Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Windows 8.1 : GData entdeckt Fingerprint-Bedrohung bei öffnen von Google Chrome (https://www.trojaner-board.de/157359-windows-8-1-gdata-entdeckt-fingerprint-bedrohung-oeffnen-google-chrome.html)

AndyOhneH 08.08.2014 10:52
Windows 8.1 : GData entdeckt Fingerprint-Bedrohung bei öffnen von Google Chrome
 
Hallo,

wie in der Überschrift schon angedeutet, versuche ich nun schon seit einigen Stunden, die gewünschten Logfiles zu Posten, leider bekomme ich nach einiger Zeit eine Http-Request Timeout Site.

Was soll ich tun?

Im Grunde geht es darum, dass wenn ich Google Chrome öffne, ich eine Warnmeldung von GData Total Protection 2015 folgendes Fenster öffnet:

In Ihrem Browser wurde ein unbekannter Schädling
(Fingerprint: [91f24c38])
entdeckt.

Die Schadfunktionen wurden deaktiviert.

Trotzdem empfehlen wir Ihnen dringend, bis zur dauerhaften Entfernung des Schädlings keine Passwörter mehr im Browser einzugeben und insbesondere auf empfindliche Vorgänge, wie z.B. Online-Banking, zu verzichten.

Zur vollständigen Behebung des Sicherheits-Problems empfehlen wir, den Schädling mit der "G Data BootCD" zu entfernen. Sollte der Schädling wider Erwarten mit der BootCD nicht entfernt werden können: G Data arbeitet ständig mit Hochdruck an der Erkennung und Entfernung neuester Computer-Schädlinge und wird voraussichtlich innerhalb kürzester Zeit ein entsprechendes Update bereitstellen können.

Für weitere Informationen steht Ihnen der G Data Support zur Verfügung.


Vielen Dank vorab, für Eure Unterstützung

schrauber 08.08.2014 12:56
hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)


AndyOhneH 08.08.2014 15:30
Hallo Schrauber,

ich versuche schon wieder seit einiger Zeit die Logfiles zu Posten und lande stets auf dieser Site: Request-URI Too Large The requested URL's length exceeds the capacity limit for this server.

Was soll ich tun?

schrauber 09.08.2014 09:55
Das kommt wenn Du auf Absenden drückst?

Teile die Logs mal in Stücke und benutz mehrere Antworten, ebenso mal nen anderen Browser testen.

AndyOhneH 09.08.2014 18:41
Hallo Schrauber,

ja das kam als ich versucht hatte die Logfiles zu posten. Ebenso mit IE. Aber leider hat sich das Thema erledigt, da ich den PC auch nebenberuflich gewerblich nutze und vergessen habe dies noch sagen, habe ich den PC neuinstalliert. Bestünde dennoch die Möglichkeit, zu überprüfen ob da noch Reste vorhanden sind?

Für Eure Mühe habe ich Euch eine Kleinigkeit gespendet :)

schrauber 10.08.2014 06:22
Auch zum Prüfen auf Reste brauche ich FRST Logfiles :)

AndyOhneH 10.08.2014 07:56
Hallo Schrauber,

vielen Dank dennoch für Deine weitere Hilfe. Also hier die FRST- und Addition.txt Logfiles


FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-08-2014 01
Ran by Andy (administrator) on ANDY on 10-08-2014 08:40:58
Running from C:\Users\Andy\Downloads
Platform: Windows 8 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 10
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
(G Data Software AG) D:\GData\AVK\AVKWCtlx64.exe
(Adobe Systems Incorporated) D:\Programme\Adobe\Photoshop\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
() C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
(G Data Software AG) D:\GData\AVK\AVKService.exe
(cFos Software GmbH) D:\Programme\cFosSpeed\spd.exe
(G Data Software AG) D:\GData\AVKBackup\AVKBackupService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\TiMiniService.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\TiResumeSrv.exe
(G Data Software AG) D:\GData\Firewall\GDFwSvcx64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Easy Update\ALU.exe
() C:\Program Files\ASUS\System Level Up Driver\SysLevelUp.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
(G Data Software AG) D:\GData\AVKTray\AVKTray.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKBap64.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\GdBgInx64.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\GDKBFltExe32.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\LiveComm.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(cFos Software GmbH) D:\Programme\cFosSpeed\cfosspeed.exe
(Dropbox, Inc.) C:\Users\Andy\AppData\Roaming\Dropbox\bin\Dropbox.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(G Data Software AG) D:\GData\Firewall\GDFirewallTray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\SeaPort.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Mozilla Corporation) D:\Programme\Mozilla Thunderbird\thunderbird.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\ScanToPCActivationApp.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\HPNetworkCommunicator.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\HP Officejet 6500 E710n-z.exe
(Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
(Microsoft Corporation) C:\Windows\WinStore\WSHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\HPNetworkCommunicatorCom.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6827664 2012-08-07] (Realtek Semiconductor)
HKLM\...\Run: [VizorHtmlDialog.exe] => C:\Program Files\Trend Micro\Titanium\UIFramework\VizorHtmlDialog.exe [2141184 2012-08-03] (Trend Micro Inc.)
HKLM\...\Run: [Trend Micro Client Framework] => C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe [213856 2012-07-25] (Trend Micro Inc.)
HKLM\...\Run: [Trend Micro Titanium] => C:\Program Files\Trend Micro\Titanium\VizorShortCut.exe [819760 2012-07-25] (Trend Micro Inc.)
HKLM\...\Run: [cFosSpeed] => D:\Programme\cFosSpeed\cFosSpeed.exe [1592768 2014-07-21] (cFos Software GmbH)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [497648 2010-07-29] (Adobe Systems Incorporated)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2403104 2014-07-25] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [843712 2012-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\AsusWSPanel.exe [3423104 2012-08-31] (ASUS Cloud Corporation)
HKLM-x32\...\Run: [ASUS AiChargerPlus Execute] => C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe [550272 2012-08-20] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3187360 2013-01-26] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [285240 2012-09-02] (Intel Corporation)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-29] (CyberLink Corp.)
HKLM-x32\...\Run: [GDFirewallTray] => D:\GData\Firewall\GDFirewallTray.exe [1756792 2014-05-20] (G Data Software AG)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,D:\GData\AVKTray\AVKTray.exe,d:\gdata\avkkid\avkcks.exe
HKU\S-1-5-21-4079679003-1181848519-1609450326-1001\...\Run: [HP Officejet 6500 E710n-z (NET)] => C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-4079679003-1181848519-1609450326-1001\...\MountPoints2: {8c7ecaab-2044-11e4-be72-60a44c24b088} - "J:\HTC_Sync_Manager_PC.exe"
Startup: C:\Users\Andy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Andy\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Andy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Officejet 6500 E710n-z (Netzwerk).lnk
ShortcutTarget: Tintenwarnungen überwachen - HP Officejet 6500 E710n-z (Netzwerk).lnk -> C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
ShellIconOverlayIdentifiers:  SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers:  SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers:  SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
ShellIconOverlayIdentifiers: "DropboxExt1" -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Andy\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: "DropboxExt2" -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Andy\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: "DropboxExt3" -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Andy\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: "DropboxExt4" -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Andy\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: "DropboxExt5" -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Andy\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: "DropboxExt6" -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Andy\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: "DropboxExt7" -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Andy\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: "DropboxExt8" -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Andy\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: AsusWSShellExt_B -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: AsusWSShellExt_O -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: AsusWSShellExt_U -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers-x32:  SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers-x32:  SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers-x32:  SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASU2JS
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASU2JS
SearchScopes: HKLM-x32 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASU2JS
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASU2JS
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: TmIEPlugInBHO Class -> {1CA1377B-DC1D-4A52-9585-6E06050FAC53} -> C:\Program Files\Trend Micro\AMSP\Module\20013\1.0.1171\1.0.1171\TmopIEPlg.dll (Trend Micro Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: TmBpIeBHO Class -> {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} -> C:\Program Files\Trend Micro\AMSP\Module\20002\7.5.1107\7.5.1107\TmBpIe64.dll (Trend Micro Inc.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: TmIEPlugInBHO Class -> {1CA1377B-DC1D-4A52-9585-6E06050FAC53} -> C:\Program Files\Trend Micro\AMSP\Module\20013\1.0.1171\1.0.1171\TmopIEPlg32.dll (Trend Micro Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> D:\Programme\Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: TmBpIeBHO Class -> {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} -> C:\Program Files\Trend Micro\AMSP\Module\20002\7.5.1107\7.5.1107\TmBpIe32.dll (Trend Micro Inc.)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BingExt.dll (Microsoft Corporation.)
Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\7.5.1107\7.5.1107\TmBpIe64.dll (Trend Micro Inc.)
Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20013\1.0.1171\1.0.1171\TmopIEPlg.dll (Trend Micro Inc.)
Handler: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} -  No File
Handler-x32: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\7.5.1107\7.5.1107\TmBpIe32.dll (Trend Micro Inc.)
Handler-x32: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20013\1.0.1171\1.0.1171\TmopIEPlg32.dll (Trend Micro Inc.)
Handler-x32: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\UIFramework\ProToolbarIMRatingActiveX.dll (Trend Micro Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> D:\Programme\Office\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> D:\Programme\Office\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @TrendMicro.com/FFExtension -> C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension\components\npToolbarChrome.dll (Trend Micro Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM\...\Firefox\Extensions: [tmbepff-7.5@trendmicro.com] - C:\Program Files\Trend Micro\AMSP\Module\20002\7.5.1107\7.5.1107\firefoxextension
FF Extension: Trend Micro BEP Firefox Extension - C:\Program Files\Trend Micro\AMSP\Module\20002\7.5.1107\7.5.1107\firefoxextension [2013-01-26]
FF HKLM-x32\...\Firefox\Extensions: [tmbepff-7.5@trendmicro.com] - C:\Program Files\Trend Micro\AMSP\Module\20002\7.5.1107\7.5.1107\firefoxextension
FF HKLM-x32\...\Firefox\Extensions: [{22181a4d-af90-4ca3-a569-faed9118d6bc}] - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension
FF Extension: Trend Micro Toolbar - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension [2013-01-26]

Chrome:
=======
CHR HomePage: hxxp://asus13.msn.com/
CHR StartupUrls: "hxxp://google.de/"
CHR Extension: (Google Docs) - C:\Users\Andy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-09]
CHR Extension: (Google Drive) - C:\Users\Andy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-09]
CHR Extension: (YouTube) - C:\Users\Andy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-09]
CHR Extension: (TrendMicro BEP Extension) - C:\Users\Andy\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmiabdepfhhiieiipmeecdmeljggmfee [2014-08-09]
CHR Extension: (Google-Suche) - C:\Users\Andy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-09]
CHR Extension: (Google Wallet) - C:\Users\Andy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-09]
CHR Extension: (Google Mail) - C:\Users\Andy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-09]
CHR HKLM\...\Chrome\Extension: [bmiabdepfhhiieiipmeecdmeljggmfee] - C:\Program Files\Trend Micro\AMSP\Module\20002\7.5.1107\7.5.1107\chrome_tmbep.crx [2013-01-26]
CHR HKLM-x32\...\Chrome\Extension: [bmiabdepfhhiieiipmeecdmeljggmfee] - C:\Program Files\Trend Micro\AMSP\Module\20002\7.5.1107\7.5.1107\chrome_tmbep.crx [2013-01-26]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeActiveFileMonitor9.0; D:\Programme\Adobe\Photoshop\Elements 9 Organizer\PhotoshopElementsFileAgent.exe [169408 2010-09-06] (Adobe Systems Incorporated)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2012-06-01] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [951936 2012-06-01] (ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [149120 2012-02-17] (ASUSTeK Computer Inc.)
R2 AVKProxy; C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [2250360 2014-05-27] (G Data Software AG)
R2 AVKService; D:\GData\AVK\AVKService.exe [914552 2013-12-19] (G Data Software AG)
R2 AVKWCtl; D:\GData\AVK\AVKWCtlx64.exe [2683760 2014-05-20] (G Data Software AG)
R2 cFosSpeedS; D:\Programme\cFosSpeed\spd.exe [508352 2014-07-21] (cFos Software GmbH)
R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1840128 2011-05-24] (MAGIX AG) [File not signed]
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [File not signed]
R2 GDBackupSvc; D:\GData\AVKBackup\AVKBackupService.exe [3832440 2014-05-28] (G Data Software AG)
R3 GDFwSvc; D:\GData\Firewall\GDFwSvcx64.exe [3203392 2014-05-20] (G Data Software AG)
R3 GDScan; C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe [700536 2014-05-20] (G Data Software AG)
S3 GDTunerSvc; D:\GData\AVKTuner\AVKTunerService.exe [1637496 2014-05-28] (G Data Software AG)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1720608 2014-07-25] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [18956064 2014-07-25] (NVIDIA Corporation)
R2 TiMiniService; C:\Program Files\Trend Micro\Titanium\TiMiniService.exe [248640 2012-07-25] (Trend Micro Inc.)
S3 TSNxGService; D:\GData\TSNxG\TSNxGService.exe [255608 2014-05-16] (G Data Software)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [15440 2012-07-26] (Microsoft Corporation)
S3 Amsp; "C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe" coreFrameworkHost.exe -m=rb -dt=60000 -ad [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 AiChargerPlus; C:\Windows\SysWow64\drivers\AiChargerPlus.sys [14848 2012-04-19] (ASUSTek Computer Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-22] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] ()
R3 AU8168; C:\Windows\system32\DRIVERS\au630x64.sys [792648 2013-09-23] (Realtek                                            )
R0 GDBehave; C:\Windows\System32\drivers\GDBehave.sys [55808 2014-08-09] (G Data Software AG)
R3 gddcd; C:\WINDOWS\system32\drivers\gddcd64.sys [78848 2014-08-09] (G Data Software AG)
R1 gddcv; C:\WINDOWS\system32\drivers\gddcv64.sys [58880 2014-08-09] (G Data Software AG)
R1 GDKBFlt; C:\WINDOWS\system32\drivers\GDKBFlt64.sys [20992 2014-08-09] (G Data Software AG)
R1 GDMnIcpt; C:\WINDOWS\system32\drivers\MiniIcpt.sys [142336 2014-08-09] (G Data Software AG)
R3 GDPkIcpt; C:\WINDOWS\system32\drivers\PktIcpt.sys [64000 2014-08-09] (G Data Software AG)
R1 gdwfpcd; C:\Windows\System32\drivers\gdwfpcd64.sys [67584 2014-08-09] (G Data Software AG)
R1 GRD; C:\WINDOWS\system32\drivers\GRD.sys [106272 2014-08-09] (G Data Software)
R1 HookCentre; C:\WINDOWS\system32\drivers\HookCentre.sys [61440 2014-08-09] (G Data Software AG)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-07-25] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
R1 tmactmon; C:\Windows\system32\DRIVERS\tmactmon.sys [106000 2012-07-12] (Trend Micro Inc.)
R0 tmcomm; C:\Windows\System32\DRIVERS\tmcomm.sys [173504 2012-07-12] (Trend Micro Inc.)
R0 TMEBC; C:\Windows\System32\DRIVERS\TMEBC64.sys [46392 2012-08-24] (Trend Micro Inc.)
S3 tmeevw; C:\Windows\system32\DRIVERS\tmeevw.sys [98104 2012-08-25] (Trend Micro Inc.)
S0 tmel; C:\Windows\System32\DRIVERS\tmel.sys [33176 2012-07-27] (trend_company_name)
R1 tmevtmgr; C:\Windows\system32\DRIVERS\tmevtmgr.sys [76672 2012-07-12] (Trend Micro Inc.)
R2 tmusa; C:\Windows\system32\DRIVERS\tmusa.sys [77112 2012-09-11] (Trend Micro Inc.)
R0 TS4NT; C:\Windows\System32\Drivers\TS4nt.sys [98760 2014-08-09] (G Data Software)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-10 08:40 - 2014-08-10 08:41 - 00024726 _____ () C:\Users\Andy\Downloads\FRST.txt
2014-08-10 08:40 - 2014-08-10 08:41 - 00000000 ____D () C:\FRST
2014-08-10 08:39 - 2014-08-10 08:39 - 02093568 _____ (Farbar) C:\Users\Andy\Downloads\FRST64.exe
2014-08-10 08:13 - 2014-08-10 08:13 - 00003606 _____ () C:\WINDOWS\System32\Tasks\HPCustParticipation HP Officejet 6500 E710n-z
2014-08-10 08:13 - 2014-08-10 08:13 - 00002255 _____ () C:\Users\Public\Desktop\HP Officejet 6500 E710n-z.lnk
2014-08-10 08:13 - 2014-08-10 08:13 - 00001187 _____ () C:\Users\Public\Desktop\Shop für Zubehör - HP Officejet 6500 E710n-z.lnk
2014-08-10 08:13 - 2014-08-10 08:13 - 00000972 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\I.R.I.S. OCR-Registrierung.lnk
2014-08-10 08:13 - 2014-08-10 08:13 - 00000000 ____D () C:\Users\Andy\AppData\Roaming\HpUpdate
2014-08-10 08:13 - 2014-08-10 08:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2014-08-10 08:13 - 2014-08-10 08:13 - 00000000 ____D () C:\Program Files (x86)\Hewlett-Packard
2014-08-10 08:13 - 2012-10-17 04:31 - 00741480 ____N (Hewlett-Packard Co.) C:\WINDOWS\system32\HPDiscoPM5412.dll
2014-08-10 08:12 - 2014-08-10 08:13 - 00000000 ____D () C:\Program Files (x86)\HP
2014-08-10 08:12 - 2014-08-10 08:12 - 00000057 _____ () C:\ProgramData\Ament.ini
2014-08-10 08:12 - 2014-08-10 08:12 - 00000000 ____D () C:\ProgramData\HP
2014-08-10 08:12 - 2014-08-10 08:12 - 00000000 ____D () C:\Program Files\HP
2014-08-10 08:11 - 2014-08-10 08:11 - 122662720 _____ () C:\Users\Andy\Downloads\OJ6500_E710n-z_1315.exe
2014-08-10 08:01 - 2014-08-10 08:16 - 00000000 ____D () C:\Users\Andy\AppData\Local\HP
2014-08-10 05:33 - 2014-08-10 05:33 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2014-08-10 05:31 - 2014-08-10 05:31 - 00001358 _____ () C:\Users\Public\Desktop\GeForce Experience.lnk
2014-08-10 05:31 - 2014-08-10 05:31 - 00000000 ____D () C:\Users\Andy\AppData\Local\NVIDIA Corporation
2014-08-10 05:31 - 2014-08-10 05:31 - 00000000 ____D () C:\Users\Andy\AppData\Local\NVIDIA
2014-08-10 05:31 - 2014-08-10 05:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-08-10 05:31 - 2014-08-10 05:31 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-08-10 05:31 - 2014-07-25 15:01 - 01715224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2014-08-10 05:31 - 2014-07-25 15:01 - 01291280 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2014-08-10 05:31 - 2014-07-25 15:01 - 01283136 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2014-08-10 05:31 - 2014-07-25 15:01 - 01126480 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2014-08-10 05:31 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_43.dll
2014-08-10 05:31 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_43.dll
2014-08-10 05:30 - 2014-07-02 18:44 - 00609240 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2014-08-10 05:29 - 2014-08-10 05:30 - 00000000 ____D () C:\WINDOWS\LastGood
2014-08-10 05:29 - 2014-07-02 22:29 - 00197408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2014-08-10 05:29 - 2014-07-02 22:29 - 00031520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2014-08-10 05:29 - 2014-07-02 21:48 - 31512520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2014-08-10 05:29 - 2014-07-02 21:48 - 24196896 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2014-08-10 05:29 - 2014-07-02 21:48 - 22994208 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2014-08-10 05:29 - 2014-07-02 21:48 - 17555104 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2014-08-10 05:29 - 2014-07-02 21:48 - 15294296 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2014-08-10 05:29 - 2014-07-02 21:48 - 14498552 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2014-08-10 05:29 - 2014-07-02 21:48 - 13922752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2014-08-10 05:29 - 2014-07-02 21:48 - 13835208 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2014-08-10 05:29 - 2014-07-02 21:48 - 12866008 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2014-08-10 05:29 - 2014-07-02 21:48 - 11283344 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2014-08-10 05:29 - 2014-07-02 21:48 - 11222048 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2014-08-10 05:29 - 2014-07-02 21:48 - 04247000 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2014-08-10 05:29 - 2014-07-02 21:48 - 03989960 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2014-08-10 05:29 - 2014-07-02 21:48 - 02814656 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2014-08-10 05:29 - 2014-07-02 21:48 - 01890080 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6434052.dll
2014-08-10 05:29 - 2014-07-02 21:48 - 01539928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6434052.dll
2014-08-10 05:29 - 2014-07-02 21:48 - 00944928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2014-08-10 05:29 - 2014-07-02 21:48 - 00907096 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2014-08-10 05:29 - 2014-07-02 21:48 - 00903624 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2014-08-10 05:29 - 2014-07-02 21:48 - 00869152 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2014-08-10 05:29 - 2014-07-02 21:48 - 00846832 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2014-08-10 05:29 - 2014-07-02 21:48 - 00502232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2014-08-10 05:29 - 2014-07-02 21:48 - 00418760 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2014-08-10 05:29 - 2014-07-02 21:48 - 00391640 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2014-08-10 05:29 - 2014-07-02 21:48 - 00354016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2014-08-10 05:29 - 2014-07-02 21:48 - 00348120 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2014-08-10 05:29 - 2014-07-02 21:48 - 00305600 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2014-08-10 05:29 - 2014-07-02 21:48 - 00166568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2014-08-10 05:29 - 2014-07-02 21:48 - 00146480 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2014-08-10 05:29 - 2014-03-31 17:42 - 00040392 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2014-08-10 05:29 - 2014-03-31 17:42 - 00037320 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2014-08-10 05:29 - 2014-03-31 17:42 - 00034760 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2014-08-10 05:27 - 2014-08-10 05:27 - 00000000 ____D () C:\NVIDIA
2014-08-10 05:26 - 2014-08-10 05:27 - 337127848 _____ (NVIDIA Corporation) C:\Users\Andy\Downloads\340.52-desktop-win8-win7-winvista-64bit-international-whql.exe
2014-08-10 05:11 - 2014-08-10 05:11 - 00000000 ____D () C:\ProgramData\SmartSound Software Inc
2014-08-10 05:11 - 2014-08-10 05:11 - 00000000 ____D () C:\ProgramData\eSellerate
2014-08-10 05:10 - 2014-08-10 05:11 - 00000000 ____D () C:\Program Files (x86)\SmartSound Software
2014-08-10 05:10 - 2014-08-10 05:10 - 00065674 _____ () C:\MSXML.log
2014-08-10 05:09 - 2014-08-10 05:09 - 00002110 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Premiere Elements 9.lnk
2014-08-10 05:09 - 2014-08-10 05:09 - 00001102 _____ () C:\Users\Public\Desktop\Adobe Premiere Elements 9.lnk
2014-08-09 21:18 - 2014-08-09 21:18 - 00001530 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS5.lnk
2014-08-09 21:17 - 2014-08-09 21:17 - 00001004 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk
2014-08-09 21:17 - 2014-08-09 21:17 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Macromedia
2014-08-09 21:17 - 2014-08-09 21:17 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Macromedia
2014-08-09 21:15 - 2014-08-09 21:15 - 00001691 _____ () C:\Users\Public\Desktop\Adobe Photoshop Elements 9.lnk
2014-08-09 21:15 - 2014-08-09 21:15 - 00001691 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop Elements 9.lnk
2014-08-09 21:15 - 2010-03-19 03:00 - 00055856 ____N (Sonic Solutions) C:\WINDOWS\system32\Drivers\PxHlpa64.sys
2014-08-09 21:15 - 2009-10-20 03:00 - 00010224 ____N (Sonic Solutions) C:\WINDOWS\system32\Drivers\cdralw2k.sys
2014-08-09 21:15 - 2009-10-20 03:00 - 00010224 ____N (Sonic Solutions) C:\WINDOWS\system32\Drivers\cdr4_xp.sys
2014-08-09 19:40 - 2014-08-09 19:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2014-08-09 19:37 - 2014-08-09 19:37 - 00000000 ____D () C:\WINDOWS\System32\Tasks\OfficeSoftwareProtectionPlatform
2014-08-09 19:34 - 2014-08-09 19:42 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-09 19:34 - 2014-08-09 19:34 - 00000000 ____D () C:\Users\Andy\AppData\Local\Microsoft Help
2014-08-09 19:34 - 2014-08-09 19:34 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-08-09 19:34 - 2014-08-09 19:34 - 00000000 ____D () C:\Program Files (x86)\Microsoft Analysis Services
2014-08-09 19:18 - 2014-08-10 05:02 - 00000000 ____D () C:\Users\Andy\AppData\Local\Adobe
2014-08-09 18:18 - 2014-08-10 05:13 - 00000000 ___RD () C:\Users\Andy\Dropbox
2014-08-09 18:18 - 2014-08-09 18:18 - 00001042 _____ () C:\Users\Andy\Desktop\Dropbox.lnk
2014-08-09 18:18 - 2014-08-09 18:18 - 00000000 ____D () C:\Users\Andy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-08-09 18:17 - 2014-08-10 05:13 - 00000000 ____D () C:\Users\Andy\AppData\Roaming\Dropbox
2014-08-09 18:17 - 2014-08-09 18:17 - 00323576 _____ (Dropbox, Inc.) C:\Users\Andy\Downloads\DropboxInstaller.exe
2014-08-09 16:35 - 2014-08-10 08:40 - 00001116 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-09 16:35 - 2014-08-10 05:12 - 00001112 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-09 16:35 - 2014-08-09 16:35 - 00004088 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-08-09 16:35 - 2014-08-09 16:35 - 00003852 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-08-09 16:35 - 2014-08-09 16:35 - 00002258 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-08-09 16:35 - 2014-08-09 16:35 - 00000000 ____D () C:\Users\Andy\AppData\Local\Google
2014-08-09 16:35 - 2014-08-09 16:35 - 00000000 ____D () C:\Users\Andy\AppData\Local\Deployment
2014-08-09 16:35 - 2014-08-09 16:35 - 00000000 ____D () C:\Users\Andy\AppData\Local\Apps\2.0
2014-08-09 16:35 - 2014-08-09 16:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-08-09 16:35 - 2014-08-09 16:35 - 00000000 ____D () C:\Program Files (x86)\Google
2014-08-09 16:29 - 2014-08-09 16:29 - 00000899 _____ () C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
2014-08-09 16:29 - 2014-08-09 16:29 - 00000899 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2014-08-09 16:29 - 2014-08-09 16:29 - 00000000 ____D () C:\Users\Andy\AppData\Roaming\Thunderbird
2014-08-09 16:29 - 2014-08-09 16:29 - 00000000 ____D () C:\Users\Andy\AppData\Roaming\Mozilla
2014-08-09 16:29 - 2014-08-09 16:29 - 00000000 ____D () C:\Users\Andy\AppData\Local\Thunderbird
2014-08-09 16:29 - 2014-08-09 16:29 - 00000000 ____D () C:\ProgramData\Mozilla
2014-08-09 16:29 - 2014-08-09 16:29 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-08-09 16:07 - 2014-08-09 16:07 - 00106272 _____ (G Data Software) C:\WINDOWS\system32\Drivers\GRD.sys
2014-08-09 16:07 - 2014-08-09 16:07 - 00018160 _____ (G Data Software) C:\WINDOWS\system32\Drivers\GdPhyMem.sys
2014-08-09 15:54 - 2014-08-09 15:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G Data TotalProtection
2014-08-09 15:51 - 2014-08-09 15:51 - 00001377 _____ () C:\Users\Andy\Desktop\cFosSpeed Features.lnk
2014-08-09 15:51 - 2014-08-09 15:51 - 00001237 _____ () C:\Users\Andy\Desktop\cFosSpeed Calibration.lnk
2014-08-09 15:51 - 2014-08-09 15:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\cFosSpeed Traffic Shaping
2014-08-09 15:51 - 2014-07-21 18:15 - 01895360 _____ (cFos Software GmbH) C:\WINDOWS\system32\Drivers\cfosspeed6.sys
2014-08-09 15:33 - 2014-08-09 15:54 - 00142336 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\MiniIcpt.sys
2014-08-09 15:33 - 2014-08-09 15:54 - 00098760 _____ (G Data Software) C:\WINDOWS\system32\Drivers\TS4nt.sys
2014-08-09 15:33 - 2014-08-09 15:54 - 00067584 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\gdwfpcd64.sys
2014-08-09 15:33 - 2014-08-09 15:54 - 00064000 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\PktIcpt.sys
2014-08-09 15:33 - 2014-08-09 15:54 - 00061440 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\HookCentre.sys
2014-08-09 15:33 - 2014-08-09 15:54 - 00055808 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\GDBehave.sys
2014-08-09 15:33 - 2014-08-09 15:54 - 00034108 _____ () C:\WINDOWS\DPINST.LOG
2014-08-09 15:33 - 2014-08-09 15:54 - 00020992 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\GDKBFlt64.sys
2014-08-09 15:33 - 2014-08-09 15:54 - 00000619 _____ () C:\Users\Public\Desktop\G Data TotalProtection.lnk
2014-08-09 15:33 - 2014-08-09 15:33 - 00078848 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\gddcd64.sys
2014-08-09 15:33 - 2014-08-09 15:33 - 00058880 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\gddcv64.sys
2014-08-09 15:33 - 2014-08-09 15:33 - 00000779 _____ () C:\Users\Andy\AppData\Roaming\gdscan.log
2014-08-09 15:33 - 2014-08-09 15:33 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_GDKBFlt64_01007.Wdf
2014-08-09 15:33 - 2014-08-09 15:33 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_gddcd64_01007.Wdf
2014-08-09 15:33 - 2014-08-09 15:33 - 00000000 ____D () C:\ProgramData\G DATA Software
2014-08-09 15:33 - 2014-08-09 15:33 - 00000000 _____ () C:\Users\Andy\AppData\Roaming\gdfw.log
2014-08-09 15:32 - 2014-08-09 19:57 - 00000000 ____D () C:\ProgramData\G Data
2014-08-09 15:31 - 2014-08-09 15:31 - 502900048 _____ (G Data Software AG) C:\Users\Andy\Downloads\INT_R_FUL_2015_TP.exe
2014-08-09 09:21 - 2014-08-09 09:21 - 00000000 ____D () C:\Users\Andy\AppData\Roaming\Macromedia
2014-08-09 09:18 - 2014-08-10 06:05 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4079679003-1181848519-1609450326-1001
2014-08-09 09:16 - 2014-08-09 09:16 - 00000000 _____ () C:\WINDOWS\SysWOW64\Drivers\1043_ASUSTeK_CG8480.alu
2014-08-09 09:14 - 2014-08-10 05:12 - 00000000 _____ () C:\WINDOWS\system32\Drivers\lvuvc.hs
2014-08-09 09:14 - 2014-08-09 09:14 - 00007429 _____ () C:\WINDOWS\system32\lvcoinst.log
2014-08-09 09:14 - 2014-08-09 09:14 - 00000000 ____D () C:\Program Files\Common Files\logishrd
2014-08-09 09:12 - 2014-08-09 09:12 - 08373576 _____ () C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2014-08-09 09:12 - 2014-08-09 09:12 - 00000000 ____D () C:\Users\Andy\AppData\Roaming\Intel Corporation
2014-08-09 09:11 - 2014-08-10 05:33 - 00000000 ____D () C:\Users\Andy\AppData\Roaming\Adobe
2014-08-09 09:11 - 2014-08-09 09:11 - 00001510 _____ () C:\Users\Andy\Desktop\Trend Micro Titanium Internet Security.lnk
2014-08-09 09:11 - 2014-08-09 09:11 - 00001449 _____ () C:\Users\Andy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-08-09 09:11 - 2014-08-09 09:11 - 00001076 _____ () C:\Users\Andy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SystemLevelUp.lnk
2014-08-09 09:11 - 2014-08-09 09:11 - 00000000 ____D () C:\WINDOWS\System32\Tasks\WPD
2014-08-09 09:11 - 2014-08-09 09:11 - 00000000 ____D () C:\Users\Andy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Trend Micro Titanium Internet Security
2014-08-09 09:11 - 2014-08-09 09:11 - 00000000 ____D () C:\Users\Andy\AppData\Roaming\ASUS WebStorage
2014-08-09 09:11 - 2014-08-09 09:11 - 00000000 ____D () C:\Users\Andy\AppData\Local\cFos
2014-08-09 09:10 - 2014-08-10 08:17 - 00000000 ____D () C:\Users\Andy\AppData\Local\VirtualStore
2014-08-09 09:10 - 2014-08-09 18:18 - 00000000 ____D () C:\Users\Andy
2014-08-09 09:10 - 2014-08-09 09:13 - 00000000 ____D () C:\Users\Andy\AppData\Local\Packages
2014-08-09 09:10 - 2014-08-09 09:10 - 00000020 ___SH () C:\Users\Andy\ntuser.ini
2014-08-09 09:10 - 2014-08-09 09:10 - 00000000 _SHDL () C:\Users\Andy\Vorlagen
2014-08-09 09:10 - 2014-08-09 09:10 - 00000000 _SHDL () C:\Users\Andy\Startmenü
2014-08-09 09:10 - 2014-08-09 09:10 - 00000000 _SHDL () C:\Users\Andy\Netzwerkumgebung
2014-08-09 09:10 - 2014-08-09 09:10 - 00000000 _SHDL () C:\Users\Andy\Lokale Einstellungen
2014-08-09 09:10 - 2014-08-09 09:10 - 00000000 _SHDL () C:\Users\Andy\Eigene Dateien
2014-08-09 09:10 - 2014-08-09 09:10 - 00000000 _SHDL () C:\Users\Andy\Druckumgebung
2014-08-09 09:10 - 2014-08-09 09:10 - 00000000 _SHDL () C:\Users\Andy\Documents\Eigene Musik
2014-08-09 09:10 - 2014-08-09 09:10 - 00000000 _SHDL () C:\Users\Andy\Documents\Eigene Bilder
2014-08-09 09:10 - 2014-08-09 09:10 - 00000000 _SHDL () C:\Users\Andy\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-08-09 09:10 - 2014-08-09 09:10 - 00000000 _SHDL () C:\Users\Andy\AppData\Local\Verlauf
2014-08-09 09:10 - 2014-08-09 09:10 - 00000000 _SHDL () C:\Users\Andy\AppData\Local\Anwendungsdaten
2014-08-09 09:10 - 2014-08-09 09:10 - 00000000 _SHDL () C:\Users\Andy\Anwendungsdaten
2014-08-09 09:10 - 2013-01-26 12:17 - 00002102 _____ () C:\Users\Andy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk
2014-08-09 09:10 - 2012-07-26 09:13 - 00000000 ___RD () C:\Users\Andy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-08-09 09:10 - 2012-07-26 09:13 - 00000000 ___RD () C:\Users\Andy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-08-09 09:10 - 2012-07-26 09:13 - 00000000 ___RD () C:\Users\Andy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-08-09 09:10 - 2012-07-26 09:13 - 00000000 ____D () C:\Users\Andy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-08-09 01:09 - 2014-08-09 01:09 - 00000000 __SHD () C:\Recovery
2014-08-09 01:09 - 2014-08-09 01:09 - 00000000 _____ () C:\Recovery.txt

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-10 08:41 - 2014-08-10 08:40 - 00024726 _____ () C:\Users\Andy\Downloads\FRST.txt
2014-08-10 08:41 - 2014-08-10 08:40 - 00000000 ____D () C:\FRST
2014-08-10 08:40 - 2014-08-09 16:35 - 00001116 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-10 08:39 - 2014-08-10 08:39 - 02093568 _____ (Farbar) C:\Users\Andy\Downloads\FRST64.exe
2014-08-10 08:28 - 2013-05-23 01:33 - 01239362 _____ () C:\WINDOWS\WindowsUpdate.log
2014-08-10 08:17 - 2014-08-09 09:10 - 00000000 ____D () C:\Users\Andy\AppData\Local\VirtualStore
2014-08-10 08:16 - 2014-08-10 08:01 - 00000000 ____D () C:\Users\Andy\AppData\Local\HP
2014-08-10 08:13 - 2014-08-10 08:13 - 00003606 _____ () C:\WINDOWS\System32\Tasks\HPCustParticipation HP Officejet 6500 E710n-z
2014-08-10 08:13 - 2014-08-10 08:13 - 00002255 _____ () C:\Users\Public\Desktop\HP Officejet 6500 E710n-z.lnk
2014-08-10 08:13 - 2014-08-10 08:13 - 00001187 _____ () C:\Users\Public\Desktop\Shop für Zubehör - HP Officejet 6500 E710n-z.lnk
2014-08-10 08:13 - 2014-08-10 08:13 - 00000972 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\I.R.I.S. OCR-Registrierung.lnk
2014-08-10 08:13 - 2014-08-10 08:13 - 00000000 ____D () C:\Users\Andy\AppData\Roaming\HpUpdate
2014-08-10 08:13 - 2014-08-10 08:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2014-08-10 08:13 - 2014-08-10 08:13 - 00000000 ____D () C:\Program Files (x86)\Hewlett-Packard
2014-08-10 08:13 - 2014-08-10 08:12 - 00000000 ____D () C:\Program Files (x86)\HP
2014-08-10 08:12 - 2014-08-10 08:12 - 00000057 _____ () C:\ProgramData\Ament.ini
2014-08-10 08:12 - 2014-08-10 08:12 - 00000000 ____D () C:\ProgramData\HP
2014-08-10 08:12 - 2014-08-10 08:12 - 00000000 ____D () C:\Program Files\HP
2014-08-10 08:11 - 2014-08-10 08:11 - 122662720 _____ () C:\Users\Andy\Downloads\OJ6500_E710n-z_1315.exe
2014-08-10 08:00 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-08-10 06:35 - 2012-07-26 08:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-08-10 06:05 - 2014-08-09 09:18 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4079679003-1181848519-1609450326-1001
2014-08-10 05:33 - 2014-08-10 05:33 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2014-08-10 05:33 - 2014-08-09 09:11 - 00000000 ____D () C:\Users\Andy\AppData\Roaming\Adobe
2014-08-10 05:33 - 2012-07-26 08:21 - 00020027 _____ () C:\WINDOWS\setupact.log
2014-08-10 05:31 - 2014-08-10 05:31 - 00001358 _____ () C:\Users\Public\Desktop\GeForce Experience.lnk
2014-08-10 05:31 - 2014-08-10 05:31 - 00000000 ____D () C:\Users\Andy\AppData\Local\NVIDIA Corporation
2014-08-10 05:31 - 2014-08-10 05:31 - 00000000 ____D () C:\Users\Andy\AppData\Local\NVIDIA
2014-08-10 05:31 - 2014-08-10 05:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-08-10 05:31 - 2014-08-10 05:31 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-08-10 05:31 - 2013-05-23 01:36 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-08-10 05:31 - 2013-05-23 01:32 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-08-10 05:31 - 2013-05-23 01:32 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-08-10 05:31 - 2013-05-23 01:32 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-08-10 05:30 - 2014-08-10 05:29 - 00000000 ____D () C:\WINDOWS\LastGood
2014-08-10 05:27 - 2014-08-10 05:27 - 00000000 ____D () C:\NVIDIA
2014-08-10 05:27 - 2014-08-10 05:26 - 337127848 _____ (NVIDIA Corporation) C:\Users\Andy\Downloads\340.52-desktop-win8-win7-winvista-64bit-international-whql.exe
2014-08-10 05:18 - 2013-01-26 10:26 - 00788786 _____ () C:\WINDOWS\system32\perfh00A.dat
2014-08-10 05:18 - 2013-01-26 10:26 - 00162692 _____ () C:\WINDOWS\system32\perfc00A.dat
2014-08-10 05:18 - 2013-01-26 10:09 - 00786390 _____ () C:\WINDOWS\system32\perfh013.dat
2014-08-10 05:18 - 2013-01-26 10:09 - 00158924 _____ () C:\WINDOWS\system32\perfc013.dat
2014-08-10 05:18 - 2013-01-26 09:57 - 00790862 _____ () C:\WINDOWS\system32\perfh00C.dat
2014-08-10 05:18 - 2013-01-26 09:57 - 00155422 _____ () C:\WINDOWS\system32\perfc00C.dat
2014-08-10 05:18 - 2013-01-26 09:51 - 00542632 _____ () C:\WINDOWS\system32\perfh008.dat
2014-08-10 05:18 - 2013-01-26 09:51 - 00089196 _____ () C:\WINDOWS\system32\perfc008.dat
2014-08-10 05:18 - 2013-01-26 09:46 - 00752930 _____ () C:\WINDOWS\system32\perfh007.dat
2014-08-10 05:18 - 2013-01-26 09:46 - 00156156 _____ () C:\WINDOWS\system32\perfc007.dat
2014-08-10 05:18 - 2012-07-26 08:28 - 05222090 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-08-10 05:13 - 2014-08-09 18:18 - 00000000 ___RD () C:\Users\Andy\Dropbox
2014-08-10 05:13 - 2014-08-09 18:17 - 00000000 ____D () C:\Users\Andy\AppData\Roaming\Dropbox
2014-08-10 05:13 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\rescache
2014-08-10 05:12 - 2014-08-09 16:35 - 00001112 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-10 05:12 - 2014-08-09 09:14 - 00000000 _____ () C:\WINDOWS\system32\Drivers\lvuvc.hs
2014-08-10 05:12 - 2013-01-26 11:28 - 00501360 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-08-10 05:12 - 2012-07-26 08:22 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-08-10 05:12 - 2012-07-26 06:26 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-08-10 05:11 - 2014-08-10 05:11 - 00000000 ____D () C:\ProgramData\SmartSound Software Inc
2014-08-10 05:11 - 2014-08-10 05:11 - 00000000 ____D () C:\ProgramData\eSellerate
2014-08-10 05:11 - 2014-08-10 05:10 - 00000000 ____D () C:\Program Files (x86)\SmartSound Software
2014-08-10 05:11 - 2013-01-26 11:43 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-08-10 05:10 - 2014-08-10 05:10 - 00065674 _____ () C:\MSXML.log
2014-08-10 05:09 - 2014-08-10 05:09 - 00002110 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Premiere Elements 9.lnk
2014-08-10 05:09 - 2014-08-10 05:09 - 00001102 _____ () C:\Users\Public\Desktop\Adobe Premiere Elements 9.lnk
2014-08-10 05:08 - 2013-01-26 11:51 - 00000000 ____D () C:\ProgramData\Adobe
2014-08-10 05:02 - 2014-08-09 19:18 - 00000000 ____D () C:\Users\Andy\AppData\Local\Adobe
2014-08-09 21:18 - 2014-08-09 21:18 - 00001530 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS5.lnk
2014-08-09 21:18 - 2013-01-26 11:51 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-08-09 21:17 - 2014-08-09 21:17 - 00001004 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk
2014-08-09 21:17 - 2014-08-09 21:17 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Macromedia
2014-08-09 21:17 - 2014-08-09 21:17 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Macromedia
2014-08-09 21:15 - 2014-08-09 21:15 - 00001691 _____ () C:\Users\Public\Desktop\Adobe Photoshop Elements 9.lnk
2014-08-09 21:15 - 2014-08-09 21:15 - 00001691 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop Elements 9.lnk
2014-08-09 19:59 - 2013-01-26 11:28 - 00007262 _____ () C:\WINDOWS\PFRO.log
2014-08-09 19:58 - 2013-01-26 09:40 - 00000000 ____D () C:\WINDOWS\SysWOW64\XPSViewer
2014-08-09 19:58 - 2012-07-26 09:12 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2014-08-09 19:58 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\WinStore
2014-08-09 19:58 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\SysWOW64\MUI
2014-08-09 19:58 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\SysWOW64\migwiz
2014-08-09 19:58 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\SysWOW64\Com
2014-08-09 19:58 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\system32\SystemResetPlatform
2014-08-09 19:58 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\system32\MUI
2014-08-09 19:58 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\system32\migwiz
2014-08-09 19:58 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\system32\Com
2014-08-09 19:58 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2014-08-09 19:58 - 2012-07-26 09:12 - 00000000 ____D () C:\Program Files\Windows Photo Viewer
2014-08-09 19:58 - 2012-07-26 09:12 - 00000000 ____D () C:\Program Files\Windows Defender
2014-08-09 19:58 - 2012-07-26 09:12 - 00000000 ____D () C:\Program Files\Common Files\System
2014-08-09 19:58 - 2012-07-26 09:12 - 00000000 ____D () C:\Program Files (x86)\Windows Photo Viewer
2014-08-09 19:58 - 2012-07-26 09:12 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-08-09 19:58 - 2012-07-26 08:52 - 00000000 ____D () C:\Program Files\Windows Journal
2014-08-09 19:58 - 2012-07-26 08:49 - 00000000 ____D () C:\WINDOWS\SysWOW64\winrm
2014-08-09 19:58 - 2012-07-26 08:49 - 00000000 ____D () C:\WINDOWS\SysWOW64\WCN
2014-08-09 19:58 - 2012-07-26 08:49 - 00000000 ____D () C:\WINDOWS\SysWOW64\slmgr
2014-08-09 19:58 - 2012-07-26 08:49 - 00000000 ____D () C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2014-08-09 19:58 - 2012-07-26 08:49 - 00000000 ____D () C:\WINDOWS\system32\winrm
2014-08-09 19:58 - 2012-07-26 08:49 - 00000000 ____D () C:\WINDOWS\system32\WCN
2014-08-09 19:58 - 2012-07-26 08:49 - 00000000 ____D () C:\WINDOWS\system32\slmgr
2014-08-09 19:58 - 2012-07-26 08:49 - 00000000 ____D () C:\WINDOWS\system32\Printing_Admin_Scripts
2014-08-09 19:58 - 2012-07-26 06:38 - 00000000 ____D () C:\WINDOWS\SysWOW64\oobe
2014-08-09 19:58 - 2012-07-26 06:38 - 00000000 ____D () C:\WINDOWS\SysWOW64\Dism
2014-08-09 19:58 - 2012-07-26 06:38 - 00000000 ____D () C:\WINDOWS\system32\Sysprep
2014-08-09 19:58 - 2012-07-26 06:38 - 00000000 ____D () C:\WINDOWS\system32\oobe
2014-08-09 19:58 - 2012-07-26 06:38 - 00000000 ____D () C:\WINDOWS\system32\Dism
2014-08-09 19:57 - 2014-08-09 15:32 - 00000000 ____D () C:\ProgramData\G Data
2014-08-09 19:57 - 2012-07-26 08:49 - 00000000 ____D () C:\WINDOWS\SysWOW64\sysprep
2014-08-09 19:42 - 2014-08-09 19:34 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-09 19:40 - 2014-08-09 19:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2014-08-09 19:37 - 2014-08-09 19:37 - 00000000 ____D () C:\WINDOWS\System32\Tasks\OfficeSoftwareProtectionPlatform
2014-08-09 19:37 - 2012-07-26 09:12 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-08-09 19:34 - 2014-08-09 19:34 - 00000000 ____D () C:\Users\Andy\AppData\Local\Microsoft Help
2014-08-09 19:34 - 2014-08-09 19:34 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-08-09 19:34 - 2014-08-09 19:34 - 00000000 ____D () C:\Program Files (x86)\Microsoft Analysis Services
2014-08-09 19:34 - 2012-07-26 08:52 - 00000000 ____D () C:\WINDOWS\ShellNew
2014-08-09 19:34 - 2012-07-26 06:26 - 00000167 _____ () C:\WINDOWS\win.ini
2014-08-09 18:18 - 2014-08-09 18:18 - 00001042 _____ () C:\Users\Andy\Desktop\Dropbox.lnk
2014-08-09 18:18 - 2014-08-09 18:18 - 00000000 ____D () C:\Users\Andy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-08-09 18:18 - 2014-08-09 09:10 - 00000000 ____D () C:\Users\Andy
2014-08-09 18:17 - 2014-08-09 18:17 - 00323576 _____ (Dropbox, Inc.) C:\Users\Andy\Downloads\DropboxInstaller.exe
2014-08-09 16:35 - 2014-08-09 16:35 - 00004088 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-08-09 16:35 - 2014-08-09 16:35 - 00003852 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-08-09 16:35 - 2014-08-09 16:35 - 00002258 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-08-09 16:35 - 2014-08-09 16:35 - 00000000 ____D () C:\Users\Andy\AppData\Local\Google
2014-08-09 16:35 - 2014-08-09 16:35 - 00000000 ____D () C:\Users\Andy\AppData\Local\Deployment
2014-08-09 16:35 - 2014-08-09 16:35 - 00000000 ____D () C:\Users\Andy\AppData\Local\Apps\2.0
2014-08-09 16:35 - 2014-08-09 16:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-08-09 16:35 - 2014-08-09 16:35 - 00000000 ____D () C:\Program Files (x86)\Google
2014-08-09 16:29 - 2014-08-09 16:29 - 00000899 _____ () C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
2014-08-09 16:29 - 2014-08-09 16:29 - 00000899 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2014-08-09 16:29 - 2014-08-09 16:29 - 00000000 ____D () C:\Users\Andy\AppData\Roaming\Thunderbird
2014-08-09 16:29 - 2014-08-09 16:29 - 00000000 ____D () C:\Users\Andy\AppData\Roaming\Mozilla
2014-08-09 16:29 - 2014-08-09 16:29 - 00000000 ____D () C:\Users\Andy\AppData\Local\Thunderbird
2014-08-09 16:29 - 2014-08-09 16:29 - 00000000 ____D () C:\ProgramData\Mozilla
2014-08-09 16:29 - 2014-08-09 16:29 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-08-09 16:07 - 2014-08-09 16:07 - 00106272 _____ (G Data Software) C:\WINDOWS\system32\Drivers\GRD.sys
2014-08-09 16:07 - 2014-08-09 16:07 - 00018160 _____ (G Data Software) C:\WINDOWS\system32\Drivers\GdPhyMem.sys
2014-08-09 15:54 - 2014-08-09 15:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G Data TotalProtection
2014-08-09 15:54 - 2014-08-09 15:33 - 00142336 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\MiniIcpt.sys
2014-08-09 15:54 - 2014-08-09 15:33 - 00098760 _____ (G Data Software) C:\WINDOWS\system32\Drivers\TS4nt.sys
2014-08-09 15:54 - 2014-08-09 15:33 - 00067584 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\gdwfpcd64.sys
2014-08-09 15:54 - 2014-08-09 15:33 - 00064000 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\PktIcpt.sys
2014-08-09 15:54 - 2014-08-09 15:33 - 00061440 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\HookCentre.sys
2014-08-09 15:54 - 2014-08-09 15:33 - 00055808 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\GDBehave.sys
2014-08-09 15:54 - 2014-08-09 15:33 - 00034108 _____ () C:\WINDOWS\DPINST.LOG
2014-08-09 15:54 - 2014-08-09 15:33 - 00020992 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\GDKBFlt64.sys
2014-08-09 15:54 - 2014-08-09 15:33 - 00000619 _____ () C:\Users\Public\Desktop\G Data TotalProtection.lnk
2014-08-09 15:51 - 2014-08-09 15:51 - 00001377 _____ () C:\Users\Andy\Desktop\cFosSpeed Features.lnk
2014-08-09 15:51 - 2014-08-09 15:51 - 00001237 _____ () C:\Users\Andy\Desktop\cFosSpeed Calibration.lnk
2014-08-09 15:51 - 2014-08-09 15:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\cFosSpeed Traffic Shaping
2014-08-09 15:51 - 2013-01-26 11:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2014-08-09 15:51 - 2013-01-26 11:47 - 00000000 ____D () C:\Program Files\ASUS
2014-08-09 15:40 - 2013-01-26 09:35 - 00000000 ____D () C:\WINDOWS\en-GB
2014-08-09 15:40 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\SysWOW64\en-GB
2014-08-09 15:40 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\system32\en-GB
2014-08-09 15:40 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\IME
2014-08-09 15:40 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\Globalization
2014-08-09 15:33 - 2014-08-09 15:33 - 00078848 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\gddcd64.sys
2014-08-09 15:33 - 2014-08-09 15:33 - 00058880 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\gddcv64.sys
2014-08-09 15:33 - 2014-08-09 15:33 - 00000779 _____ () C:\Users\Andy\AppData\Roaming\gdscan.log
2014-08-09 15:33 - 2014-08-09 15:33 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_GDKBFlt64_01007.Wdf
2014-08-09 15:33 - 2014-08-09 15:33 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_gddcd64_01007.Wdf
2014-08-09 15:33 - 2014-08-09 15:33 - 00000000 ____D () C:\ProgramData\G DATA Software
2014-08-09 15:33 - 2014-08-09 15:33 - 00000000 _____ () C:\Users\Andy\AppData\Roaming\gdfw.log
2014-08-09 15:31 - 2014-08-09 15:31 - 502900048 _____ (G Data Software AG) C:\Users\Andy\Downloads\INT_R_FUL_2015_TP.exe
2014-08-09 10:10 - 2013-01-26 11:28 - 00000000 ____D () C:\WINDOWS\Panther
2014-08-09 09:53 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\AUInstallAgent
2014-08-09 09:21 - 2014-08-09 09:21 - 00000000 ____D () C:\Users\Andy\AppData\Roaming\Macromedia
2014-08-09 09:17 - 2013-01-26 11:58 - 00002046 _____ () C:\Users\Public\Desktop\AI Suite II.lnk
2014-08-09 09:17 - 2013-01-26 11:47 - 00000000 ____D () C:\WINDOWS\System32\Tasks\ASUS
2014-08-09 09:16 - 2014-08-09 09:16 - 00000000 _____ () C:\WINDOWS\SysWOW64\Drivers\1043_ASUSTeK_CG8480.alu
2014-08-09 09:14 - 2014-08-09 09:14 - 00007429 _____ () C:\WINDOWS\system32\lvcoinst.log
2014-08-09 09:14 - 2014-08-09 09:14 - 00000000 ____D () C:\Program Files\Common Files\logishrd
2014-08-09 09:13 - 2014-08-09 09:10 - 00000000 ____D () C:\Users\Andy\AppData\Local\Packages
2014-08-09 09:12 - 2014-08-09 09:12 - 08373576 _____ () C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2014-08-09 09:12 - 2014-08-09 09:12 - 00000000 ____D () C:\Users\Andy\AppData\Roaming\Intel Corporation
2014-08-09 09:11 - 2014-08-09 09:11 - 00001510 _____ () C:\Users\Andy\Desktop\Trend Micro Titanium Internet Security.lnk
2014-08-09 09:11 - 2014-08-09 09:11 - 00001449 _____ () C:\Users\Andy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-08-09 09:11 - 2014-08-09 09:11 - 00001076 _____ () C:\Users\Andy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SystemLevelUp.lnk
2014-08-09 09:11 - 2014-08-09 09:11 - 00000000 ____D () C:\WINDOWS\System32\Tasks\WPD
2014-08-09 09:11 - 2014-08-09 09:11 - 00000000 ____D () C:\Users\Andy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Trend Micro Titanium Internet Security
2014-08-09 09:11 - 2014-08-09 09:11 - 00000000 ____D () C:\Users\Andy\AppData\Roaming\ASUS WebStorage
2014-08-09 09:11 - 2014-08-09 09:11 - 00000000 ____D () C:\Users\Andy\AppData\Local\cFos
2014-08-09 09:11 - 2013-01-26 12:00 - 00000000 ____D () C:\ProgramData\Trend Micro
2014-08-09 09:10 - 2014-08-09 09:10 - 00000020 ___SH () C:\Users\Andy\ntuser.ini
2014-08-09 09:10 - 2014-08-09 09:10 - 00000000 _SHDL () C:\Users\Andy\Vorlagen
2014-08-09 09:10 - 2014-08-09 09:10 - 00000000 _SHDL () C:\Users\Andy\Startmenü
2014-08-09 09:10 - 2014-08-09 09:10 - 00000000 _SHDL () C:\Users\Andy\Netzwerkumgebung
2014-08-09 09:10 - 2014-08-09 09:10 - 00000000 _SHDL () C:\Users\Andy\Lokale Einstellungen
2014-08-09 09:10 - 2014-08-09 09:10 - 00000000 _SHDL () C:\Users\Andy\Eigene Dateien
2014-08-09 09:10 - 2014-08-09 09:10 - 00000000 _SHDL () C:\Users\Andy\Druckumgebung
2014-08-09 09:10 - 2014-08-09 09:10 - 00000000 _SHDL () C:\Users\Andy\Documents\Eigene Musik
2014-08-09 09:10 - 2014-08-09 09:10 - 00000000 _SHDL () C:\Users\Andy\Documents\Eigene Bilder
2014-08-09 09:10 - 2014-08-09 09:10 - 00000000 _SHDL () C:\Users\Andy\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-08-09 09:10 - 2014-08-09 09:10 - 00000000 _SHDL () C:\Users\Andy\AppData\Local\Verlauf
2014-08-09 09:10 - 2014-08-09 09:10 - 00000000 _SHDL () C:\Users\Andy\AppData\Local\Anwendungsdaten
2014-08-09 09:10 - 2014-08-09 09:10 - 00000000 _SHDL () C:\Users\Andy\Anwendungsdaten
2014-08-09 01:09 - 2014-08-09 01:09 - 00000000 __SHD () C:\Recovery
2014-08-09 01:09 - 2014-08-09 01:09 - 00000000 _____ () C:\Recovery.txt
2014-08-09 01:09 - 2012-07-26 09:13 - 00262144 _____ () C:\WINDOWS\system32\config\BCD-Template
2014-07-25 15:01 - 2014-08-10 05:31 - 01715224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2014-07-25 15:01 - 2014-08-10 05:31 - 01291280 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2014-07-25 15:01 - 2014-08-10 05:31 - 01283136 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2014-07-25 15:01 - 2014-08-10 05:31 - 01126480 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2014-07-21 18:15 - 2014-08-09 15:51 - 01895360 _____ (cFos Software GmbH) C:\WINDOWS\system32\Drivers\cfosspeed6.sys

Some content of TEMP:
====================
C:\Users\Andy\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpytipij.dll
C:\Users\Andy\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\Andy\AppData\Local\Temp\nvStInst.exe
C:\Users\Andy\AppData\Local\Temp\ose00000.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2013-01-26 11:28

==================== End Of Log ============================
--- --- ---


Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-08-2014 01
Ran by Andy at 2014-08-10 08:41:25
Running from C:\Users\Andy\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: G Data TotalProtection (Enabled - Up to date) {545C8713-0744-B079-87F8-349A6D5C8CF0}
AV: Trend Micro Titanium Internet Security (Disabled - Up to date) {B7599298-8445-728A-A5C7-A26A082C8BDA}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Trend Micro Titanium Internet Security (Disabled - Up to date) {0C38737C-A27F-7D04-9F77-991873ABC167}
AS: G Data TotalProtection (Enabled - Up to date) {EF3D66F7-217E-BFF7-BD48-0FE816DBC64D}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: G Data Personal Firewall (Enabled) {6C670636-4D2B-B121-ACA7-9DAF938FCB8B}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9130 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 1.5.3.9130 - Adobe Systems Inc.) Hidden
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.2.1.650 - Adobe Systems Incorporated)
Adobe Community Help (x32 Version: 3.2.1 - Adobe Systems Incorporated) Hidden
Adobe Photoshop Elements 9 (HKLM-x32\...\Adobe Photoshop Elements 9) (Version: 9.0 - Adobe Systems Incorporated)
Adobe Photoshop Elements 9 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Premiere Elements 9 (HKLM-x32\...\PremElem90) (Version: 9.0 - Adobe Systems Incorporated)
Adobe Premiere Elements 9 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Premiere Elements 9 Content (HKLM-x32\...\Adobe Premiere Elements 9 Content) (Version: 9.0 - Adobe Systems Incorporated)
Adobe Premiere Elements 9 Content (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Premiere Elements 9 Content 1 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Premiere Elements 9 Content 2 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Premiere Elements 9 Content 3 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Premiere Elements 9 HD Content 1 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Premiere Elements 9 HD Content 2 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Premiere Elements 9 HD Content 3 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Reader X (10.1.3) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.3 - Adobe Systems Incorporated)
AI Suite II (HKLM-x32\...\{34D3688E-A737-44C5-9E2A-FF73618728E1}) (Version: 2.01.03 - ASUSTeK Computer Inc.)
ASUS Easy Update (HKLM-x32\...\{E7AA854E-6756-424E-84C2-4E47D5729AFF}) (Version: 2.00.30 - ASUSTeK Computer Inc)
ASUS Music Maker (HKLM-x32\...\MAGIX_{5E00D8DF-905B-41C7-B562-C126DE3A4167}) (Version: 18.0.3.3 - MAGIX AG)
ASUS Music Maker (Version: 18.0.3.3 - MAGIX AG) Hidden
ASUS MX Suite (HKLM-x32\...\MAGIX_{9204F334-2A46-49F1-89C4-65CEB7AC1974}) (Version: 1.13.0.121 - MAGIX AG)
ASUS MX Suite (Version: 1.13.0.121 - MAGIX AG) Hidden
ASUS ROG GAMING MOUSE GX900 (HKLM-x32\...\{0AD3CB15-7DAA-4A0D-AD49-2BB8485C95A3}) (Version: 1.1.0 - ASUS)
ASUS Video easy (HKLM-x32\...\MAGIX_{7DB84618-76E3-4999-A9A0-D7D756E14129}) (Version: 3.0.1.42 - MAGIX AG)
ASUS Video easy (Version: 3.0.1.42 - MAGIX AG) Hidden
ASUS WebStorage Sync Agent (HKLM-x32\...\ASUS WebStorage) (Version: 1.1.10.123 - ASUS Cloud Corporation)
ASUSDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4127.52 - CyberLink Corp.)
ASUSDVD (x32 Version: 10.0.4127.52 - CyberLink Corp.) Hidden
AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.12.309 - ASUSTEK)
Bing Bar (HKLM-x32\...\{16793295-2366-40F7-A045-A3E42A81365E}) (Version: 7.1.362.0 - Microsoft Corporation)
cFosSpeed v9.64 (HKLM\...\cFosSpeed) (Version: 9.64 - cFos Software GmbH, Bonn)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dropbox (HKCU\...\Dropbox) (Version: 2.10.27 - Dropbox, Inc.)
Elements 9 Organizer (x32 Version: 9.0 - Ihr Firmenname) Hidden
Elements STI Installer (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
eManual (HKLM-x32\...\{0C84E634-EB68-4A54-B21E-A05EC87A4CC5}) (Version: 1.00.05 - ASUSTeK Computer Inc.)
Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{6C5F8503-55D2-4398-858C-362B7A7AF51C}) (Version: 2.1.31.0 - MAGIX AG)
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
G Data TotalProtection (HKLM-x32\...\{6715BEB5-01F1-41AC-B44B-0A78CD50C433}) (Version: 25.0.1.4 - G Data Software AG)
Galeria de Fotografias (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galería de fotos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 36.0.1985.125 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
HP Officejet 6500 E710n-z - Grundlegende Software für das Gerät (HKLM\...\{56F91CE8-0168-4619-8FEC-13F5087E40F8}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Officejet 6500 E710n-z Hilfe (HKLM-x32\...\{130E5108-547F-4482-91EE-F45C784E08C7}) (Version: 140.0.2.2 - Hewlett Packard)
HP Update (HKLM-x32\...\{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}) (Version: 5.003.003.001 - Hewlett-Packard)
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.6.0.1030 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Single Image 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.0 - Mozilla)
Mozilla Thunderbird 31.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 31.0 (x86 de)) (Version: 31.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
Nero 12 Essentials OEM.a01 (HKLM-x32\...\{2AC099EA-CC1C-4E4E-BDFC-0353DCF13DD0}) (Version: 12.5.00400 - Nero AG)
Nero ControlCenter (x32 Version: 11.0.15200 - Nero AG) Hidden
Nero ControlCenter Help (CHM) (x32 Version: 12.0.0003 - Nero AG) Hidden
Nero Core Components (x32 Version: 11.0.17800 - Nero AG) Hidden
Nero Express (x32 Version: 12.0.19000 - Nero AG) Hidden
Nero Express Help (CHM) (x32 Version: 12.0.1000 - Nero AG) Hidden
Nero Launcher (x32 Version: 12.2.2000 - Nero AG) Hidden
Nero Update (x32 Version: 11.0.11800.31.0 - Nero AG) Hidden
NVIDIA 3D Vision Controller-Treiber 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 340.52 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.157.1165 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 15.3.33 (Version: 15.3.33 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6514 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 340.52 (Version: 340.52 - NVIDIA Corporation) Hidden
NVIDIA Update 15.3.33 (Version: 15.3.33 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 15.3.33 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.23 (Version: 1.2.23 - NVIDIA Corporation) Hidden
Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Prerequisite installer (x32 Version: 12.0.0002 - Nero AG) Hidden
Raccolta foto (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.3.730.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6699 - Realtek Semiconductor Corp.)
SHIELD Streaming (Version: 3.1.100 - NVIDIA Corporation) Hidden
SmartSound Quicktracks for Premiere Elements 9.0 (HKLM-x32\...\InstallShield_{6748E773-5DA0-4D19-8AA5-273B4133A09B}) (Version: 3.12.3090 - SmartSound Software Inc)
SmartSound Quicktracks for Premiere Elements 9.0 (x32 Version: 3.12.3090 - SmartSound Software Inc) Hidden
Studie zur Verbesserung von HP Officejet 6500 E710n-z Produkten (HKLM\...\{6F4652BE-D68A-40DC-9075-4017EC6CF6A9}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
System Level Up Driver (HKLM-x32\...\{ABB5B6B0-68E6-4F87-8F1D-A9A2A3A77355}) (Version: 2.01.03 - ASUSTeK Computer Inc.)
Trend Micro Titanium (Version: 6.00 - Trend Micro Inc.) Hidden
Trend Micro Titanium Internet Security (HKLM\...\{ABBD4BA8-6703-40D2-AB1E-5BB1F7DB49A4}) (Version: 6.0 - Trend Micro Inc.)
Why ASUS PC (HKLM-x32\...\{5648F9D9-299E-408C-AC1F-59DC75894A1F}) (Version: 1.00.02 - ASUSTeK Computer Inc.)
Windows Live (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live 程式集 (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live 软件包 (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Συλλογή φωτογραφιών (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
影像中心 (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
照片库 (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-4079679003-1181848519-1609450326-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Andy\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4079679003-1181848519-1609450326-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Andy\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4079679003-1181848519-1609450326-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Andy\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4079679003-1181848519-1609450326-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Andy\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4079679003-1181848519-1609450326-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Andy\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4079679003-1181848519-1609450326-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Andy\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4079679003-1181848519-1609450326-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Andy\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4079679003-1181848519-1609450326-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Andy\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4079679003-1181848519-1609450326-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Andy\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

==================== Restore Points  =========================

09-08-2014 08:17:29 Installed AI Suite II

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2012-07-26 06:26 - 2012-07-26 06:26 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {26B08AEC-7387-41D7-A565-7B7481BF960B} - System32\Tasks\ASUS\ASUS Easy Update => C:\Program Files (x86)\ASUS\ASUS Easy Update\ALU.exe [2012-11-20] (ASUSTeK Computer Inc.)
Task: {3D8D2473-E7B1-4731-9C21-D8ED6F238887} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-08-09] (Google Inc.)
Task: {624A68DE-2DA4-4F54-AD28-F96C375C6417} - System32\Tasks\ASUS\ASUS AI Suite II Execute => C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe [2012-03-13] (ASUSTeK Computer Inc.)
Task: {6EE55D44-86C0-4C43-903A-CEDB7EE69D9A} - System32\Tasks\HPCustParticipation HP Officejet 6500 E710n-z => C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {89A2C29D-451C-41BC-AC6C-596FF4770D92} - System32\Tasks\ASUS\SystemLevelUp Driver => C:\Program Files\ASUS\System Level Up Driver\SysLevelUp.exe [2012-09-24] ()
Task: {89B38BF6-8908-4043-8755-45240B163210} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-08-09] (Google Inc.)
Task: {8C7CCCF8-0EDC-4C58-BE8C-3336ECEAD242} - System32\Tasks\AsusVibeSchedule => C:\Program Files (x86)\Asus\AsusVibe\AsusVibeLauncher.exe [2012-09-27] ()
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {AB96B97B-39C2-46A2-876A-EEB6AE199033} - System32\Tasks\Microsoft\Windows\Servicing\StartComponentCleanup => C:\WINDOWS\system32\dism.exe [2012-07-26] (Microsoft Corporation)
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-01-26 11:58 - 2012-06-01 10:42 - 00920736 ____N () C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
2013-01-26 12:00 - 2012-05-02 20:24 - 00064512 _____ () C:\Program Files\Trend Micro\AMSP\boost_thread-vc80-mt-1_49.dll
2013-01-26 12:00 - 2012-05-02 20:27 - 00049664 _____ () C:\Program Files\Trend Micro\AMSP\boost_date_time-vc80-mt-1_49.dll
2014-05-20 02:38 - 2014-05-20 02:38 - 00340088 ____N () C:\Program Files (x86)\Common Files\G Data\AVKProxy\PktIcpt2x64.dll
2013-01-26 11:47 - 2012-09-24 20:30 - 03078016 _____ () C:\Program Files\ASUS\System Level Up Driver\SysLevelUp.exe
2013-05-23 01:32 - 2014-07-02 19:55 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-01-26 11:58 - 2014-08-10 05:12 - 00029696 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\PEbiosinterface32.dll
2013-01-26 11:58 - 2010-06-29 03:58 - 00104448 ____N () C:\Program Files (x86)\ASUS\AXSP\1.00.19\ATKEX.dll
2013-01-26 11:52 - 2012-11-19 20:04 - 00050688 _____ () C:\Program Files (x86)\ASUS\ASUS Easy Update\AsMultiLang.dll
2013-01-26 11:47 - 2012-09-24 20:30 - 00179712 _____ () C:\Program Files\ASUS\System Level Up Driver\ASUSSERVICE.DLL
2013-01-26 11:47 - 2012-09-24 20:21 - 00609280 _____ () C:\Program Files\ASUS\System Level Up Driver\DeskTopToastDll.dll
2013-01-26 11:47 - 2012-09-24 20:30 - 00475136 _____ () C:\Program Files\ASUS\System Level Up Driver\HookKey32.dll
2014-08-10 05:13 - 2014-08-10 05:13 - 00043008 _____ () c:\users\andy\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpytipij.dll
2014-08-09 18:18 - 2013-08-23 20:01 - 25100288 _____ () C:\Users\Andy\AppData\Roaming\Dropbox\bin\libcef.dll
2013-05-23 01:31 - 2013-05-23 01:31 - 00017920 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PSIClient\2a87eb344d4aa5ad4e8360d799271e32\PSIClient.ni.dll
2013-05-23 01:31 - 2012-06-25 19:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2014-08-09 16:35 - 2014-07-15 10:24 - 00718664 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\libglesv2.dll
2014-08-09 16:35 - 2014-07-15 10:24 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\libegl.dll
2014-08-09 16:29 - 2014-07-18 02:39 - 03338352 _____ () D:\Programme\Mozilla Thunderbird\mozjs.dll
2014-08-09 16:29 - 2014-07-18 02:39 - 00158832 _____ () D:\Programme\Mozilla Thunderbird\NSLDAP32V60.dll
2014-08-09 16:29 - 2014-07-18 02:39 - 00023152 _____ () D:\Programme\Mozilla Thunderbird\NSLDAPPR32V60.dll
2014-08-09 16:35 - 2014-07-15 10:24 - 08537928 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\pdf.dll
2014-08-09 16:35 - 2014-07-15 10:24 - 00353096 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\ppGoogleNaClPluginChrome.dll
2014-08-09 16:35 - 2014-07-15 10:24 - 01732936 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\ffmpegsumo.dll
2014-08-09 16:35 - 2014-07-15 10:24 - 14664008 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\PepperFlash\pepflashplayer.dll

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


==================== Faulty Device Manager Devices =============

Name: Mad Catz S.T.R.I.K.E.7 V.E.N.O.M
Description: Mad Catz S.T.R.I.K.E.7 V.E.N.O.M
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Barcode Device
Description: Barcode Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (08/10/2014 08:01:56 AM) (Source: MsiInstaller) (EventID: 10005) (User: ANDY)
Description: Produkt: HP Officejet 6500 E710n-z Basic Device Software -- Das Betriebssystem dieses Computers wird nicht unterstützt.  Diese Software lässt sich nur auf Computern mit folgenden Windows Betriebssystemen installieren:  1) Windows XP mit Service Pack 2 oder höher (nur 32 Bit);  2) Windows Vista;  3) Windows 7. Aktualisieren Sie das Betriebssystem des Computers, oder installieren Sie die Software auf einem anderen Computer.

Error: (08/09/2014 09:12:55 AM) (Source: Perflib) (EventID: 1023) (User: )
Description: rdyboost4


System errors:
=============
Error: (08/10/2014 05:12:33 AM) (Source: Microsoft-Windows-Kernel-General) (EventID: 6) (User: NT-AUTORITÄT)
Description: 0xc000014d0

Error: (08/10/2014 05:11:29 AM) (Source: DCOM) (EventID: 10001) (User: ANDY)
Description: C:\PROGRA~2\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe -Embedding740{B3EDE298-AE75-4A1C-AB7E-1B9229B77BBE}Nicht verfügbarNicht verfügbar

Error: (08/09/2014 09:12:16 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "KIRSCHNER",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{9C822CF1-8962-4971-A14E-B555BA346DEB}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (08/09/2014 08:04:36 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {752073A1-23F2-4396-85F0-8FDB879ED0ED}

Error: (08/09/2014 08:01:37 PM) (Source: Microsoft-Windows-LanguagePackSetup) (EventID: 1000) (User: NT-AUTORITÄT)
Description: Fehler bei der CBS-Clientinitialisierung. Letzter Fehler: 0x80080005

Error: (08/09/2014 08:01:37 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {752073A1-23F2-4396-85F0-8FDB879ED0ED}

Error: (08/09/2014 07:59:26 PM) (Source: Microsoft-Windows-Kernel-General) (EventID: 6) (User: NT-AUTORITÄT)
Description: 0xc000014d0

Error: (08/09/2014 03:57:14 PM) (Source: Microsoft-Windows-Kernel-General) (EventID: 6) (User: NT-AUTORITÄT)
Description: 0xc000014d0

Error: (08/09/2014 03:53:24 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst GDBackupSvc erreicht.

Error: (08/09/2014 03:46:55 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {752073A1-23F2-4396-85F0-8FDB879ED0ED}


Microsoft Office Sessions:
=========================
Error: (08/10/2014 08:01:56 AM) (Source: MsiInstaller) (EventID: 10005) (User: ANDY)
Description: Produkt: HP Officejet 6500 E710n-z Basic Device Software -- Das Betriebssystem dieses Computers wird nicht unterstützt.  Diese Software lässt sich nur auf Computern mit folgenden Windows Betriebssystemen installieren:  1) Windows XP mit Service Pack 2 oder höher (nur 32 Bit);  2) Windows Vista;  3) Windows 7. Aktualisieren Sie das Betriebssystem des Computers, oder installieren Sie die Software auf einem anderen Computer.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (08/09/2014 09:12:55 AM) (Source: Perflib) (EventID: 1023) (User: )
Description: rdyboost4


==================== Memory info ===========================

Percentage of memory in use: 18%
Total physical RAM: 16329.12 MB
Available physical RAM: 13323.6 MB
Total Pagefile: 21961.12 MB
Available Pagefile: 18402.91 MB
Total Virtual: 8192 MB
Available Virtual: 8191.78 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:99.42 GB) (Free:27.86 GB) NTFS
Drive d: (New Volume) (Fixed) (Total:931.39 GB) (Free:923.86 GB) NTFS
Drive j: (HTC Sync Manager) (CDROM) (Total:0.02 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 119 GB) (Disk ID: 01C6DABA)

Partition: GPT Partition Type.

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

==================== End Of Log ============================

schrauber 10.08.2014 08:45
sieht gut aus. Wenn du die Kiste nicht nochmal direkt schrotten willst, deinstalliere dringend GDATA oder Trend Micro.

AndyOhneH 10.08.2014 09:35
Kannst Du mir das bitte näher erklären? Trend Micro ist nicht aktiv, ist wegen der Neuinstallation wieder auf dem Rechner. Und GData nutze ich eigentlich seit einigen Jahren :)

schrauber 10.08.2014 13:09
Nicht beides gleichzeitig nutzen, deinstalliere eins :)

AndyOhneH 10.08.2014 13:27
Hallo Schrauber,

achso, ja ist klar, wie gesagt Trend Micro war nur wegen der Neuinstallation installiert, aber GData ist aktiv. Habe Trend Micro jetzt deinstalliert :-)

Vielen Dank für die Hilfe und wünsche Dir und Deinem Team einen schönen Sonntag :) Habe trotzdem noch eine Frage:
Woher kommt denn dieser "Fingerprint", also ich bin mir zu 100% sicher, das ich keine dubiose E-Mail geöffnet hatte oder auf merkwürdigen Sites gewesen bin....doch, da war mal eine Mail mit einem html-Tag bzw. html-Body ganz genau weiß ich das nicht, weil ich die E-Mail gleich in Ablage P abgelegt hatte.

schrauber 10.08.2014 18:40
Fingerprint ist zu 100% nichtssagend :)


Alle Zeitangaben in WEZ +1. Es ist jetzt 05:28 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131