014-10-21 09:50 - 00000987 _____ () C:\Users\Public\Desktop\Ashampoo Internet Accelerator 3.lnk
2014-10-21 08:16 - 2014-10-21 08:16 - 00001226 _____ () C:\Users\Public\Desktop\Ein-Klick-Optimierung (WO11).lnk
2014-10-21 08:16 - 2014-10-21 08:16 - 00000974 _____ () C:\Users\Public\Desktop\Ashampoo WinOptimizer 11.lnk

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-17 12:12 - 2014-08-28 11:17 - 00005166 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for schingels-PC-schingels schingels-PC
2014-11-17 10:56 - 2009-07-14 05:45 - 00009696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-17 10:56 - 2009-07-14 05:45 - 00009696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-17 10:49 - 2014-02-18 15:03 - 00000000 ____D () C:\Users\schingels\Documents\Mein Steuer-Sparbuch Heute
2014-11-17 10:48 - 2013-09-10 17:57 - 00000000 ____D () C:\Users\schingels\AppData\Roaming\Wise Care 365
2014-11-17 10:48 - 2013-09-10 17:03 - 00002056 _____ () C:\Users\Public\Desktop\Wise Care 365.lnk
2014-11-17 10:47 - 2013-09-10 18:00 - 00000430 _____ () C:\Windows\Tasks\Wise Care 365.job
2014-11-17 10:47 - 2011-11-23 15:28 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-11-17 10:47 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-17 10:40 - 2014-04-10 16:26 - 00000000 ____D () C:\Users\schingels\Documents\Recover Keys Online Store-Dateien
2014-11-17 10:40 - 2014-01-04 16:38 - 00000000 ____D () C:\Users\schingels\Documents\Sparkasse Westholstein (22250020) - SEPA Überweisung-Dateien
2014-11-16 19:10 - 2014-06-23 17:20 - 00002942 _____ () C:\Windows\System32\Tasks\{D618E339-78DC-4056-AE3D-3870DD7D936B}
2014-11-16 19:10 - 2014-06-23 17:19 - 00002942 _____ () C:\Windows\System32\Tasks\{4565DE98-4314-48CE-B670-D1CA4F40EB2F}
2014-11-16 09:51 - 2011-02-19 05:24 - 00730014 _____ () C:\Windows\system32\perfh007.dat
2014-11-16 09:51 - 2011-02-19 05:24 - 00159592 _____ () C:\Windows\system32\perfc007.dat
2014-11-16 09:51 - 2009-07-14 06:13 - 01690812 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-14 18:14 - 2013-10-14 18:28 - 00000000 ____D () C:\ProgramData\McAfee
2014-11-14 17:15 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-11-14 09:18 - 2014-01-21 20:01 - 00000000 ____D () C:\AdwCleaner
2014-11-14 07:35 - 2013-10-14 19:23 - 00000000 ____D () C:\Program Files\Common Files\McAfee
2014-11-13 21:30 - 2013-10-14 19:23 - 00000000 ____D () C:\Program Files\McAfee
2014-11-13 16:34 - 2013-12-22 15:36 - 00000000 ____D () C:\Program Files\stinger
2014-11-13 16:08 - 2013-09-10 17:58 - 00000000 ____D () C:\Program Files (x86)\TuneUp Utilities 2013
2014-11-13 13:12 - 2014-07-30 13:47 - 00000000 __SHD () C:\Nsi.pending
2014-11-13 10:13 - 2013-12-27 17:39 - 00000000 ____D () C:\Users\schingels\AppData\Roaming\Steganos
2014-11-13 09:16 - 2011-04-13 03:47 - 00000000 ____D () C:\Program Files (x86)\ASUS
2014-11-13 09:06 - 2014-08-28 07:29 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-11-13 08:15 - 2014-06-24 09:31 - 00000000 ____D () C:\Users\schingels\AppData\Local\620966BE-20EC-402D-ADC7-17A075A3742B.aplzod
2014-11-12 22:30 - 2011-11-23 15:31 - 00000000 ____D () C:\Program Files (x86)\Realtek
2014-11-12 22:30 - 2011-11-23 15:22 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-11-12 21:19 - 2011-11-23 15:45 - 00004140 _____ () C:\Windows\system32\AutoRunFilter.ini
2014-11-12 20:43 - 2013-04-02 19:22 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-11-12 16:58 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-11-12 15:32 - 2013-04-02 19:22 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-11-12 15:32 - 2012-05-27 21:29 - 00000000 ____D () C:\Users\schingels\AppData\Local\Adobe
2014-11-12 15:32 - 2012-04-02 17:26 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-11-12 15:32 - 2011-12-25 20:29 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-11-12 15:20 - 2012-05-27 21:28 - 00000000 ____D () C:\ProgramData\Adobe
2014-11-12 15:07 - 2011-11-23 15:45 - 00002660 _____ () C:\Windows\system32\ServiceFilter.ini
2014-11-12 14:47 - 2014-10-17 08:27 - 04918960 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-11-12 14:43 - 2014-05-01 05:25 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-11-12 08:45 - 2009-07-29 07:03 - 00000000 ____D () C:\Windows\Panther
2014-11-12 07:43 - 2013-07-19 23:02 - 00000000 ____D () C:\Windows\system32\MRT
2014-11-12 07:36 - 2011-12-16 00:45 - 103374192 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-11-11 19:27 - 2014-01-21 17:53 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-11-11 18:48 - 2013-09-10 16:51 - 00000000 ____D () C:\Program Files (x86)\COMPUTERBILD-Abzockschutz
2014-11-11 18:33 - 2013-10-11 18:16 - 00000000 ____D () C:\ProgramData\Apple
2014-11-11 18:33 - 2013-10-11 18:16 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-11-11 18:26 - 2012-02-26 23:04 - 00000000 ____D () C:\Users\schingels\AppData\Roaming\DVDVideoSoft
2014-11-11 18:23 - 2012-09-03 19:25 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-11-11 18:18 - 2011-11-23 15:41 - 00000000 ____D () C:\Program Files (x86)\Renesas Electronics
2014-11-11 17:55 - 2011-12-15 19:45 - 00000000 ___HD () C:\ASUS.DAT
2014-11-11 17:55 - 2011-11-23 15:50 - 00000000 ____D () C:\Program Files (x86)\CyberLink
2014-11-11 17:55 - 2011-11-23 15:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS Utility
2014-11-11 17:52 - 2011-11-23 15:50 - 00000000 ____D () C:\ProgramData\CyberLink
2014-11-11 09:30 - 2013-10-21 19:34 - 00000000 ____D () C:\Program Files (x86)\concept design
2014-11-11 09:22 - 2013-10-11 18:18 - 00000000 ____D () C:\Users\schingels\AppData\Roaming\Apple Computer
2014-11-11 00:20 - 2013-10-23 19:04 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2014-11-11 00:20 - 2011-11-23 15:44 - 00000000 ____D () C:\ProgramData\P4G
2014-11-11 00:20 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration
2014-11-10 20:42 - 2013-09-12 07:13 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-11-10 15:36 - 2011-12-15 19:44 - 00000000 ____D () C:\Users\schingels
2014-11-09 16:47 - 2013-10-13 19:33 - 00000000 ____D () C:\ProgramData\Avira
2014-11-04 08:08 - 2009-07-14 06:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-11-03 10:59 - 2012-05-01 12:44 - 00000000 ____D () C:\Users\schingels\AppData\Local\Windows Live
2014-11-02 10:03 - 2012-10-07 21:13 - 00000000 ____D () C:\Windows\SysWOW64\NV
2014-11-02 10:03 - 2012-10-07 21:13 - 00000000 ____D () C:\Windows\system32\NV
2014-11-02 10:02 - 2009-07-14 04:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-11-01 09:56 - 2009-07-14 06:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-10-31 13:22 - 2014-03-11 17:30 - 00000000 ____D () C:\Users\schingels\AppData\Roaming\ALFBanCo5
2014-10-31 13:22 - 2014-03-11 17:30 - 00000000 ____D () C:\ProgramData\AlfBanCo5
2014-10-31 05:06 - 2014-08-22 05:17 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-10-31 05:06 - 2014-08-22 05:17 - 00000000 ____D () C:\Program Files (x86)\Java
2014-10-27 08:57 - 2014-08-22 14:46 - 00000000 ____D () C:\Users\schingels\AppData\Roaming\Steganos VPN
2014-10-24 08:05 - 2014-01-29 17:09 - 00000000 ____D () C:\Users\schingels\AppData\Local\Microsoft Help
2014-10-24 08:05 - 2013-09-11 08:16 - 00003704 _____ () C:\Windows\System32\Tasks\Java Update Scheduler
2014-10-24 06:39 - 2013-11-01 20:51 - 00000000 ____D () C:\ProgramData\Oracle
2014-10-24 06:39 - 2013-11-01 20:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-10-24 05:55 - 2013-09-10 17:48 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-10-22 06:20 - 2013-10-11 18:17 - 00000000 ____D () C:\Users\schingels\AppData\Local\Apple
2014-10-21 09:50 - 2013-09-10 16:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo
2014-10-21 09:50 - 2013-09-10 16:44 - 00000000 ____D () C:\ProgramData\ashampoo
2014-10-21 08:19 - 2013-09-10 16:52 - 00000000 ____D () C:\Users\schingels\AppData\Local\Ashampoo Photo Optimizer 4

Files to move or delete:
====================
C:\ProgramData\nud0repor.pad


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2013-10-31 00:16

==================== End Of Log ============================

--- --- ---

--- --- ---

ggoettling · 17.11.2014, 12:31

Code:

ATTFilter

Ran by schingels at 2014-11-17 12:20:28
Running from D:\Users\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892}
AS: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {16C7C823-5972-5907-58FA-0004E2F9422F}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Firewall (Enabled) {959DA8E2-3527-57D1-4915-924367AD4FE9}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

1&1 Surf-Stick (HKLM-x32\...\{A9E5EDA7-2E6C-49E7-924B-A32B89C24A04}) (Version: 1.0.0.2 - )
1&1 Upload-Manager (HKLM-x32\...\1&1 Upload-Manager) (Version: 2.0.676 - 1&1 Internet AG)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.223 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.223 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
ALF-BanCo 5 (HKLM-x32\...\Alf-BanCo5_is1) (Version: 5.3.5 - ALF AG)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Ashampoo Burning Studio 2012 v10.0.15 (HKLM-x32\...\Ashampoo Burning Studio 2012_is1) (Version: 10.0.15 - Ashampoo GmbH & Co. KG)
Ashampoo Internet Accelerator 3 v.3.30 (HKLM-x32\...\{4209F371-C803-200D-89A4-5479B6569259}_is1) (Version: 3.3.0 - Ashampoo GmbH & Co. KG)
Ashampoo Photo Commander 9 v.9.4.3 (HKLM-x32\...\Ashampoo Photo Commander 9_is1) (Version: 9.4.3 - Ashampoo GmbH & Co. KG)
Ashampoo Photo Optimizer 4 v.4.0.3 (HKLM-x32\...\Ashampoo Photo Optimizer 4_is1) (Version: 4.0.3 - Ashampoo GmbH & Co. KG)
Ashampoo WinOptimizer 11 v.11.00.41 (HKLM-x32\...\{4209F371-8D72-8119-66FA-897D2D41E27F}_is1) (Version: 11.00.41 - Ashampoo GmbH & Co. KG)
Ashampoo WinOptimizer 2014 v.1.0.0 (HKLM-x32\...\{4209F371-99CD-68CB-1C29-9910F8F9BD96}_is1) (Version: 1.0.0 - Ashampoo GmbH & Co. KG)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.0.22 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{33B98264-A889-4913-A0CA-C364A75032B3}) (Version: 1.1.45 - ASUS)
ASUS SmartLogon (HKLM-x32\...\{64452561-169F-4A36-A2FF-B5E118EC65F5}) (Version: 1.0.0011 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.02.0031 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{AECA3622-E634-4A55-A696-70A511CBE06E}) (Version: 2.0.0 - AsusTek Computer Inc.)
ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.21 - asus)
AVG PC TuneUp 2015 (de-DE) (x32 Version: 15.0.1001.185 - AVG Technologies) Hidden
AVG PC TuneUp 2015 (HKLM-x32\...\AVG PC TuneUp) (Version: 15.0.1001.185 - AVG Technologies)
AVG PC TuneUp 2015 (x32 Version: 15.0.1001.185 - AVG Technologies) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 3.22 - Piriform)
COMPUTERBILD-Abzockschutz (HKLM-x32\...\{2664E454-FECE-42E9-A7EF-6B5EB62AC67B}) (Version: 1.0.58 - J3S)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
ETDWare PS/2-X64 8.0.5.1_WHQL (HKLM\...\Elantech) (Version: 8.0.5.1 - ELAN Microelectronic Corp.)
Fast Boot (HKLM\...\{13F4A7F3-EABC-4261-AF6B-1317777F0755}) (Version: 1.0.9 - ASUS)
FileViewPro (HKLM\...\FileViewPro_is1) (Version: 4.0 - Solvusoft Corporation)
Free PDF to Word Doc Converter v1.1 (HKLM-x32\...\Free PDF to Word Doc Converter_is1) (Version: 1.1 - www.hellopdf.com)
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Update Helper (x32 Version: 1.3.21.153 - Google Inc.) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.2.1004 - Intel Corporation)
Intel(R) Turbo Boost Technology Monitor 2.0 (HKLM\...\{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}) (Version: 2.1.23.0 - Intel)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 4.0.4.30 - IObit)
iTunes (HKLM\...\{1CF5754A-545B-4360-BFDE-2847BC728DFC}) (Version: 11.2.0.115 - Apple Inc.)
Java 7 Update 67 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417067FF}) (Version: 7.0.670 - Oracle)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
McAfee Internet Security (HKLM-x32\...\MSC) (Version: 12.8.992 - McAfee, Inc.)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 15.0.4659.1001 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-733679015-3351541572-3055150241-1001\...\OneDriveSetup.exe) (Version: 17.3.1229.0918 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mobile Partner (HKLM-x32\...\Mobile Partner) (Version: 21.005.15.02.382 - Huawei Technologies Co.,Ltd)
Mozilla Firefox 33.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 33.1 (x86 de)) (Version: 33.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.0 - Mozilla)
NVIDIA 3D Vision Treiber 314.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 314.22 - NVIDIA Corporation)
NVIDIA Grafiktreiber 314.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 314.22 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.23.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.23.1 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.12.1031 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA Update 1.12.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.12.12 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4659.1001 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4659.1001 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4659.1001 - Microsoft Corporation) Hidden
Paragon Backup and Recovery™ 2014 Free (HKLM\...\{C268B5E1-A5DA-11DF-A289-005056C00008}) (Version: 90.00.0003 - Paragon Software)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6370 - Realtek Semiconductor Corp.)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Ship Simulator Extremes (HKLM-x32\...\ShipSimExtremes) (Version:  - )
System Requirements Lab (HKLM-x32\...\SystemRequirementsLab) (Version:  - )
TapinRadio 1.60.1 (HKU\S-1-5-21-733679015-3351541572-3055150241-1001\...\TapinRadio_is1) (Version:  - Raimersoft)
TomTom HOME (HKLM-x32\...\{7A2BB1C8-903D-4585-9F3B-CADD67D07D37}) (Version: 2.9.8 - Ihr Firmenname)
TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
TuneUp Utilities Language Pack (de-DE) (x32 Version: 13.0.4000.245 - TuneUp Software) Hidden
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (HKLM-x32\...\{C32CE55C-12BA-4951-8797-0967FDEF556F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinRAR 4.01 (32-Bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
WinRAR 5.11 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)
Wireless Console 3 (HKLM-x32\...\{8150221C-8F7E-4997-AD4E-AFDEE7F4B410}) (Version: 3.0.21 - ASUS)
Wise Care 365 3.21 (HKLM-x32\...\Wise Care 365_is1) (Version: 3.21 - WiseCleaner.com, Inc.)
Wise Care 365 version 2.03 (HKLM-x32\...\{E864A1C8-EEE1-47D0-A7F8-00CC86D26D5E}_is1) (Version: 2.9.3 - WiseCleaner.com, Inc.)
WISO Steuer-Sparbuch 2013 (HKU\S-1-5-21-733679015-3351541572-3055150241-1001\...\{D6CC2FAF-F827-4091-96A1-D32CC9B69C79}) (Version: 20.02.8171 - Buhl Data Service GmbH)
WISO Steuer-Sparbuch 2014 (HKLM-x32\...\{2D3BBBB5-C1F2-44B2-B754-4A47C2F8EF5F}) (Version: 21.00.8480 - Buhl Data Service GmbH)
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
بريد Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
معرض صور Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-733679015-3351541572-3055150241-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\schingels\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-733679015-3351541572-3055150241-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\schingels\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-733679015-3351541572-3055150241-1001_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\schingels\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-733679015-3351541572-3055150241-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\schingels\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-733679015-3351541572-3055150241-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\schingels\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\FileSyncApi64.dll (Microsoft Corporation)

==================== Restore Points  =========================

14-11-2014 08:31:31 IObit Uninstaller restore point

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {021F5962-CFBB-4D7B-866A-6007A3ED7044} - System32\Tasks\ASUS SmartLogon Console Sensor => C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe [2010-11-15] (ASUS)
Task: {12599037-6BE6-40AE-ACD3-38C3324BB643} - System32\Tasks\{1953C392-23DC-4B98-AD0E-127D828D83ED} => Firefox.exe 
Task: {1D55F36F-1ABC-45A6-BE11-0DA43363CBD7} - \Feven 1.2-chromeinstaller No Task File <==== ATTENTION
Task: {237B1A2F-C0D2-4EBF-93D6-FAC026DE1728} - System32\Tasks\Wise Turbo Checker => C:\Program Files (x86)\Wise\Wise Care 365\WiseTurbo.exe [2014-07-07] (WiseCleaner.COM)
Task: {28CBFA2D-3602-448E-92B6-8C212C21C46C} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2014-09-25] (Microsoft Corporation)
Task: {2C815E4E-327C-4F85-A0A7-01C02411528E} - System32\Tasks\SpyHunter4Startup => C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe
Task: {40BF27A8-9327-4AB7-AF0D-5FF03176D93D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2012-08-22] (Piriform Ltd)
Task: {4476F211-03EC-4AC6-B6F5-C1C50323522F} - \Feven 1.2-firefoxinstaller No Task File <==== ATTENTION
Task: {4B9F2ABF-4563-4802-A703-F115A4E2E3C0} - System32\Tasks\{9E32BAA2-B2F8-4BD8-9432-33043FBD0A96} => C:\Program Files\McAfee.com\Agent\mcagent.exe [2014-04-25] (McAfee, Inc.)
Task: {4D35DD80-8C0F-429E-ADDF-04A1D49DD898} - \Feven 1.2-enabler No Task File <==== ATTENTION
Task: {4E18AC64-CCD9-4CE6-B493-90E7DFA57CEB} - \Plus-HD-4.8-chromeinstaller No Task File <==== ATTENTION
Task: {502C0A29-99A7-4AE1-8868-A42D3C395C9C} - System32\Tasks\Driver Booster SkipUAC (schingels) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
Task: {567A3220-700B-417E-A7D4-D4411046E048} - System32\Tasks\{84DD6ED7-F7B5-48B4-98D6-2A9A25D7C8E8} => Firefox.exe 
Task: {577E01DE-D214-4816-A3B4-098CA767F0F6} - \Plus-HD-4.8-codedownloader No Task File <==== ATTENTION
Task: {5DA1326E-C3AD-40A9-B6FD-3A04EFE28854} - \Moo0 System Monitor 1.76 No Task File <==== ATTENTION
Task: {5F607E55-BB1B-4F28-A027-4EC4941782E2} - \Feven 1.2-updater No Task File <==== ATTENTION
Task: {5FEA9A87-FC8A-409B-825B-7DB6F19076C5} - \Plus-HD-4.8-firefoxinstaller No Task File <==== ATTENTION
Task: {71438C46-60DC-49A5-9AD5-630F103ABDA8} - System32\Tasks\Microsoft\Windows\RestartManager\{8CD67240-5EA8-4dbc-B9C5-76C5AFC5BD01} => C:\Windows\system32\rmclient.exe [2009-07-14] (Microsoft Corporation)
Task: {73B543E7-7F4A-4EE1-8644-A434A97105D7} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-09-25] (Microsoft Corporation)
Task: {82BA10E0-53E7-4614-91CC-6E57C39D1720} - \Plus-HD-4.8-enabler No Task File <==== ATTENTION
Task: {846DC964-CCE9-4F45-9914-7B92BED3E225} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {8FA7B28D-F6DA-4778-9308-5B5E35C0B8C0} - \Plus-HD-4.8-updater No Task File <==== ATTENTION
Task: {9096B9AA-D865-4850-9E99-BF4CFC1D4E66} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21] (Adobe Systems Incorporated)
Task: {9258562A-395D-4448-A80C-30B588206B71} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-10-07] (Oracle Corporation)
Task: {94D79261-968E-4D91-90C2-BA2BB058D3CA} - System32\Tasks\Abelssoft\Updater scan => C:\Program Files (x86)\CHIP Updater\CHIPUpdater.exe
Task: {963B6A25-005D-452D-9B23-8EDEF0F920CA} - System32\Tasks\RunAsStdUser Task for VeohWebPlayer => C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\veohwebplayer.exe
Task: {9BE4943D-1225-4F33-86BC-AD4EAC3B1659} - System32\Tasks\{D618E339-78DC-4056-AE3D-3870DD7D936B} => D:\Users\Downloads\DAVSRV.EXE [2011-11-21] (1&1 Internet AG)
Task: {A08D041D-720C-4255-B41E-AEEAE6E38820} - System32\Tasks\Microsoft Office 15 Sync Maintenance for schingels-PC-schingels schingels-PC => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2014-09-16] (Microsoft Corporation)
Task: {A301327C-9C30-4237-A79A-22BC22EA3E8B} - System32\Tasks\Wise Care 365 => C:\Program Files (x86)\Wise\Wise Care 365\WiseTray.exe [2014-07-18] (WiseCleaner.com)
Task: {A520D054-C138-488D-B603-C134313F10CE} - System32\Tasks\{4C385B33-91AE-40F5-891A-8231887D2EF0} => Firefox.exe 
Task: {ABAA8D8C-81F4-4B65-BDA8-6408D8CB56C8} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe
Task: {B4639BAA-57B3-489A-8A8D-0045600A6723} - System32\Tasks\{4565DE98-4314-48CE-B670-D1CA4F40EB2F} => D:\Users\Downloads\DAVSRV.EXE [2011-11-21] (1&1 Internet AG)
Task: {BA62A6F4-7E91-49F6-997A-6F856A4D75BC} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-12] (Adobe Systems Incorporated)
Task: {BE89B061-6535-46E1-BED2-443CF0A7EC8B} - System32\Tasks\{2E0A5BC6-3A1C-4594-A5D9-03B1D54913D7} => D:\Users\Backup Handy\Mobile Partner\Mobile Partner.exe [2014-09-27] ()
Task: {C3D8D876-B1FC-457C-8A98-BAF968F8A828} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\AVG\AVG PC TuneUp\OneClick.exe [2014-10-17] (AVG Technologies)
Task: {C5ED3241-CC04-4E85-B37D-1B2B693650E5} - System32\Tasks\ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2010-08-02] (ASUS)
Task: {CFEAFC92-97D9-4C33-99B3-C10168CD7245} - System32\Tasks\Uninstaller_SkipUac_schingels => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2014-11-11] (IObit)
Task: {D152B3E6-095E-41D0-A4E5-CC2999012C57} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe
Task: {D1B8D3EE-3FD3-4163-86CA-B3803A600D9C} - System32\Tasks\ASUS P4G => C:\Program Files\P4G\BatteryLife.exe [2011-06-01] (ASUS)
Task: {D406C7FA-24A7-47DC-9F42-A33FAF13EEAC} - System32\Tasks\AdvancedDriverUpdaterRunAtStartup => C:\Program Files (x86)\Advanced Driver Updater\adu.exe
Task: {E48CE7A2-11BF-465B-9EF4-4C3797CAD2AF} - System32\Tasks\{C6602E39-CEE7-453F-8873-21F65A16150A} => Firefox.exe 
Task: {E7CCAB70-1251-4BEB-AD08-8ABAD64020A0} - System32\Tasks\{B0E86049-C9E4-4FB7-81CD-7112024A96B8} => C:\Users\schingels\Desktop\Downloads\World-of-Warcraft-Setup-deDE.exe
Task: {F29F0625-D113-43D0-9B06-F514FA400FF3} - \Feven 1.2-codedownloader No Task File <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Wise Care 365.job => C:\Program Files (x86)\Wise\Wise Care 365\WiseTray.exe
Task: C:\Windows\Tasks\Wise Turbo Checker.job => C:\Program Files (x86)\Wise\Wise Care 365\WiseTurbo.exe

==================== Loaded Modules (whitelisted) =============

2012-10-07 21:09 - 2013-03-15 05:16 - 00086304 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-03-21 04:30 - 2014-05-20 08:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2011-03-14 16:27 - 2011-03-14 16:27 - 00346976 _____ () C:\ProgramData\DatacardService\HWDeviceService64.exe
2014-09-27 18:44 - 2014-09-27 18:43 - 00239968 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe
2014-10-17 12:34 - 2014-10-17 12:34 - 00699704 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\avgrepliba.dll
2014-10-21 08:15 - 2014-08-05 10:02 - 00223600 _____ () D:\Users\Ashampoo Internet Accelerator 3\Ashampoo WinOptimizer 11\LiveTunerService.exe
2014-10-17 12:34 - 2014-10-17 12:34 - 00835896 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\tulnga.dll
2014-09-27 18:43 - 2014-09-27 18:43 - 00514048 _____ () D:\Users\Backup Handy\Mobile Partner\Mobile Partner.exe
2011-06-20 15:01 - 2011-03-26 08:29 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2010-11-30 00:04 - 2010-11-30 00:04 - 00403968 _____ () C:\Program Files\Intel\TurboBoost\de\SignalIslandUi.resources.dll
2014-02-18 15:00 - 2014-03-13 21:32 - 01398064 _____ () C:\WISO\Steuersoftware 2013\mshaktuell.exe
2014-09-27 18:44 - 2014-09-27 18:43 - 00011362 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\mingwm10.dll
2014-09-27 18:44 - 2014-09-27 18:43 - 00043008 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\libgcc_s_dw2-1.dll
2014-09-27 18:44 - 2014-09-27 18:43 - 02415104 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QtCore4.dll
2014-09-27 18:44 - 2014-09-27 18:43 - 01148416 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QtNetwork4.dll
2014-09-27 18:44 - 2014-09-27 18:43 - 00383488 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QueryStrategy.dll
2014-09-27 18:44 - 2014-09-27 18:43 - 00398336 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QtXml4.dll
2014-09-27 18:43 - 2014-09-27 18:43 - 00427008 _____ () D:\Users\Backup Handy\Mobile Partner\core.dll
2014-09-27 18:43 - 2014-09-27 18:43 - 00264192 _____ () D:\Users\Backup Handy\Mobile Partner\sdk.dll
2014-09-27 18:43 - 2014-09-27 18:43 - 00011362 _____ () D:\Users\Backup Handy\Mobile Partner\mingwm10.dll
2014-09-27 18:43 - 2014-09-27 18:43 - 00043008 _____ () D:\Users\Backup Handy\Mobile Partner\libgcc_s_dw2-1.dll
2014-09-27 18:43 - 2014-09-27 18:43 - 02415104 _____ () D:\Users\Backup Handy\Mobile Partner\QtCore4.dll
2014-09-27 18:43 - 2014-09-27 18:43 - 09515520 _____ () D:\Users\Backup Handy\Mobile Partner\QtGui4.dll
2014-09-27 18:43 - 2014-09-27 18:43 - 00382464 _____ () D:\Users\Backup Handy\Mobile Partner\Proxy.DLL
2014-09-27 18:43 - 2014-09-27 18:43 - 00218112 _____ () D:\Users\Backup Handy\Mobile Partner\Common.dll
2014-09-27 18:43 - 2014-09-27 18:43 - 00135168 _____ () D:\Users\Backup Handy\Mobile Partner\Trace.dll
2014-09-27 18:43 - 2014-09-27 18:43 - 00545280 _____ () D:\Users\Backup Handy\Mobile Partner\PluginContainer.dll
2014-09-27 18:43 - 2014-09-27 18:43 - 00238080 _____ () D:\Users\Backup Handy\Mobile Partner\AtCodec.dll
2014-09-27 18:43 - 2014-09-27 18:43 - 00301056 _____ () D:\Users\Backup Handy\Mobile Partner\DeviceSrvPlugin.dll
2014-09-27 18:43 - 2014-09-27 18:43 - 00237568 _____ () D:\Users\Backup Handy\Mobile Partner\NetSrvPlugin.dll
2014-09-27 18:43 - 2014-09-27 18:43 - 00133120 _____ () D:\Users\Backup Handy\Mobile Partner\OSDialup.dll
2014-09-27 18:43 - 2014-09-27 18:43 - 00159744 _____ () D:\Users\Backup Handy\Mobile Partner\XCodec.dll
2014-09-27 18:43 - 2014-09-27 18:43 - 00157184 _____ () D:\Users\Backup Handy\Mobile Partner\DataServicePlugin.dll
2014-09-27 18:43 - 2014-09-27 18:43 - 00176128 _____ () D:\Users\Backup Handy\Mobile Partner\CallSrvPlugin.dll
2014-09-27 18:43 - 2014-09-27 18:43 - 00264704 _____ () D:\Users\Backup Handy\Mobile Partner\AddrBookSrvPlugin.dll
2014-09-27 18:43 - 2014-09-27 18:43 - 00217600 _____ () D:\Users\Backup Handy\Mobile Partner\SmsSrvPlugin.dll
2014-09-27 18:43 - 2014-09-27 18:43 - 00142336 _____ () D:\Users\Backup Handy\Mobile Partner\USSDSrvPlugin.dll
2014-09-27 18:43 - 2014-09-27 18:43 - 00156672 _____ () D:\Users\Backup Handy\Mobile Partner\STKSrvPlugin.dll
2014-09-27 18:43 - 2014-09-27 18:43 - 00338432 _____ () D:\Users\Backup Handy\Mobile Partner\DeviceAppPlugin.dll
2014-09-27 18:43 - 2014-09-27 18:43 - 00065536 _____ () D:\Users\Backup Handy\Mobile Partner\OSPowerMgr.dll
2014-09-27 18:43 - 2014-09-27 18:43 - 00114688 _____ () D:\Users\Backup Handy\Mobile Partner\Win7Support.dll
2014-09-27 18:43 - 2014-09-27 18:43 - 01078272 _____ () D:\Users\Backup Handy\Mobile Partner\AddrBookPlugin.dll
2014-09-27 18:43 - 2014-09-27 18:43 - 00670720 _____ () D:\Users\Backup Handy\Mobile Partner\SmsAppPlugin.dll
2014-09-27 18:43 - 2014-09-27 18:43 - 00550400 _____ () D:\Users\Backup Handy\Mobile Partner\CallAppPlugin.dll
2014-09-27 18:43 - 2014-09-27 18:43 - 00547840 _____ () D:\Users\Backup Handy\Mobile Partner\CallLogSrvPlugin.dll
2014-09-27 18:43 - 2014-09-27 18:43 - 00158720 _____ () D:\Users\Backup Handy\Mobile Partner\NetConnectSrvPlugin.dll
2014-09-27 18:43 - 2014-09-27 18:43 - 00211968 _____ () D:\Users\Backup Handy\Mobile Partner\DialUpPlugin.dll
2014-09-27 18:43 - 2014-09-27 18:43 - 00101376 _____ () D:\Users\Backup Handy\Mobile Partner\OSAdapt.dll
2014-09-27 18:43 - 2014-09-27 18:43 - 00180224 _____ () D:\Users\Backup Handy\Mobile Partner\NDISPlugin.dll
2014-09-27 18:43 - 2014-09-27 18:43 - 00131072 _____ () D:\Users\Backup Handy\Mobile Partner\OSNDIS.dll
2014-09-27 18:43 - 2014-09-27 18:43 - 01101824 _____ () D:\Users\Backup Handy\Mobile Partner\NDISAPI.dll
2014-09-27 18:43 - 2014-09-27 18:43 - 00278528 _____ () D:\Users\Backup Handy\Mobile Partner\NetInfoSrvPlugin.dll
2014-09-27 18:43 - 2014-09-27 18:43 - 00062976 _____ () D:\Users\Backup Handy\Mobile Partner\OSCall.dll
2014-09-27 18:43 - 2014-09-27 18:43 - 00538624 _____ () D:\Users\Backup Handy\Mobile Partner\DeviceMgrUIPlugin.dll
2014-09-27 18:43 - 2014-09-27 18:43 - 00398336 _____ () D:\Users\Backup Handy\Mobile Partner\QtXml4.dll
2014-09-27 18:43 - 2014-09-27 18:43 - 00123392 _____ () D:\Users\Backup Handy\Mobile Partner\ATR2SMgr.dll
2014-09-27 18:43 - 2014-09-27 18:43 - 00184832 _____ () D:\Users\Backup Handy\Mobile Partner\XFramePlugin.dll
2014-09-27 18:43 - 2014-09-27 18:43 - 00307200 _____ () D:\Users\Backup Handy\Mobile Partner\StatusBarMgrPlugin.dll
2014-09-27 18:43 - 2014-09-27 18:43 - 00117760 _____ () D:\Users\Backup Handy\Mobile Partner\LayoutPlugin.dll
2014-09-27 18:43 - 2014-09-27 18:43 - 00441856 _____ () D:\Users\Backup Handy\Mobile Partner\DialupUIPlugin.dll
2014-09-27 18:43 - 2014-09-27 18:43 - 00093184 _____ () D:\Users\Backup Handy\Mobile Partner\NotifyServicePlugin.dll
2014-09-27 18:43 - 2014-09-27 18:43 - 00333824 _____ () D:\Users\Backup Handy\Mobile Partner\NetConnectPlugin.dll
2014-09-27 18:43 - 2014-09-27 18:43 - 00295424 _____ () D:\Users\Backup Handy\Mobile Partner\MenuMgrPlugin.dll
2014-09-27 18:43 - 2014-09-27 18:43 - 00391168 _____ () D:\Users\Backup Handy\Mobile Partner\USSDUIPlugin.dll
2014-09-27 18:43 - 2014-09-27 18:43 - 00484352 _____ () D:\Users\Backup Handy\Mobile Partner\NetInfoUIExPlugin.dll
2014-09-27 18:43 - 2014-09-27 18:43 - 00823808 _____ () D:\Users\Backup Handy\Mobile Partner\SMSUIPlugin.dll
2014-09-27 18:43 - 2014-09-27 18:43 - 00771072 _____ () D:\Users\Backup Handy\Mobile Partner\AddrBookUIPlugin.dll
2014-09-27 18:43 - 2014-09-27 18:43 - 00209408 _____ () D:\Users\Backup Handy\Mobile Partner\ToolBarMgrPlugin.dll
2014-09-27 18:43 - 2014-09-27 18:43 - 00263168 _____ () D:\Users\Backup Handy\Mobile Partner\LiveUpdateInterface.DLL
2014-09-27 18:43 - 2014-09-27 18:43 - 01148416 _____ () D:\Users\Backup Handy\Mobile Partner\QtNetwork4.dll
2014-09-27 18:43 - 2014-09-27 18:43 - 00082944 _____ () D:\Users\Backup Handy\Mobile Partner\plugins\imageformats\qgif4.dll
2014-09-27 18:43 - 2014-09-27 18:43 - 00081920 _____ () D:\Users\Backup Handy\Mobile Partner\plugins\imageformats\qico4.dll
2014-09-27 18:43 - 2014-09-27 18:43 - 00192000 _____ () D:\Users\Backup Handy\Mobile Partner\plugins\imageformats\qjpeg4.dll
2014-09-27 18:43 - 2014-09-27 18:43 - 00350720 _____ () D:\Users\Backup Handy\Mobile Partner\plugins\imageformats\qmng4.dll
2014-09-27 18:43 - 2014-09-27 18:43 - 00370176 _____ () D:\Users\Backup Handy\Mobile Partner\plugins\imageformats\qtiff4.dll
2014-10-09 09:52 - 2014-10-09 09:52 - 00081056 _____ () C:\Users\schingels\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\LoggingPlatform.dll
2014-10-09 09:52 - 2014-10-09 09:52 - 00081056 _____ () C:\Users\schingels\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\LoggingPlatform.DLL
2014-02-18 15:00 - 2014-03-13 21:34 - 08952624 _____ () C:\WISO\Steuersoftware 2013\wgui13.dll
2014-02-18 15:00 - 2014-03-13 21:32 - 00028672 _____ () C:\WISO\Steuersoftware 2013\rsdcom48.dll
2014-02-18 15:00 - 2014-03-13 21:32 - 00309040 _____ () C:\WISO\Steuersoftware 2013\rscorewinapi48.dll
2014-02-18 15:00 - 2014-03-13 21:32 - 00321328 _____ () C:\WISO\Steuersoftware 2013\rsguiwinapi48.dll
2014-02-18 14:59 - 2014-03-13 21:33 - 03506992 _____ () C:\WISO\Steuersoftware 2013\wcore13.dll
2014-02-18 15:00 - 2014-03-13 21:32 - 00136496 _____ () C:\WISO\Steuersoftware 2013\rsodbc48.dll
2014-02-18 14:59 - 2014-03-14 09:55 - 02194736 _____ () C:\WISO\Steuersoftware 2013\wfvie13.dll
2014-02-18 15:00 - 2014-03-13 21:33 - 01611056 _____ () C:\WISO\Steuersoftware 2013\wsteu13.dll
2014-02-18 15:00 - 2014-03-13 21:32 - 01739568 _____ () C:\WISO\Steuersoftware 2013\wreli13.dll
2014-02-18 14:59 - 2014-03-13 21:33 - 04273456 _____ () C:\WISO\Steuersoftware 2013\wauff13.dll
2013-01-17 14:30 - 2014-01-14 10:50 - 01043456 _____ () C:\WISO\Steuersoftware 2013\clucene-core.dll
2013-01-17 14:30 - 2014-01-14 10:50 - 00094720 _____ () C:\WISO\Steuersoftware 2013\clucene-shared.dll
2013-01-17 14:30 - 2014-01-14 10:50 - 00250368 _____ () C:\WISO\Steuersoftware 2013\clucene-contribs-lib.dll
2014-02-18 15:00 - 2014-03-13 21:32 - 01505584 _____ () C:\WISO\Steuersoftware 2013\wmain13.dll
2014-02-18 14:59 - 2014-03-13 21:33 - 04972336 _____ () C:\WISO\Steuersoftware 2013\wbae113.dll
2014-02-18 14:59 - 2014-03-13 21:33 - 01373488 _____ () C:\WISO\Steuersoftware 2013\wbae213.dll
2014-02-18 14:59 - 2014-03-13 21:33 - 01748784 _____ () C:\WISO\Steuersoftware 2013\wbae313.dll
2014-02-18 14:59 - 2014-03-13 21:33 - 01582896 _____ () C:\WISO\Steuersoftware 2013\wbae413.dll
2014-02-18 15:00 - 2014-03-13 21:33 - 01147184 _____ () C:\WISO\Steuersoftware 2013\whau113.dll
2014-02-18 15:00 - 2014-03-13 21:33 - 01230640 _____ () C:\WISO\Steuersoftware 2013\whau213.dll
2014-02-18 15:00 - 2014-03-13 21:33 - 01307952 _____ () C:\WISO\Steuersoftware 2013\wwerb13.dll
2014-02-18 15:00 - 2014-03-13 21:33 - 06789936 _____ () C:\WISO\Steuersoftware 2013\wkont13.dll
2014-02-18 15:00 - 2014-03-13 21:33 - 01253888 _____ () C:\WISO\Steuersoftware 2013\wimp13.dll
2014-02-18 14:59 - 2014-03-13 21:33 - 01317168 _____ () C:\WISO\Steuersoftware 2013\wfabu13.dll
2014-10-17 09:21 - 2014-10-17 09:21 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\9b1cac8d98bd69d3e56a26ff2f96f266\IsdiInterop.ni.dll
2011-11-23 15:22 - 2011-01-13 02:56 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2014-11-10 16:00 - 2014-11-10 16:00 - 03649648 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-09-27 08:32 - 2014-09-27 08:32 - 00316576 _____ () C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\AppVIsvStream32.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:373E1720

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: ASUS Screen Saver Protector => C:\Windows\AsScrPro.exe
MSCONFIG\startupreg: ATKMEDIA => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
MSCONFIG\startupreg: ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
MSCONFIG\startupreg: CLMLServer => "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: HControlUser => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
MSCONFIG\startupreg: UpdateLBPShortCut => "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
MSCONFIG\startupreg: UpdateP2GoShortCut => "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
MSCONFIG\startupreg: Wireless Console 3 => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe

========================= Accounts: ==========================

Administrator (S-1-5-21-733679015-3351541572-3055150241-500 - Administrator - Disabled)
Gast (S-1-5-21-733679015-3351541572-3055150241-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-733679015-3351541572-3055150241-1006 - Limited - Enabled)
schingels (S-1-5-21-733679015-3351541572-3055150241-1001 - Administrator - Enabled) => C:\Users\schingels
UpdatusUser (S-1-5-21-733679015-3351541572-3055150241-1005 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Faulty Device Manager Devices =============

Name: Netzwerkcontroller
Description: Netzwerkcontroller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: USB2.0-CRW
Description: USB2.0-CRW
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: USB2.0 0.3M UVC WebCam
Description: USB-Videogerät
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: usbvideo
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (11/17/2014 09:47:27 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm iac3.exe, Version 3.2.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 3ac

Startzeit: 01d0023f9d683db4

Endzeit: 11

Anwendungspfad: D:\Users\Downloads\Ashampoo Internet Accelerator 3\iac3.exe

Berichts-ID: 47b84435-6e36-11e4-9afa-001e101f2c0e

Error: (11/16/2014 07:21:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: qcshm.exe, Version: 12.8.707.0, Zeitstempel: 0x51f8912a
Name des fehlerhaften Moduls: qcshm.exe, Version: 12.8.707.0, Zeitstempel: 0x51f8912a
Ausnahmecode: 0x40000015
Fehleroffset: 0x00000000000513ad
ID des fehlerhaften Prozesses: 0xd5c
Startzeit der fehlerhaften Anwendung: 0xqcshm.exe0
Pfad der fehlerhaften Anwendung: qcshm.exe1
Pfad des fehlerhaften Moduls: qcshm.exe2
Berichtskennung: qcshm.exe3

Error: (11/16/2014 07:17:22 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: Der Index kann nicht initialisiert werden.


Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (11/16/2014 07:17:22 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Die Anwendung kann nicht initialisiert werden.

Kontext: Windows Anwendung


Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (11/16/2014 07:17:22 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Das Gatherer-Objekt kann nicht initialisiert werden.

Kontext: Windows Anwendung, SystemIndex Katalog


Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (11/16/2014 07:17:22 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Plug-In in <Search.TripoliIndexer> kann nicht initialisiert werden.

Kontext: Windows Anwendung, SystemIndex Katalog


Details:
	Element nicht gefunden.  (HRESULT : 0x80070490) (0x80070490)

Error: (11/16/2014 07:17:18 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Plug-In in <Search.JetPropStore> kann nicht initialisiert werden.

Kontext: Windows Anwendung, SystemIndex Katalog


Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (11/16/2014 07:17:18 PM) (Source: Windows Search Service) (EventID: 9002) (User: )
Description: Die Eigenschaftenspeicherdaten können von Windows Search nicht geladen werden.

Kontext: Windows Anwendung, SystemIndex Katalog


Details:
	Die Inhaltsindexdatenbank ist fehlerhaft.  (HRESULT : 0xc0041800) (0xc0041800)

Error: (11/16/2014 07:17:18 PM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: Windows Search wird aufgrund eines Problems bei der Indizierung The catalog is corrupt beendet.


Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (11/16/2014 07:17:18 PM) (Source: Windows Search Service) (EventID: 7040) (User: )
Description: Vom Suchdienst wurden beschädigte Datendateien im Index {id=4700} erkannt. Vom Dienst wird versucht, dieses Problem durch Neuerstellung des Indexes automatisch zu beheben.


Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)


System errors:
=============
Error: (11/17/2014 00:16:51 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "DNS-Client" wurde mit folgendem Fehler beendet: 
%%2

Error: (11/17/2014 00:16:49 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "DNS-Client" wurde mit folgendem Fehler beendet: 
%%2

Error: (11/17/2014 00:16:49 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "DNS-Client" wurde mit folgendem Fehler beendet: 
%%2

Error: (11/17/2014 00:16:49 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "DNS-Client" wurde mit folgendem Fehler beendet: 
%%2

Error: (11/17/2014 00:16:49 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "DNS-Client" wurde mit folgendem Fehler beendet: 
%%2

Error: (11/17/2014 00:16:49 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "DNS-Client" wurde mit folgendem Fehler beendet: 
%%2

Error: (11/17/2014 00:16:49 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "DNS-Client" wurde mit folgendem Fehler beendet: 
%%2

Error: (11/17/2014 00:16:49 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "DNS-Client" wurde mit folgendem Fehler beendet: 
%%2

Error: (11/17/2014 00:16:49 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "DNS-Client" wurde mit folgendem Fehler beendet: 
%%2

Error: (11/17/2014 00:16:49 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "DNS-Client" wurde mit folgendem Fehler beendet: 
%%2


Microsoft Office Sessions:
=========================
Error: (11/17/2014 09:47:27 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: iac3.exe3.2.0.03ac01d0023f9d683db411D:\Users\Downloads\Ashampoo Internet Accelerator 3\iac3.exe47b84435-6e36-11e4-9afa-001e101f2c0e

Error: (11/16/2014 07:21:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: qcshm.exe12.8.707.051f8912aqcshm.exe12.8.707.051f8912a4000001500000000000513add5c01d001ca0d5d5531c:\PROGRA~1\mcafee\mqs\qcshm.exec:\PROGRA~1\mcafee\mqs\qcshm.exe5084737b-6dbd-11e4-9afa-001e101f2c0e

Error: (11/16/2014 07:17:22 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: 
Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (11/16/2014 07:17:22 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Kontext: Windows Anwendung


Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (11/16/2014 07:17:22 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Kontext: Windows Anwendung, SystemIndex Katalog


Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (11/16/2014 07:17:22 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Kontext: Windows Anwendung, SystemIndex Katalog


Details:
	Element nicht gefunden.  (HRESULT : 0x80070490) (0x80070490)
Search.TripoliIndexer

Error: (11/16/2014 07:17:18 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Kontext: Windows Anwendung, SystemIndex Katalog


Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)
Search.JetPropStore

Error: (11/16/2014 07:17:18 PM) (Source: Windows Search Service) (EventID: 9002) (User: )
Description: Kontext: Windows Anwendung, SystemIndex Katalog


Details:
	Die Inhaltsindexdatenbank ist fehlerhaft.  (HRESULT : 0xc0041800) (0xc0041800)

Error: (11/16/2014 07:17:18 PM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: 
Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)
The catalog is corrupt

Error: (11/16/2014 07:17:18 PM) (Source: Windows Search Service) (EventID: 7040) (User: )
Description: 
Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)
4700


CodeIntegrity Errors:
===================================
  Date: 2014-11-14 17:27:47.323
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Alle geladene Programme\Program Files\Program Files\Common Files\McAfee\VSCore\mfeelamk.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-11-14 17:27:47.320
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Alle geladene Programme\Program Files\Program Files\Common Files\McAfee\VSCore\mfeelamk.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-11-14 17:27:47.318
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Alle geladene Programme\Program Files\Program Files\Common Files\McAfee\VSCore\mfeelamk.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-11-14 17:27:47.263
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Alle geladene Programme\Program Files\Program Files\Common Files\McAfee\VSCore\mfeelamk.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-11-14 17:19:44.453
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Alle geladene Programme\Program Files\Common Files\Mcafee\VSCore\mfeelamk.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-11-14 17:19:44.450
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Alle geladene Programme\Program Files\Common Files\Mcafee\VSCore\mfeelamk.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-11-14 17:19:44.447
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Alle geladene Programme\Program Files\Common Files\Mcafee\VSCore\mfeelamk.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-11-14 17:19:44.369
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Alle geladene Programme\Program Files\Common Files\Mcafee\VSCore\mfeelamk.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-11-13 14:30:39.472
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Alle geladene Programme\Program Files\Program Files\Common Files\McAfee\VSCore\mfeelamk.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-11-13 14:30:39.470
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Alle geladene Programme\Program Files\Program Files\Common Files\McAfee\VSCore\mfeelamk.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i7-2670QM CPU @ 2.20GHz
Percentage of memory in use: 37%
Total physical RAM: 8100.97 MB
Available physical RAM: 5097.09 MB
Total Pagefile: 16200.13 MB
Available Pagefile: 12985.24 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:300.41 GB) (Free:243.35 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (DATA) (Fixed) (Total:215.5 GB) (Free:181.99 GB) NTFS
Drive e: (CHIP) (CDROM) (Total:1.73 GB) (Free:0 GB) UDF
Drive f: (Mobile Partner) (CDROM) (Total:0.03 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: AE14F3C6)
Partition 1: (Not Active) - (Size=25 GB) - (Type=1C)
Partition 2: (Active) - (Size=300.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=215.5 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=157.7 GB) - (Type=BC)

==================== End Of Log ============================

Moin schrauber aus Lahnstein mit schlechtem Tschibo Empfang , hat aber doch noch geklappt, habe bei Mcafee mich gemeldet, mit den Links, das ist noch meine Sicherheitssystem bis Anfang Dezember, aber wie man sieht ohne Erfolg. Sind die angegeben Links, die ich durch die Langsamkeit der Verbindung einsehen konnte bekannt ? Vielen Danke freundliche Grüsse Günther

offers.lollipop-network.com AppNexus Advs.adgorithms.com

schrauber · 18.11.2014, 08:59

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled.
ProxyServer: [.DEFAULT] => http=127.0.0.1:8897;https=127.0.0.1:8897;ftp=localhost:8123;socks=localhost:8123
C:\ProgramData\nud0repor.pad
Task: {1D55F36F-1ABC-45A6-BE11-0DA43363CBD7} - \Feven 1.2-chromeinstaller No Task File <==== ATTENTION

Task: {4476F211-03EC-4AC6-B6F5-C1C50323522F} - \Feven 1.2-firefoxinstaller No Task File <==== ATTENTION

Task: {4D35DD80-8C0F-429E-ADDF-04A1D49DD898} - \Feven 1.2-enabler No Task File <==== ATTENTION

Task: {4E18AC64-CCD9-4CE6-B493-90E7DFA57CEB} - \Plus-HD-4.8-chromeinstaller No Task File <==== ATTENTION

Task: {577E01DE-D214-4816-A3B4-098CA767F0F6} - \Plus-HD-4.8-codedownloader No Task File <==== ATTENTION

Task: {5DA1326E-C3AD-40A9-B6FD-3A04EFE28854} - \Moo0 System Monitor 1.76 No Task File <==== ATTENTION

Task: {5F607E55-BB1B-4F28-A027-4EC4941782E2} - \Feven 1.2-updater No Task File <==== ATTENTION

Task: {5FEA9A87-FC8A-409B-825B-7DB6F19076C5} - \Plus-HD-4.8-firefoxinstaller No Task File <==== ATTENTION

Task: {82BA10E0-53E7-4614-91CC-6E57C39D1720} - \Plus-HD-4.8-enabler No Task File <==== ATTENTION

Task: {8FA7B28D-F6DA-4778-9308-5B5E35C0B8C0} - \Plus-HD-4.8-updater No Task File <==== ATTENTION

Task: {F29F0625-D113-43D0-9B06-F514FA400FF3} - \Feven 1.2-codedownloader No Task File <==== ATTENTION
Emptytemp:

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

Jetzt bitte nochmal alle Browser testen udn berichten, in welchem Browser noch Probleme bestehen

ggoettling · 18.11.2014, 14:41

Code:

ATTFilter

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 16-11-2014 03
Ran by schingels at 2014-11-18 13:23:14 Run:1
Running from D:\Users\Downloads
Loaded Profile: schingels (Available profiles: schingels & UpdatusUser)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled.
ProxyServer: [.DEFAULT] => http=127.0.0.1:8897;https=127.0.0.1:8897;ftp=localhost:8123;socks=localhost:8123
C:\ProgramData\nud0repor.pad
Task: {1D55F36F-1ABC-45A6-BE11-0DA43363CBD7} - \Feven 1.2-chromeinstaller No Task File <==== ATTENTION

Task: {4476F211-03EC-4AC6-B6F5-C1C50323522F} - \Feven 1.2-firefoxinstaller No Task File <==== ATTENTION

Task: {4D35DD80-8C0F-429E-ADDF-04A1D49DD898} - \Feven 1.2-enabler No Task File <==== ATTENTION

Task: {4E18AC64-CCD9-4CE6-B493-90E7DFA57CEB} - \Plus-HD-4.8-chromeinstaller No Task File <==== ATTENTION

Task: {577E01DE-D214-4816-A3B4-098CA767F0F6} - \Plus-HD-4.8-codedownloader No Task File <==== ATTENTION

Task: {5DA1326E-C3AD-40A9-B6FD-3A04EFE28854} - \Moo0 System Monitor 1.76 No Task File <==== ATTENTION

Task: {5F607E55-BB1B-4F28-A027-4EC4941782E2} - \Feven 1.2-updater No Task File <==== ATTENTION

Task: {5FEA9A87-FC8A-409B-825B-7DB6F19076C5} - \Plus-HD-4.8-firefoxinstaller No Task File <==== ATTENTION

Task: {82BA10E0-53E7-4614-91CC-6E57C39D1720} - \Plus-HD-4.8-enabler No Task File <==== ATTENTION

Task: {8FA7B28D-F6DA-4778-9308-5B5E35C0B8C0} - \Plus-HD-4.8-updater No Task File <==== ATTENTION

Task: {F29F0625-D113-43D0-9B06-F514FA400FF3} - \Feven 1.2-codedownloader No Task File <==== ATTENTION
Emptytemp:
*****************

HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable => value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => value deleted successfully.
C:\ProgramData\nud0repor.pad => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{1D55F36F-1ABC-45A6-BE11-0DA43363CBD7}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1D55F36F-1ABC-45A6-BE11-0DA43363CBD7}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Feven 1.2-chromeinstaller" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{4476F211-03EC-4AC6-B6F5-C1C50323522F}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4476F211-03EC-4AC6-B6F5-C1C50323522F}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Feven 1.2-firefoxinstaller" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{4D35DD80-8C0F-429E-ADDF-04A1D49DD898}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4D35DD80-8C0F-429E-ADDF-04A1D49DD898}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Feven 1.2-enabler" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{4E18AC64-CCD9-4CE6-B493-90E7DFA57CEB}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4E18AC64-CCD9-4CE6-B493-90E7DFA57CEB}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Plus-HD-4.8-chromeinstaller" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{577E01DE-D214-4816-A3B4-098CA767F0F6}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{577E01DE-D214-4816-A3B4-098CA767F0F6}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Plus-HD-4.8-codedownloader" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{5DA1326E-C3AD-40A9-B6FD-3A04EFE28854}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5DA1326E-C3AD-40A9-B6FD-3A04EFE28854}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Moo0 System Monitor 1.76" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{5F607E55-BB1B-4F28-A027-4EC4941782E2}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5F607E55-BB1B-4F28-A027-4EC4941782E2}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Feven 1.2-updater" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{5FEA9A87-FC8A-409B-825B-7DB6F19076C5}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5FEA9A87-FC8A-409B-825B-7DB6F19076C5}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Plus-HD-4.8-firefoxinstaller" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{82BA10E0-53E7-4614-91CC-6E57C39D1720}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{82BA10E0-53E7-4614-91CC-6E57C39D1720}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Plus-HD-4.8-enabler" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{8FA7B28D-F6DA-4778-9308-5B5E35C0B8C0}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8FA7B28D-F6DA-4778-9308-5B5E35C0B8C0}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Plus-HD-4.8-updater" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{F29F0625-D113-43D0-9B06-F514FA400FF3}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F29F0625-D113-43D0-9B06-F514FA400FF3}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Feven 1.2-codedownloader" => Key deleted successfully.
EmptyTemp: => Removed 102.9 MB temporary data.


The system needed a reboot. 

==== End of Fixlog ====

vielen Dank schlechte Verbindung, Geduld erforderlich von meiner Seite. Explorer nach Sicherheitsupdate Änderungen ohne Lollipop. freundliche Grüsse Günther

lollipop werde ich nicht los, trotz Einsatz aller angeblich so tollen Antiviernprogramme postiver Erkennung unter "Schrauber "

Log-Analyse und Auswertung: lollipop werde ich nicht los, trotz Einsatz aller angeblich so tollen Antiviernprogramme postiver Erkennung unter "Schrauber "