Virus in Form von Werbe-PopUps?

bianka.b · 17.09.2013, 07:53

Hallo!

Ich habe auf meinem Laptop ein übles Problem. Ständig gehen in Firefox Werbe-PopUps auf, die definitiv nicht zur Seite gehören, auf der ich gerade bin. Manchmal als eigenes Fenster, manchmal nur als Überlagerung der geöffneten Seite.

Ich hab jetzt schon unendlich viel im Internet gelesen und gesucht, auch hier im Board, aber nichts schien wirklich passend zu sein.

Ich habe schon Bitdefender drüberlaufen lassen, der findet nix.
Allerdings muss ich sagen, ich kenne mich mit Computern und so auch nicht wirklich gut aus und weiß nicht, wo ich suchen soll oder was ich anstellen soll, um herauszufinden, was da schief läuft.

LG und Danke schon mal für jegliche Hilfe,
Bianka

schrauber · 17.09.2013, 08:44

hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

bianka.b · 17.09.2013, 09:19

Hi Schrauber,

Danke für die Hilfe. Also, hier mal die Files:

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 16-09-2013 03
Ran by Bianka (administrator) on THINKPAD on 17-09-2013 10:16:34
Running from C:\Users\Bianka\Downloads
Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\vsserv.exe
(Lenovo.) C:\Windows\system32\ibmpmsvc.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(UPEK Inc.) C:\Program Files\ThinkVantage Fingerprint Software\upeksvr.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Lenovo Group Limited) C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
(Lenovo Group Limited) C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\bdparentalservice.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
(Conexant Systems Inc.) C:\Windows\system32\CxAudMsg64.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe
(Lenovo Group Limited) C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
(Lenovo Group Limited) C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Conexant Systems, Inc.) C:\Windows\SysWOW64\SAsrv.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Ericsson AB) C:\Program Files (x86)\Mobile Broadband drivers\WMCore\mini_WMCore.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\System Update\SUService.exe
(Lenovo Group Limited) C:\Program Files (x86)\Common Files\Lenovo\tvt_reg_monitor_svc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Lenovo Group Limited) C:\PROGRA~1\LENOVO\VIRTSCRL\virtscrl.exe
(Lenovo Group Limited) C:\PROGRA~1\Lenovo\Zoom\TPSCREX.EXE
(Lenovo Group Limited) C:\PROGRA~1\Lenovo\HOTKEY\TPONSCR.EXE
(Lenovo Group Limited) C:\PROGRA~1\Lenovo\HOTKEY\tpnumlkd.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcDeskBandHlpr.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Lenovo.) C:\Windows\System32\TpShocks.exe
() C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\AutoLock\ALCKRESI.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\bdagent.exe
(Secomba GmbH) C:\Program Files (x86)\Boxcryptor Classic\BoxcryptorClassic.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Ricoh co.,Ltd.) C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\SvcGuiHlpr.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
(Mindjet) C:\Program Files (x86)\Mindjet\MindManager 7\MmReminderService.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Avanquest Software ) C:\Program Files (x86)\Digital Line Detect\DLG.exe
(Dropbox, Inc.) C:\Users\Bianka\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Lenovo Group Limited) C:\PROGRA~2\ThinkPad\UTILIT~1\SCHTASK.exe
(Lenovo) C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\BdParentalSysTray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
() C:\Program Files (x86)\LENOVO\Message Center Plus\MCPLaunch.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\Antispam32\OBKAgent.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_168.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_168.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2697512 2011-02-17] (Synaptics Incorporated)
HKLM\...\Run: [TpShocks] - C:\Windows\system32\TpShocks.exe [380776 2010-12-09] (Lenovo.)
HKLM\...\Run: [SmartAudio] - C:\Program Files\CONEXANT\SAII\SAIICpl.exe [316032 2011-01-07] (Conexant systems, Inc.)
HKLM\...\Run: [ForteConfig] - C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] ()
HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [LENOVO.TPKNRRES] - C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [41320 2011-02-26] (Lenovo Group Limited)
HKLM\...\Run: [ALCKRESI.EXE] - C:\Program Files\Lenovo\AutoLock\ALCKRESI.EXE [281448 2010-12-17] (Lenovo Group Limited)
HKLM\...\Run: [AcWin7Hlpr] - C:\Program Files (x86)\Lenovo\Access Connections\AcTBenabler.exe [31592 2011-03-08] (Lenovo)
HKLM\...\Run: [nwiz] - C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2041192 2013-02-28] ()
HKLM\...\Run: [Logitech Download Assistant] - C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [Bdagent] - C:\Program Files\Bitdefender\Bitdefender\bdagent.exe [1737944 2013-09-04] (Bitdefender)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\psfus: C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll (UPEK Inc.)
HKCU\...\Run: [BoxcryptorClassic.exe] - C:\Program Files (x86)\Boxcryptor Classic\BoxcryptorClassic.exe [2239744 2013-06-14] (Secomba GmbH)
HKCU\...\Run: [SSync] - C:\Users\Bianka\AppData\Roaming\SSync\SSync.exe [36864 2013-04-10] ()
HKCU\...\Run: [Bitdefender-Geldbörse-Agent] - C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe [554992 2013-09-04] (Bitdefender)
HKCU\...\Run: [Bitdefender-Geldbörse] - C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe [1005632 2013-09-04] (Bitdefender)
HKCU\...\Run: [Bitdefender-Geldbörse-Anwendungs-Agent] - C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe [621448 2013-09-04] (Bitdefender)
HKCU\...\Run: [SCheck] - C:\Users\Bianka\AppData\Roaming\SCheck\SCheck.exe [36864 2013-04-10] ()
HKCU\...\Run: [Snoozer] - C:\Users\Bianka\AppData\Roaming\Snz\Snz.exe [1137764 2013-08-28] ()
HKCU\...\Run: [Intermediate] - C:\Users\Bianka\AppData\Roaming\Intermediate\Intermediate.exe [36864 2013-04-10] ()
HKCU\...\Run: [OMESupervisor] - C:\Users\Bianka\AppData\Local\omesuperv.exe [2218359 2013-08-28] ()
MountPoints2: {421f9ac6-67f9-11e0-bea3-806e6f6e6963} - Q:\LenovoQDrive.exe
HKLM-x32\...\Run: [RotateImage] - C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe [55808 2008-10-31] (Ricoh co.,Ltd.)
HKLM-x32\...\Run: [NUSB3MON] - C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [IMSS] - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [112152 2011-01-17] (Intel Corporation)
HKLM-x32\...\Run: [PWMTRV] - C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL [6002984 2013-06-26] (Lenovo Group Limited)
HKLM-x32\...\Run: [MMReminderService] - C:\Program Files (x86)\Mindjet\MindManager 7\MMReminderService.exe [37392 2007-05-18] (Mindjet)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-05-11] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKU\Default\...\RunOnce: [] - [x]
HKU\Default\...\RunOnce: [Lenovoautoqdrive] - C:\PROGRA~2\Common~1\Lenovo\Lenovo~1\LenovoAutorunreg.exe [159744 2009-03-24] ()
HKU\Default User\...\RunOnce: [] - [x]
HKU\Default User\...\RunOnce: [Lenovoautoqdrive] - C:\PROGRA~2\Common~1\Lenovo\Lenovo~1\LenovoAutorunreg.exe [159744 2009-03-24] ()
AppInit_DLLs: C:\Windows\system32\nvinitx.dll [245872 2013-02-28] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll [201576 2013-02-28] (NVIDIA Corporation)
Lsa: [Notification Packages] scecli C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll ACGina
Startup: C:\Users\Bianka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Users\Bianka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Bianka\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
SSODL: EldosMountNotificator-cbfs4 - {59E75156-4875-43BB-B01E-254F782AB820} - C:\Windows\system32\cbfsMntNtf4.dll (EldoS Corporation)
SSODL-x32: EldosMountNotificator-cbfs4 - {59E75156-4875-43BB-B01E-254F782AB820} - C:\Windows\SysWOW64\cbfsMntNtf4.dll (EldoS Corporation)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

ProxyServer: localhost:8080
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/welcome/thinkpad
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com/welcome/thinkpad
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender\pmbxie.dll (Bitdefender)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: CmjBrowserHelperObject Object - {07A11D74-9D25-4fea-A833-8B0D76A5577A} - C:\Program Files (x86)\Mindjet\MindManager 7\Mm7InternetExplorer.dll (Mindjet)
BHO-x32: Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender\Antispam32\pmbxie.dll (Bitdefender)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: ChromeFrame BHO - {ECB3C477-1A0A-44BD-BB57-78F9EFE34FA7} - C:\Program Files (x86)\Google\Chrome Frame\Application\29.0.1547.66\npchrome_frame.dll (Google Inc.)
Handler: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} -  No File
Handler-x32: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - C:\Program Files (x86)\Google\Chrome Frame\Application\29.0.1547.66\npchrome_frame.dll (Google Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Bianka\AppData\Roaming\Mozilla\Firefox\Profiles\jh7nd2it.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
FF Plugin-x32: @Bitdefender.com/PasswordManager;version=17.8 - C:\Program Files\Bitdefender\Bitdefender\Antispam32\pmbxnp.dll (Bitdefender)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - C:\Program Files (x86)\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf - C:\Program Files (x86)\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender\bdtbext
FF Extension: No Name - C:\Program Files\Bitdefender\Bitdefender\bdtbext
FF HKLM-x32\...\Firefox\Extensions: [ffpwdman@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender\Antispam32\ffpwdman\
FF Extension: Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender\Antispam32\ffpwdman\
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender\bdtbext
FF Extension: No Name - C:\Program Files\Bitdefender\Bitdefender\bdtbext

Chrome: 
=======
CHR HomePage: hxxp://www.google.com
CHR RestoreOnStartup: 		"urls_to_restore_on_startup": [
CHR Extension: (Docs) - C:\Users\Bianka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.0.0.6_0
CHR Extension: (Google Drive) - C:\Users\Bianka\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0
CHR Extension: (YouTube) - C:\Users\Bianka\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0
CHR Extension: (Google Search) - C:\Users\Bianka\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0
CHR Extension: (OfferMosquito) - C:\Users\Bianka\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbmdkmlcnbapgegninelmjbfibaghdmk\0.5_0
CHR Extension: (Gmail) - C:\Users\Bianka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR HKLM-x32\...\Chrome\Extension: [ccahoghmggldkcdjiebjkidpfongdfbl] - C:\Program Files\Bitdefender\Bitdefender\Antispam32\pmbxcr.crx

==================== Services (Whitelisted) =================

S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2013-07-18] (Adobe Systems)
R2 BdDesktopParental; C:\Program Files\Bitdefender\Bitdefender\bdparentalservice.exe [75584 2013-07-05] (Bitdefender)
S3 DozeSvc; C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE [320576 2013-06-26] (Lenovo.)
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [93032 2010-04-07] (Lenovo Group Limited)
R2 SafeBox; C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe [94624 2013-07-08] (Bitdefender)
R2 ThinkVantage Registry Monitor Service; C:\Program Files (x86)\Common Files\Lenovo\tvt_reg_monitor_svc.exe [1028096 2010-12-11] (Lenovo Group Limited)
S3 TVT Backup Service; C:\Program Files (x86)\Lenovo\Rescue and Recovery\rrservice.exe [1475896 2010-12-11] (Lenovo Group Limited)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe [67320 2013-09-04] (Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender\vsserv.exe [1505688 2013-09-04] (Bitdefender)
R2 WMCoreService; C:\Program Files (x86)\Mobile Broadband drivers\WMCore\mini_WMCore.exe [584232 2010-12-09] (Ericsson AB)

==================== Drivers (Whitelisted) ====================

R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [727592 2013-07-19] (BitDefender)
R3 avchv; C:\Windows\System32\DRIVERS\avchv.sys [261056 2012-11-02] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [601360 2013-07-19] (BitDefender)
R1 BdfNdisf; c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys [93600 2013-02-22] (BitDefender LLC)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [103504 2011-11-14] (BitDefender LLC)
R1 bdfwfpf_pc; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys [109056 2013-01-29] (BitDefender SRL)
S3 BDSandBox; C:\Windows\system32\drivers\bdsandbox.sys [82824 2013-07-23] (BitDefender SRL)
R1 BDVEDISK; C:\Windows\System32\DRIVERS\bdvedisk.sys [76944 2012-04-17] (BitDefender)
R1 cbfs4; C:\Windows\system32\drivers\cbfs4.sys [385216 2013-06-05] (EldoS Corporation)
S3 ecnssndis; C:\Windows\System32\Drivers\wwuss64.sys [26664 2010-03-03] (Ericsson AB)
S3 ecnssndisfltr; C:\Windows\System32\Drivers\wwussf64.sys [30248 2010-03-03] (Ericsson AB)
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [147232 2012-10-04] (BitDefender LLC)
S3 l36wgps; C:\Windows\System32\DRIVERS\l36wgps64.sys [101416 2010-12-02] (Ericsson AB)
S3 Mbm3CBus; C:\Windows\System32\DRIVERS\Mbm3CBus.sys [411208 2010-11-01] (MCCI Corporation)
S3 Mbm3DevMt; C:\Windows\System32\DRIVERS\Mbm3DevMt.sys [419912 2010-11-01] (MCCI Corporation)
S3 Mbm3mdfl; C:\Windows\System32\DRIVERS\Mbm3mdfl.sys [19528 2010-11-01] (MCCI Corporation)
S3 Mbm3Mdm; C:\Windows\System32\DRIVERS\Mbm3Mdm.sys [472648 2010-11-01] (MCCI Corporation)
R1 nvkflt; C:\Windows\System32\DRIVERS\nvkflt.sys [284448 2013-02-28] (NVIDIA Corporation)
R1 PHCORE; C:\Program Files\Lenovo\RapidBoot\PHCORE64.SYS [31592 2010-12-03] (Lenovo Group Limited)
S3 pmxdrv; C:\Windows\system32\drivers\pmxdrv.sys [31152 2011-04-16] ()
S3 pmxdrv; C:\Windows\system32\drivers\pmxdrv.sys [31152 2011-04-16] ()
R2 smihlp; C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys [13840 2009-03-13] (UPEK Inc.)
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [382536 2013-05-28] (BitDefender S.R.L.)
R3 TVTI2C; C:\Windows\System32\DRIVERS\Tvti2c.sys [41536 2009-09-24] (Lenovo (United States) Inc.)
R3 vpnpbus; C:\Windows\System32\DRIVERS\vpnpbus.sys [18624 2013-06-05] (EldoS Corporation)
S3 WwanUsbServ; C:\Windows\System32\DRIVERS\WwanUsbMp64.sys [276008 2010-12-29] (Ericsson AB)
S3 PCDSRVC{127174DC-C366ED8B-06020101}_0; \??\c:\program files\pc-doctor\pcdsrvc_x64.pkms [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-09-17 10:16 - 2013-09-17 10:16 - 00000000 ____D C:\FRST
2013-09-17 10:15 - 2013-09-17 10:15 - 01950524 _____ (Farbar) C:\Users\Bianka\Downloads\FRST64.exe
2013-09-17 08:37 - 2013-09-17 08:37 - 00000966 _____ C:\cleannavi.txt
2013-09-17 08:36 - 2013-09-17 08:37 - 00000000 ____D C:\Navilog1
2013-09-17 08:36 - 2013-09-17 08:36 - 00000000 ____D C:\Program Files (x86)\Navilog1
2013-09-16 09:48 - 2013-09-16 09:48 - 638305131 _____ C:\Windows\MEMORY.DMP
2013-09-16 09:48 - 2013-09-16 09:48 - 00262144 _____ C:\Windows\Minidump\091613-19188-01.dmp
2013-09-16 09:48 - 2013-09-16 09:48 - 00000000 ____D C:\Windows\Minidump
2013-09-12 03:07 - 2013-08-10 07:22 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-09-12 03:07 - 2013-08-10 07:22 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-09-12 03:07 - 2013-08-10 07:22 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-09-12 03:07 - 2013-08-10 07:21 - 19246592 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-09-12 03:07 - 2013-08-10 07:21 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-09-12 03:07 - 2013-08-10 07:21 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-09-12 03:07 - 2013-08-10 07:20 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-09-12 03:07 - 2013-08-10 07:20 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-09-12 03:07 - 2013-08-10 07:20 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-09-12 03:07 - 2013-08-10 07:20 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-09-12 03:07 - 2013-08-10 07:20 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-09-12 03:07 - 2013-08-10 07:20 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-09-12 03:07 - 2013-08-10 07:20 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-09-12 03:07 - 2013-08-10 07:20 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-09-12 03:07 - 2013-08-10 05:59 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-09-12 03:07 - 2013-08-10 05:59 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-09-12 03:07 - 2013-08-10 05:58 - 14332928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-09-12 03:07 - 2013-08-10 05:58 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-09-12 03:07 - 2013-08-10 05:58 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-09-12 03:07 - 2013-08-10 05:58 - 02048000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-09-12 03:07 - 2013-08-10 05:58 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-09-12 03:07 - 2013-08-10 05:58 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-09-12 03:07 - 2013-08-10 05:58 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-09-12 03:07 - 2013-08-10 05:58 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-09-12 03:07 - 2013-08-10 05:58 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-09-12 03:07 - 2013-08-10 05:58 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-09-12 03:07 - 2013-08-10 05:58 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-09-12 03:07 - 2013-08-10 05:17 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-09-12 03:07 - 2013-08-10 05:07 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-09-12 03:07 - 2013-08-10 04:27 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-09-12 03:07 - 2013-08-10 04:17 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-09-11 21:52 - 2013-08-05 04:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2013-09-11 21:48 - 2013-08-02 04:23 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-09-11 21:48 - 2013-08-02 04:15 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-09-11 21:48 - 2013-08-02 04:15 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2013-09-11 21:48 - 2013-08-02 04:15 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-09-11 21:48 - 2013-08-02 04:15 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2013-09-11 21:48 - 2013-08-02 04:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2013-09-11 21:48 - 2013-08-02 04:14 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2013-09-11 21:48 - 2013-08-02 04:13 - 01161216 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2013-09-11 21:48 - 2013-08-02 04:13 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2013-09-11 21:48 - 2013-08-02 04:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2013-09-11 21:48 - 2013-08-02 04:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2013-09-11 21:48 - 2013-08-02 04:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 04:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 03:59 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-09-11 21:48 - 2013-08-02 03:59 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-09-11 21:48 - 2013-08-02 03:51 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-09-11 21:48 - 2013-08-02 03:50 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2013-09-11 21:48 - 2013-08-02 03:50 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2013-09-11 21:48 - 2013-08-02 03:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-09-11 21:48 - 2013-08-02 03:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2013-09-11 21:48 - 2013-08-02 03:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 03:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 03:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2013-09-11 21:48 - 2013-08-02 02:59 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2013-09-11 21:48 - 2013-08-02 02:45 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-09-11 21:48 - 2013-08-02 02:45 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-09-11 21:48 - 2013-08-02 02:45 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-09-11 21:48 - 2013-08-02 02:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-09-11 21:48 - 2013-08-02 02:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 02:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 02:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 02:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2013-09-11 21:36 - 2013-07-26 04:24 - 14172672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2013-09-11 21:36 - 2013-07-26 04:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2013-09-11 21:36 - 2013-07-26 03:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2013-09-11 21:36 - 2013-07-26 03:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2013-09-11 20:46 - 2013-08-08 03:20 - 03155456 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-09-10 15:39 - 2013-09-10 15:39 - 10003360 _____ (TimePunch KG                                                ) C:\Users\Bianka\Downloads\TimePunchONE.exe
2013-09-06 07:43 - 2013-09-06 07:43 - 00867240 _____ (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-09-06 07:43 - 2013-09-06 07:43 - 00789416 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-09-06 07:43 - 2013-09-06 07:43 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-09-06 07:43 - 2013-09-06 07:43 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-09-06 07:43 - 2013-09-06 07:43 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-09-06 07:43 - 2013-09-06 07:43 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-09-06 07:43 - 2013-09-06 07:43 - 00000000 ____D C:\ProgramData\Sun
2013-09-06 07:43 - 2013-09-06 07:43 - 00000000 ____D C:\Program Files (x86)\Java
2013-09-06 07:40 - 2013-09-06 07:42 - 31714728 _____ (Oracle Corporation) C:\Users\Bianka\Downloads\jre-7u25-windows-i586.exe
2013-09-05 17:32 - 2013-09-05 18:50 - 596069350 _____ C:\Users\Bianka\Downloads\onkeltomshuette_crow_1210.zip
2013-08-29 10:58 - 2013-08-29 11:05 - 88808360 _____ C:\Users\Bianka\Downloads\bitdefender_pc_2013_v195_32b.exe
2013-08-29 08:05 - 2013-08-29 08:05 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-08-28 20:46 - 2013-08-28 20:46 - 02218359 _____ C:\Users\Bianka\AppData\Local\omesuperv.exe
2013-08-27 18:07 - 2013-08-27 18:07 - 00000385 _____ C:\Users\Bianka\AppData\Roaminguser_gensett.xml
2013-08-27 17:17 - 2013-08-27 17:17 - 00000385 _____ C:\Windows\system32\user_gensett.xml
2013-08-27 08:37 - 2013-08-27 08:37 - 01089626 _____ C:\ProgramData\1377582449.bdinstall.bin
2013-08-27 08:21 - 2013-08-27 08:21 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_avchv_01009.Wdf
2013-08-27 08:21 - 2012-04-17 14:34 - 00076944 _____ (BitDefender) C:\Windows\system32\Drivers\bdvedisk.sys
2013-08-27 08:20 - 2013-07-23 16:50 - 00082824 _____ (BitDefender SRL) C:\Windows\system32\Drivers\bdsandbox.sys
2013-08-27 08:20 - 2013-07-19 18:08 - 00601360 _____ (BitDefender) C:\Windows\system32\Drivers\avckf.sys
2013-08-27 08:20 - 2013-07-19 18:04 - 00727592 _____ (BitDefender) C:\Windows\system32\Drivers\avc3.sys
2013-08-27 08:20 - 2013-02-22 19:46 - 00093600 _____ (BitDefender LLC) C:\Windows\system32\Drivers\BdfNdisf6.sys
2013-08-27 08:20 - 2012-11-02 14:17 - 00261056 _____ (BitDefender) C:\Windows\system32\Drivers\avchv.sys
2013-08-27 08:20 - 2007-04-11 11:11 - 00511328 _____ (Microsoft Corporation) C:\Windows\capicom.dll
2013-08-27 07:55 - 2013-08-27 08:21 - 00253404 ____H C:\bdr-ld01
2013-08-27 07:55 - 2013-08-27 08:21 - 00009216 ____H C:\bdr-ld01.mbr
2013-08-27 07:55 - 2013-06-25 18:20 - 38518480 ____H C:\bdr-im01.gz
2013-08-27 07:55 - 2012-08-15 15:28 - 02510608 ____H C:\bdr-bz01
2013-08-27 07:47 - 2013-05-28 12:12 - 00382536 _____ (BitDefender S.R.L.) C:\Windows\system32\Drivers\trufos.sys
2013-08-27 07:47 - 2012-10-04 14:30 - 00147232 _____ (BitDefender LLC) C:\Windows\system32\Drivers\gzflt.sys
2013-08-27 07:43 - 2013-08-27 07:43 - 00000085 _____ C:\Windows\wininit.ini
2013-08-27 07:37 - 2013-08-27 07:40 - 37672592 _____ (Safer-Networking Ltd.                                       ) C:\Users\Bianka\Downloads\spybotsd-2.1.21-SR2.exe
2013-08-26 12:13 - 2013-08-26 12:13 - 01667400 _____ C:\ProgramData\1377505303.bdinstall.bin
2013-08-26 11:33 - 2013-08-27 17:17 - 00000000 ____D C:\ProgramData\BDLogging
2013-08-26 11:33 - 2013-08-27 08:21 - 00000684 ____H C:\bdr-cf01
2013-08-26 10:37 - 2013-08-31 15:28 - 00000000 ____D C:\Users\Bianka\AppData\Roaming\Bitdefender
2013-08-26 10:22 - 2013-08-26 11:38 - 00000000 ____D C:\ProgramData\Bitdefender
2013-08-26 10:22 - 2013-08-26 10:37 - 00000000 ____D C:\Program Files\Bitdefender
2013-08-26 10:21 - 2013-08-26 10:21 - 00000000 ____D C:\Users\Bianka\AppData\Roaming\QuickScan
2013-08-26 10:15 - 2013-08-27 16:58 - 00000000 ____D C:\Program Files\Common Files\Bitdefender
2013-08-23 12:57 - 2013-08-23 14:16 - 00000000 ____D C:\Users\Bianka\Desktop\Urlaubsfotos Türkei
2013-08-19 22:33 - 2013-08-19 22:35 - 00000000 ____D C:\Users\Bianka\Desktop\Download
2013-08-19 22:10 - 2013-08-19 22:21 - 362546197 _____ C:\Users\Bianka\Downloads\Download.zip
2013-08-19 21:55 - 2013-08-19 22:00 - 00000000 ____D C:\Users\Bianka\Desktop\ImageTransfer_2013-08-19_20-36
2013-08-19 20:37 - 2013-08-19 20:43 - 398503283 _____ C:\Users\Bianka\Downloads\ImageTransfer_2013-08-19_20-36.zip
2013-08-19 18:37 - 2013-07-09 07:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-08-19 18:37 - 2013-07-09 07:51 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2013-08-19 18:37 - 2013-07-09 07:46 - 01472512 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-08-19 18:37 - 2013-07-09 07:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-08-19 18:37 - 2013-07-09 07:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-08-19 18:37 - 2013-07-09 06:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2013-08-19 18:37 - 2013-07-09 06:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2013-08-19 18:37 - 2013-07-09 06:46 - 01166848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-08-19 18:37 - 2013-07-09 06:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-08-19 18:37 - 2013-07-09 06:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-08-19 18:36 - 2013-07-25 11:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-08-19 18:36 - 2013-07-25 10:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-08-19 18:36 - 2013-07-19 03:58 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-08-19 18:36 - 2013-07-19 03:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-08-19 18:36 - 2013-07-06 08:03 - 01910208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-08-19 18:36 - 2013-06-15 06:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys

==================== One Month Modified Files and Folders =======

2013-09-17 10:17 - 2011-04-16 09:42 - 00000382 _____ C:\Windows\Tasks\SystemToolsDailyTest.job
2013-09-17 10:16 - 2013-09-17 10:16 - 00000000 ____D C:\FRST
2013-09-17 10:15 - 2013-09-17 10:15 - 01950524 _____ (Farbar) C:\Users\Bianka\Downloads\FRST64.exe
2013-09-17 10:14 - 2011-04-16 09:42 - 00000528 _____ C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job
2013-09-17 09:19 - 2013-07-04 07:49 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-09-17 08:37 - 2013-09-17 08:37 - 00000966 _____ C:\cleannavi.txt
2013-09-17 08:37 - 2013-09-17 08:36 - 00000000 ____D C:\Navilog1
2013-09-17 08:36 - 2013-09-17 08:36 - 00000000 ____D C:\Program Files (x86)\Navilog1
2013-09-17 08:26 - 2013-07-02 21:02 - 00000000 ____D C:\Users\Bianka\AppData\Roaming\Dropbox
2013-09-17 08:19 - 2013-07-04 07:49 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-09-17 08:05 - 2013-07-02 21:04 - 00000000 ___RD C:\Users\Bianka\Dropbox
2013-09-17 07:59 - 2011-04-16 09:19 - 01098494 _____ C:\Windows\WindowsUpdate.log
2013-09-17 07:48 - 2009-07-14 06:45 - 00020704 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-17 07:48 - 2009-07-14 06:45 - 00020704 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-17 07:40 - 2011-04-16 09:35 - 00000000 ____D C:\ProgramData\NVIDIA
2013-09-17 07:40 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-17 07:40 - 2009-07-14 06:51 - 00068894 _____ C:\Windows\setupact.log
2013-09-16 09:52 - 2013-07-05 10:45 - 00000000 ____D C:\Users\Bianka\Documents\My Kindle Content
2013-09-16 09:52 - 2011-04-16 09:31 - 00700630 _____ C:\Windows\system32\perfh007.dat
2013-09-16 09:52 - 2011-04-16 09:31 - 00149394 _____ C:\Windows\system32\perfc007.dat
2013-09-16 09:52 - 2009-07-14 07:13 - 01622100 _____ C:\Windows\system32\PerfStringBackup.INI
2013-09-16 09:48 - 2013-09-16 09:48 - 638305131 _____ C:\Windows\MEMORY.DMP
2013-09-16 09:48 - 2013-09-16 09:48 - 00262144 _____ C:\Windows\Minidump\091613-19188-01.dmp
2013-09-16 09:48 - 2013-09-16 09:48 - 00000000 ____D C:\Windows\Minidump
2013-09-16 07:59 - 2013-07-19 11:31 - 00000000 ____D C:\Users\Bianka\Desktop\Protokoll aktuell
2013-09-13 07:55 - 2013-07-05 11:39 - 00497152 ____H C:\Users\Bianka\Desktop\~WRL0002.tmp
2013-09-13 07:10 - 2013-07-02 14:41 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-09-13 07:10 - 2013-07-02 14:41 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-09-12 06:44 - 2013-07-02 19:20 - 00000000 ___RD C:\Users\Bianka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-09-12 06:44 - 2013-07-02 19:20 - 00000000 ___RD C:\Users\Bianka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-09-12 04:03 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-09-12 03:25 - 2011-04-16 09:36 - 00065408 _____ C:\Windows\PFRO.log
2013-09-12 03:25 - 2009-07-14 06:45 - 00351120 _____ C:\Windows\system32\FNTCACHE.DAT
2013-09-12 03:07 - 2013-07-16 19:53 - 00000000 ____D C:\Windows\system32\MRT
2013-09-12 03:05 - 2013-07-02 15:16 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-09-12 03:05 - 2013-03-15 07:23 - 79143768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-09-10 15:39 - 2013-09-10 15:39 - 10003360 _____ (TimePunch KG                                                ) C:\Users\Bianka\Downloads\TimePunchONE.exe
2013-09-06 07:43 - 2013-09-06 07:43 - 00867240 _____ (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-09-06 07:43 - 2013-09-06 07:43 - 00789416 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-09-06 07:43 - 2013-09-06 07:43 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-09-06 07:43 - 2013-09-06 07:43 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-09-06 07:43 - 2013-09-06 07:43 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-09-06 07:43 - 2013-09-06 07:43 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-09-06 07:43 - 2013-09-06 07:43 - 00000000 ____D C:\ProgramData\Sun
2013-09-06 07:43 - 2013-09-06 07:43 - 00000000 ____D C:\Program Files (x86)\Java
2013-09-06 07:42 - 2013-09-06 07:40 - 31714728 _____ (Oracle Corporation) C:\Users\Bianka\Downloads\jre-7u25-windows-i586.exe
2013-09-05 18:50 - 2013-09-05 17:32 - 596069350 _____ C:\Users\Bianka\Downloads\onkeltomshuette_crow_1210.zip
2013-08-31 15:28 - 2013-08-26 10:37 - 00000000 ____D C:\Users\Bianka\AppData\Roaming\Bitdefender
2013-08-30 06:58 - 2013-07-17 08:43 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-08-29 11:05 - 2013-08-29 10:58 - 88808360 _____ C:\Users\Bianka\Downloads\bitdefender_pc_2013_v195_32b.exe
2013-08-29 08:05 - 2013-08-29 08:05 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-08-29 06:54 - 2013-07-10 17:43 - 00000000 ____D C:\Users\Bianka\AppData\Roaming\Intermediate
2013-08-28 20:46 - 2013-08-28 20:46 - 02218359 _____ C:\Users\Bianka\AppData\Local\omesuperv.exe
2013-08-27 19:19 - 2009-07-14 04:34 - 00000478 _____ C:\Windows\win.ini
2013-08-27 18:07 - 2013-08-27 18:07 - 00000385 _____ C:\Users\Bianka\AppData\Roaminguser_gensett.xml
2013-08-27 17:17 - 2013-08-27 17:17 - 00000385 _____ C:\Windows\system32\user_gensett.xml
2013-08-27 17:17 - 2013-08-26 11:33 - 00000000 ____D C:\ProgramData\BDLogging
2013-08-27 16:58 - 2013-08-26 10:15 - 00000000 ____D C:\Program Files\Common Files\Bitdefender
2013-08-27 16:58 - 2013-07-29 08:41 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking
2013-08-27 16:58 - 2013-07-02 20:27 - 00000000 ____D C:\Windows\System32\Tasks\TVT
2013-08-27 16:58 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\registration
2013-08-27 16:58 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\AppCompat
2013-08-27 08:37 - 2013-08-27 08:37 - 01089626 _____ C:\ProgramData\1377582449.bdinstall.bin
2013-08-27 08:21 - 2013-08-27 08:21 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_avchv_01009.Wdf
2013-08-27 08:21 - 2013-08-27 07:55 - 00253404 ____H C:\bdr-ld01
2013-08-27 08:21 - 2013-08-27 07:55 - 00009216 ____H C:\bdr-ld01.mbr
2013-08-27 08:21 - 2013-08-26 11:33 - 00000684 ____H C:\bdr-cf01
2013-08-27 07:44 - 2013-07-29 08:41 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2013-08-27 07:43 - 2013-08-27 07:43 - 00000085 _____ C:\Windows\wininit.ini
2013-08-27 07:40 - 2013-08-27 07:37 - 37672592 _____ (Safer-Networking Ltd.                                       ) C:\Users\Bianka\Downloads\spybotsd-2.1.21-SR2.exe
2013-08-27 07:22 - 2013-07-04 07:45 - 00000000 ____D C:\ProgramData\AVAST Software
2013-08-27 07:04 - 2013-07-02 19:19 - 00000000 ____D C:\Users\Bianka
2013-08-27 07:02 - 2013-07-04 07:49 - 00000000 _____ C:\Windows\SysWOW64\config.nt
2013-08-26 12:13 - 2013-08-26 12:13 - 01667400 _____ C:\ProgramData\1377505303.bdinstall.bin
2013-08-26 11:38 - 2013-08-26 10:22 - 00000000 ____D C:\ProgramData\Bitdefender
2013-08-26 10:37 - 2013-08-26 10:22 - 00000000 ____D C:\Program Files\Bitdefender
2013-08-26 10:21 - 2013-08-26 10:21 - 00000000 ____D C:\Users\Bianka\AppData\Roaming\QuickScan
2013-08-23 14:16 - 2013-08-23 12:57 - 00000000 ____D C:\Users\Bianka\Desktop\Urlaubsfotos Türkei
2013-08-23 12:58 - 2013-07-02 21:02 - 00000000 ____D C:\Users\Bianka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2013-08-19 22:35 - 2013-08-19 22:33 - 00000000 ____D C:\Users\Bianka\Desktop\Download
2013-08-19 22:21 - 2013-08-19 22:10 - 362546197 _____ C:\Users\Bianka\Downloads\Download.zip
2013-08-19 22:00 - 2013-08-19 21:55 - 00000000 ____D C:\Users\Bianka\Desktop\ImageTransfer_2013-08-19_20-36
2013-08-19 20:43 - 2013-08-19 20:37 - 398503283 _____ C:\Users\Bianka\Downloads\ImageTransfer_2013-08-19_20-36.zip

Some content of TEMP:
====================
C:\Users\Bianka\AppData\Local\Temp\install_flash_player_ax.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-09-11 12:59

==================== End Of Log ============================

--- --- ---

--- --- ---

--- --- ---

Addition.txt

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-09-2013 03
Ran by Bianka at 2013-09-17 10:17:06
Running from C:\Users\Bianka\Downloads
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

Adobe Bridge 1.0 (x32 Version: 001.000.001)
Adobe Common File Installer (x32 Version: 1.00.001)
Adobe Flash Player 11 ActiveX (x32 Version: 11.8.800.168)
Adobe Flash Player 11 Plugin (x32 Version: 11.8.800.168)
Adobe Help Center 1.0 (x32 Version: 1.0.1)
Adobe Photoshop CS2 (x32 Version: 9.0)
Adobe Reader XI (11.0.03) - Deutsch (x32 Version: 11.0.03)
Adobe Stock Photos 1.0 (x32 Version: 1.0.1)
Amazon Kindle (HKCU)
Bitdefender Total Security (Version: 17.15.0.682)
Boxcryptor Classic 1.6 (x32 Version: 1.5.5.5)
Broadcom InConcert Maestro (Version: 1.0.1.1500)
Conexant 20672 SmartAudio HD (Version: 8.32.23.2)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (x32 Version: 15.4.5722.2)
Corel WinDVD (x32 Version: 10.0.5.808)
Create Recovery Media (x32 Version: 1.20.0.00)
D3DX10 (x32 Version: 15.4.2368.0902)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (x32)
Disable AMT Profile Synchronization Pop-up for Windows XP/Vista/7 (Version: 1.00)
Dropbox (HKCU Version: 2.2.13)
EPSON WF-2540 Series Printer Uninstall
Foxit Reader (x32 Version: 6.0.5.618)
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922)
Google Chrome (x32 Version: 29.0.1547.66)
Google Chrome Frame (x32 Version: 65.119.71)
Google Update Helper (x32 Version: 1.3.21.153)
Integrated Camera Driver Installer Package Ver.1.1.0.1141 (x32 Version: 1.1.0.1141)
Integrated Camera TWAIN (x32 Version: 1.0.11.1223)
Intel PROSet Wireless
Intel(R) Control Center (x32 Version: 1.2.1.1007)
Intel(R) Identity Protection Technology 1.0.71.0 (x32 Version: 1.0.71.0)
Intel(R) Management Engine Components (x32 Version: 7.0.0.1144)
Intel(R) Processor Graphics (x32 Version: 8.15.10.2321)
Intel(R) PROSet/Wireless WiFi Software (Version: 14.00.1000)
Java 7 Update 25 (x32 Version: 7.0.250)
Java Auto Updater (x32 Version: 2.1.9.5)
Junk Mail filter update (x32 Version: 15.4.3502.0922)
Lenovo Auto Scroll Utility (Version: 1.00)
Lenovo Mobile Broadband Activation (x32 Version: 4.0.0013.00)
Lenovo Patch Utility (x32 Version: 1.3.2.4)
Lenovo Patch Utility 64 bit (Version: 1.3.2.4)
Lenovo Power Management Driver (Version: 1.66.00.22)
Lenovo System Interface Driver (Version: 1.05)
Lenovo ThinkVantage Toolbox (Version: 6.0.5717.39)
Lenovo User Guide (x32 Version: 1.0.0008.00)
Lenovo Warranty Information (x32 Version: 1.0.0005.00)
Lenovo Welcome (x32 Version: 2.02.003.0)
Mesh Runtime (x32 Version: 15.4.5722.2)
Message Center Plus (x32 Version: 2.0.0012.00)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Home and Business 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000)
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000)
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Single Image 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.50727.42)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Mindjet MindManager Pro 7 (x32 Version: 7.0.429)
Mobile Broadband Drivers (x32 Version: 6.3.1.3)
Mozilla Firefox 23.0.1 (x86 de) (x32 Version: 23.0.1)
Mozilla Maintenance Service (x32 Version: 23.0.1)
Mozilla Thunderbird 17.0.8 (x86 de) (x32 Version: 17.0.8)
MSVCRT (x32 Version: 15.4.2862.0708)
MSVCRT_amd64 (x32 Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)
NVIDIA 3D Vision Driver 311.00 (Version: 311.00)
NVIDIA Control Panel 311.00 (Version: 311.00)
NVIDIA Graphics Driver 311.00 (Version: 311.00)
NVIDIA HD Audio Driver 1.2.19.0 (Version: 1.2.19.0)
NVIDIA Install Application (Version: 2.1002.108.688)
NVIDIA nView 136.53 (Version: 136.53)
NVIDIA Optimus 1.11.3 (Version: 1.11.3)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.1100)
NVIDIA Update Components (Version: 1.11.3)
On Screen Display (Version: 6.22.00)
PDF-XChange 3 (x32)
Power Manager (x32 Version: 6.55)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922)
RapidBoot (x32 Version: 1.00)
Registry Patch to Enable Maximum Power Saving on WiFi Adapters for Windows 7 (Version: 1.00)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.32.0)
Rescue and Recovery (x32 Version: 4.31.0010.00)
RICOH Media Driver v2.10.18.02 (x32 Version: 2.10.18.02)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32)
Skype™ 5.10 (x32 Version: 5.10.116)
System Update (x32 Version: 4.00.0042)
ThinkPad Bluetooth with Enhanced Data Rate Software (Version: 6.4.0.1500)
ThinkPad FullScreen Magnifier (Version: 2.22)
ThinkPad Modem Adapter (Version: 7.80.5.0)
ThinkPad UltraNav Driver (Version: 15.2.14.0)
ThinkPad UltraNav Utility (x32 Version: 2.13.0)
ThinkVantage Access Connections (x32 Version: 5.82)
ThinkVantage Active Protection System (Version: 1.73)
ThinkVantage AutoLock (Version: 1.00)
ThinkVantage Communications Utility (Version: 2.04)
ThinkVantage Fingerprint Software (Version: 5.9.4.6882)
ThinkVantage GPS (x32 Version: 2.71)
TweetDeck (x32 Version: 3.0.5)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (x32 Version: 1)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (x32)
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553157) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2589370) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2760758) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (x32)
Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition (x32)
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (x32)
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (x32)
Windows Driver Package - Intel (e1cexpress) Net  (12/21/2010 11.8.84.0) (Version: 12/21/2010 11.8.84.0)
Windows Driver Package - Intel (MEIx64) System  (10/19/2010 7.0.0.1144) (Version: 10/19/2010 7.0.0.1144)
Windows Driver Package - Intel System  (09/10/2010 9.2.0.1011) (Version: 09/10/2010 9.2.0.1011)
Windows Driver Package - Intel System  (10/04/2010 9.2.0.1015) (Version: 10/04/2010 9.2.0.1015)
Windows Driver Package - Intel USB  (09/16/2010 9.2.0.1013) (Version: 09/16/2010 9.2.0.1013)
Windows Driver Package - Lenovo 1.61.00.11 (11/11/2010 1.61.00.11) (Version: 11/11/2010 1.61.00.11)
Windows Driver Package - Synaptics (SynTP) Mouse  (02/17/2011 15.2.14.0) (Version: 02/17/2011 15.2.14.0)
Windows Live (x32 Version: 15.4.3502.0922)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3508.1109)
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (x32 Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3508.1109)
Windows Live Mail (x32 Version: 15.4.3502.0922)
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (x32 Version: 15.4.5722.2)
Windows Live Mesh (x32 Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (x32 Version: 15.4.5722.2)
Windows Live Mesh ActiveX control for remote connections (x32 Version: 15.4.5722.2)
Windows Live Messenger (x32 Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (x32 Version: 15.4.3502.0922)
Windows Live Photo Common (x32 Version: 15.4.3502.0922)
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922)
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (x32 Version: 15.4.3502.0922)
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922)
Windows Live UX Platform (x32 Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109)
Windows Live Writer (x32 Version: 15.4.3502.0922)
Windows Live Writer Resources (x32 Version: 15.4.3502.0922)

==================== Restore Points  =========================

05-09-2013 09:01:23 Geplanter Prüfpunkt
06-09-2013 05:43:08 Installed Java 7 Update 25
12-09-2013 01:00:17 Windows Update

==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {044A6734-E90E-4F8F-B357-B2DC8AB3B5EC} - System32\Tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime => Sc.exe start w32time task_started
Task: {0EC81979-E5F5-4534-A525-BD74C9052AF5} - System32\Tasks\TVT\LaunchRnR => C:\Program Files (x86)\Lenovo\Rescue and Recovery\rrcmd.exe [2010-12-11] (Lenovo Limited Group Corporation)
Task: {1D46ECDA-4D1F-4A9E-ABCB-0E4C1DB26D23} - System32\Tasks\Microsoft\Windows\MUI\Lpksetup => C:\Windows\System32\lpksetup.exe [2010-11-20] (Microsoft Corporation)
Task: {255FDC70-F297-4E67-AB0E-562B2D75519C} - System32\Tasks\MCP => C:\Program Files (x86)\LENOVO\Message Center Plus\MCPLaunch.exe [2009-05-28] ()
Task: {47E8C257-BC97-41D7-935E-C584358276B5} - System32\Tasks\SystemToolsDailyTest => C:\Program Files\PC-Doctor\pcdrcui.exe [2010-12-10] (PC-Doctor, Inc.)
Task: {6077B278-6D08-4771-9A40-0500326F3CBD} - System32\Tasks\DiskUpdate => C:\SWTOOLS\OSFIXES\DISKUPDT\DiskUpdate.exe [2009-02-10] ()
Task: {73AF7DD2-1EB9-426D-A458-BC8C83AA9EAB} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {7CFEA627-15DD-4229-9D32-ACC51E91A7BA} - System32\Tasks\TVT\ChangePWD => %RR%\rrcmd.exe
Task: {803F2F4F-96C1-4538-98F4-9E9AD6BE9928} - System32\Tasks\TVT\UpdateRnR => %TVTCOMMON%\Scheduler\tvtsetsched.exe
Task: {AF9FAA19-1E2C-4AAA-A502-905E65194479} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-07-04] (Google Inc.)
Task: {B49AC6AD-2FEE-4B8D-8B7B-71FC8995FAA0} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task
Task: {BB498101-E9AD-4670-AA97-53D7307B5C7C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-07-04] (Google Inc.)
Task: {CAC2D343-46CA-41B7-A4DE-D596DFDA6BEE} - System32\Tasks\PCDEventLauncher => C:\Program Files\PC-Doctor\sessionchecker.exe [2010-12-10] ()
Task: {F802ACC2-3676-4D5F-9574-EE6557A78A5C} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\PC-Doctor\uaclauncher.exe [2010-12-10] (PC-Doctor, Inc.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job => C:\Program Files\PC-Doctor\uaclauncher.exe
Task: C:\Windows\Tasks\SystemToolsDailyTest.job => C:\Program Files\PC-Doctor\pcdrcui.exe

==================== Loaded Modules (whitelisted) =============

2011-04-16 09:34 - 2013-02-28 11:47 - 00245872 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2011-04-16 09:34 - 2013-02-28 11:47 - 01107440 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2013-02-28 11:47 - 2013-02-28 11:47 - 15052728 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2011-04-16 09:34 - 2013-02-28 11:47 - 02824504 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2013-06-22 01:34 - 2013-06-22 01:34 - 00164016 _____ (Dropbox, Inc.) C:\Users\Bianka\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
2013-07-02 14:50 - 2013-06-05 17:09 - 00182632 _____ (EldoS Corporation) C:\Windows\system32\cbfsMntNtf4.dll
2013-07-18 07:35 - 2013-06-26 06:55 - 00104960 _____ () C:\Program Files (x86)\ThinkPad\Utilities\GR\PWMRT64V.DLL
2010-12-16 02:12 - 2010-12-16 02:12 - 00021864 _____ (Lenovo.) C:\Windows\system32\Sensor64.dll
2010-12-19 00:50 - 2010-12-19 00:50 - 00173856 _____ () C:\Program Files\ThinkPad\Bluetooth Software\btkeyind.dll
2011-04-16 09:34 - 2011-03-06 13:20 - 00286720 _____ (Intel Corporation) C:\Windows\system32\igfxrDEU.lrc
2013-06-14 15:19 - 2013-06-14 15:19 - 00257024 _____ (BoxCryptor) C:\Program Files (x86)\Boxcryptor Classic\ShellExt\x64\BoxcryptorClassic.Ext.dll
2013-08-27 08:20 - 2013-06-19 12:45 - 00265080 _____ () C:\Program Files\Bitdefender\Bitdefender\txmlutil.dll
2011-02-03 07:38 - 2013-01-10 23:36 - 00055584 _____ (NVIDIA Corporation) C:\Windows\system32\Nv3DAppShExtR.dll
2011-04-16 09:25 - 2011-02-17 12:22 - 00410408 _____ (Synaptics Incorporated) C:\Windows\system32\SynCOM.dll
2011-04-16 09:25 - 2011-02-17 12:22 - 00225576 _____ (Synaptics Incorporated) C:\Windows\system32\SynTPAPI.dll
2011-04-16 09:25 - 2011-02-17 12:22 - 00057640 _____ () C:\Program Files\Synaptics\SynTP\SynTPEnhPS.dll
2010-12-16 02:12 - 2010-12-16 02:12 - 00021864 _____ (Lenovo.) C:\Windows\System32\Sensor64.dll
2011-04-16 09:34 - 2011-03-06 13:07 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2013-08-27 08:20 - 2013-04-18 16:54 - 03359248 _____ (Terra Informatica Software, Inc., British Columbia, Canada.) C:\Program Files\Bitdefender\Bitdefender\htmlayout.dll
2011-04-16 09:34 - 2013-02-28 11:47 - 00201576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2011-04-16 09:39 - 2010-04-06 18:05 - 02085888 _____ () C:\Program Files\Lenovo\AutoLock\cv210.dll
2011-04-16 09:39 - 2010-04-06 18:04 - 02201088 _____ () C:\Program Files\Lenovo\AutoLock\cxcore210.dll
2013-06-12 15:11 - 2013-06-12 15:11 - 00208896 _____ (EldoS Corporation) C:\Program Files (x86)\Boxcryptor Classic\CBFS4Net.dll
2013-08-27 08:20 - 2013-04-18 16:49 - 02349288 _____ (Terra Informatica Software, Inc., British Columbia, Canada.) C:\Program Files\Bitdefender\Bitdefender\antispam32\htmlayout.dll
2013-08-27 08:20 - 2013-06-19 12:44 - 00204280 _____ () C:\Program Files\Bitdefender\Bitdefender\antispam32\txmlutil.dll
2010-11-17 02:52 - 2010-11-17 02:52 - 00096904 _____ (Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.dll
2007-05-18 00:05 - 2007-05-18 00:05 - 00226832 ____R (Mindjet) C:\Program Files (x86)\Mindjet\MindManager 7\MmServiceUtilities.dll
2007-05-18 00:05 - 2007-05-18 00:05 - 01541648 ____R (Mindjet) C:\Program Files (x86)\Mindjet\MindManager 7\MmUtilities.dll
2007-05-18 00:05 - 2007-05-18 00:05 - 00226832 ____R (Catenary Systems) C:\Program Files (x86)\Mindjet\MindManager 7\VIC32.DLL
2007-05-18 00:05 - 2007-05-18 00:05 - 00116240 ____R () C:\Program Files (x86)\Mindjet\MindManager 7\zlib.dll
2007-05-18 00:05 - 2007-05-18 00:05 - 03941904 ____R (BCGSoft Ltd) C:\Program Files (x86)\Mindjet\MindManager 7\BCGCBPRO951u.dll
2011-04-16 09:47 - 2006-09-22 01:11 - 00024576 ____N (BVRP Software) C:\Program Files (x86)\Digital Line Detect\BVRPDIAG.dll
2012-11-14 01:32 - 2012-11-14 01:32 - 03558400 _____ (wxWidgets development team) C:\Users\Bianka\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll
2013-03-13 22:48 - 2013-03-13 22:48 - 24978944 _____ () C:\Users\Bianka\AppData\Roaming\Dropbox\bin\libcef.dll
2013-03-13 22:48 - 2013-03-13 22:48 - 09956864 _____ (The ICU Project) C:\Users\Bianka\AppData\Roaming\Dropbox\bin\icudt.dll
2013-08-29 08:05 - 2013-08-29 08:05 - 03551640 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2013-06-22 01:34 - 2013-06-22 01:34 - 00130736 _____ (Dropbox, Inc.) C:\Users\Bianka\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
2013-07-02 14:50 - 2013-06-05 17:08 - 00156520 _____ (EldoS Corporation) C:\Windows\SysWOW64\cbfsMntNtf4.dll
2013-08-07 09:29 - 2013-08-07 09:29 - 02244504 _____ () C:\Program Files (x86)\Mozilla Thunderbird\mozjs.dll
2013-08-07 09:29 - 2013-08-07 09:29 - 00158104 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll
2013-08-07 09:29 - 2013-08-07 09:29 - 00022424 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll
2013-08-07 09:29 - 2013-08-07 09:29 - 00579480 _____ (sqlite.org) C:\Program Files (x86)\Mozilla Thunderbird\mozsqlite3.dll
2013-09-13 07:10 - 2013-09-13 07:10 - 16177544 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll

==================== Alternate Data Streams (whitelisted) ==========

AlternateDataStreams: C:\Users\Bianka\Downloads\bitdefender_pc_2013_v195_32b.exe:BDU
AlternateDataStreams: C:\Users\Bianka\Downloads\FRST64.exe:BDU
AlternateDataStreams: C:\Users\Bianka\Downloads\jre-7u25-windows-i586.exe:BDU
AlternateDataStreams: C:\Users\Bianka\Downloads\TimePunchONE.exe:BDU


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (09/17/2013 08:06:35 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: WINWORD.EXE, Version: 14.0.7106.5001, Zeitstempel: 0x520b3934
Name des fehlerhaften Moduls: ole32.dll, Version: 6.1.7601.17514, Zeitstempel: 0x4ce7b96f
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0003bc21
ID des fehlerhaften Prozesses: 0x1c4c
Startzeit der fehlerhaften Anwendung: 0xWINWORD.EXE0
Pfad der fehlerhaften Anwendung: WINWORD.EXE1
Pfad des fehlerhaften Moduls: WINWORD.EXE2
Berichtskennung: WINWORD.EXE3

Error: (09/16/2013 00:44:41 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3.
Ungültige XML-Syntax.

Error: (09/13/2013 10:00:07 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3.
Ungültige XML-Syntax.

Error: (09/12/2013 00:31:52 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3.
Ungültige XML-Syntax.

Error: (09/11/2013 01:26:29 PM) (Source: Microsoft-Windows-Defrag) (User: )
Description: Volume "andyamo" wurde aufgrund eines Fehlers nicht defragmentiert: Unzulässige Funktion. (0x80070001)

Error: (09/11/2013 00:59:59 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3.
Ungültige XML-Syntax.

Error: (09/10/2013 07:20:22 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3.
Ungültige XML-Syntax.

Error: (09/09/2013 00:56:35 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3.
Ungültige XML-Syntax.

Error: (09/06/2013 08:54:01 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3.
Ungültige XML-Syntax.

Error: (09/05/2013 10:56:00 AM) (Source: Microsoft-Windows-Defrag) (User: )
Description: Volume "andyamo" wurde aufgrund eines Fehlers nicht defragmentiert: Unzulässige Funktion. (0x80070001)


System errors:
=============
Error: (09/17/2013 07:43:04 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1069

Error: (09/17/2013 07:43:04 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: 
%%1330

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (09/16/2013 09:54:54 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows Update" wurde nicht richtig gestartet.

Error: (09/16/2013 09:51:43 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1069

Error: (09/16/2013 09:51:43 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: 
%%1330

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (09/16/2013 09:50:04 AM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (09/16/2013 09:48:42 AM) (Source: BugCheck) (User: )
Description: 0x0000004a (0x00000000773c132a, 0x0000000000000002, 0x0000000000000000, 0xfffff880064c9b60)C:\Windows\MEMORY.DMP091613-19188-01

Error: (09/16/2013 09:48:42 AM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am ‎16.‎09.‎2013 um 09:46:50 unerwartet heruntergefahren.

Error: (09/16/2013 07:56:05 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1069

Error: (09/16/2013 07:56:05 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: 
%%1330

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).


Microsoft Office Sessions:
=========================
Error: (09/17/2013 08:06:35 AM) (Source: Application Error)(User: )
Description: WINWORD.EXE14.0.7106.5001520b3934ole32.dll6.1.7601.175144ce7b96fc00000050003bc211c4c01ceb36c074f5232C:\PROGRA~2\MICROS~4\Office14\WINWORD.EXEC:\Windows\syswow64\ole32.dll4dfc111b-1f5f-11e3-a949-3c970e657054

Error: (09/16/2013 00:44:41 PM) (Source: SideBySide)(User: )
Description: C:\Program Files (x86)\Lenovo\Access Connections\AcCryptHlpr.dllC:\Program Files (x86)\Lenovo\Access Connections\AcCryptHlpr.dll0

Error: (09/13/2013 10:00:07 AM) (Source: SideBySide)(User: )
Description: C:\Program Files (x86)\Lenovo\Access Connections\AcCryptHlpr.dllC:\Program Files (x86)\Lenovo\Access Connections\AcCryptHlpr.dll0

Error: (09/12/2013 00:31:52 AM) (Source: SideBySide)(User: )
Description: C:\Program Files (x86)\Lenovo\Access Connections\AcCryptHlpr.dllC:\Program Files (x86)\Lenovo\Access Connections\AcCryptHlpr.dll0

Error: (09/11/2013 01:26:29 PM) (Source: Microsoft-Windows-Defrag)(User: )
Description: andyamoUnzulässige Funktion. (0x80070001)

Error: (09/11/2013 00:59:59 PM) (Source: SideBySide)(User: )
Description: C:\Program Files (x86)\Lenovo\Access Connections\AcCryptHlpr.dllC:\Program Files (x86)\Lenovo\Access Connections\AcCryptHlpr.dll0

Error: (09/10/2013 07:20:22 AM) (Source: SideBySide)(User: )
Description: C:\Program Files (x86)\Lenovo\Access Connections\AcCryptHlpr.dllC:\Program Files (x86)\Lenovo\Access Connections\AcCryptHlpr.dll0

Error: (09/09/2013 00:56:35 PM) (Source: SideBySide)(User: )
Description: C:\Program Files (x86)\Lenovo\Access Connections\AcCryptHlpr.dllC:\Program Files (x86)\Lenovo\Access Connections\AcCryptHlpr.dll0

Error: (09/06/2013 08:54:01 AM) (Source: SideBySide)(User: )
Description: C:\Program Files (x86)\Lenovo\Access Connections\AcCryptHlpr.dllC:\Program Files (x86)\Lenovo\Access Connections\AcCryptHlpr.dll0

Error: (09/05/2013 10:56:00 AM) (Source: Microsoft-Windows-Defrag)(User: )
Description: andyamoUnzulässige Funktion. (0x80070001)


==================== Memory info =========================== 

Percentage of memory in use: 36%
Total physical RAM: 8075.23 MB
Available physical RAM: 5110.14 MB
Total Pagefile: 16148.65 MB
Available Pagefile: 12814.24 MB
Total Virtual: 8192 MB
Available Virtual: 8191.76 MB

==================== Drives ================================

Drive c: (Windows7_OS) (Fixed) (Total:281.29 GB) (Free:125.09 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive f: (USB DISK) (Removable) (Total:3.73 GB) (Free:2.18 GB) FAT32
Drive q: (Lenovo_Recovery) (Fixed) (Total:15.63 GB) (Free:2.86 GB) NTFS
Drive s: (SYSTEM_DRV) (Fixed) (Total:1.17 GB) (Free:0.46 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive v: (andyamo) (Fixed) (Total:281.29 GB) (Free:125.09 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 298 GB) (Disk ID: A62F220E)
Partition 1: (Active) - (Size=1 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=281 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=16 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 4 GB) (Disk ID: C3072E18)
Partition 1: (Active) - (Size=4 GB) - (Type=0B)

==================== End Of Log ============================

schrauber · 17.09.2013, 15:22

Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel

Link 1

WICHTIG - Speichere Combofix auf deinem Desktop

Deaktiviere bitte all deine Anti Viren sowie Anti Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören.

Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort.

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten

Zitat:

Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.

starte den Rechner einfach neu. Dies sollte das Problem beheben.

bianka.b · 17.09.2013, 19:16

Leider ließ sich BitDefender nicht ausschalten oder stoppen, ich hoffe, das Ergebnis ist trotzdem ausreichend aussagekräftig?

Code:

ATTFilter

ComboFix 13-09-17.01 - Bianka 17.09.2013  16:39:00.1.4 - x64
Microsoft Windows 7 Professional   6.1.7601.1.1252.49.1031.18.8075.5048 [GMT 2:00]
ausgeführt von:: c:\users\Bianka\Desktop\ComboFix.exe
AV: Bitdefender Antivirus *Enabled/Updated* {9B5F5313-CAF9-DD97-C460-E778420237B4}
FW: Bitdefender Firewall *Enabled* {A364D236-8096-DCCF-EF3F-4E4DBCD170CF}
SP: Bitdefender Spyware-Schutz *Enabled/Updated* {203EB2F7-ECC3-D219-FED0-DC0A39857D09}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Neuer Wiederherstellungspunkt wurde erstellt
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\1377505303.bdinstall.bin
c:\programdata\1377582449.bdinstall.bin
c:\programdata\Roaming
C:\root
c:\root\wpfdot.exe
c:\users\Bianka\AppData\Local\omesuperv.exe
c:\users\Bianka\AppData\Roaming\e470246183.prf
c:\windows\wininit.ini
Q:\AUTORUN.INF
.
.
(((((((((((((((((((((((   Dateien erstellt von 2013-08-17 bis 2013-09-17  ))))))))))))))))))))))))))))))
.
.
2013-09-17 14:49 . 2013-09-17 14:49	--------	d-----w-	c:\users\UpdatusUser\AppData\Local\temp
2013-09-17 14:49 . 2013-09-17 14:49	--------	d-----w-	c:\users\Default\AppData\Local\temp
2013-09-17 08:16 . 2013-09-17 08:16	--------	d-----w-	C:\FRST
2013-09-17 06:36 . 2013-09-17 06:37	--------	d---a-w-	C:\Navilog1
2013-09-17 06:36 . 2013-09-17 06:36	--------	d-----w-	c:\program files (x86)\Navilog1
2013-09-11 19:52 . 2013-08-05 02:25	155584	----a-w-	c:\windows\system32\drivers\ataport.sys
2013-09-11 19:36 . 2013-07-26 02:24	14172672	----a-w-	c:\windows\system32\shell32.dll
2013-09-11 19:36 . 2013-07-26 02:24	197120	----a-w-	c:\windows\system32\shdocvw.dll
2013-09-11 18:46 . 2013-08-08 01:20	3155456	----a-w-	c:\windows\system32\win32k.sys
2013-09-06 05:43 . 2013-09-06 05:43	--------	d-----w-	c:\program files (x86)\Common Files\Java
2013-09-06 05:43 . 2013-09-06 05:43	789416	----a-w-	c:\windows\SysWow64\deployJava1.dll
2013-09-06 05:43 . 2013-09-06 05:43	867240	----a-w-	c:\windows\SysWow64\npDeployJava1.dll
2013-09-06 05:43 . 2013-09-06 05:43	96168	----a-w-	c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-09-06 05:43 . 2013-09-06 05:43	--------	d-----w-	c:\program files (x86)\Java
2013-08-27 06:21 . 2012-04-17 12:34	76944	----a-w-	c:\windows\system32\drivers\bdvedisk.sys
2013-08-27 06:20 . 2013-07-23 14:50	82824	----a-w-	c:\windows\system32\drivers\bdsandbox.sys
2013-08-27 06:20 . 2013-02-22 17:46	93600	----a-w-	c:\windows\system32\drivers\BdfNdisf6.sys
2013-08-27 06:20 . 2007-04-11 09:11	511328	----a-w-	c:\windows\capicom.dll
2013-08-27 06:20 . 2013-07-19 16:08	601360	----a-w-	c:\windows\system32\drivers\avckf.sys
2013-08-27 06:20 . 2013-07-19 16:04	727592	----a-w-	c:\windows\system32\drivers\avc3.sys
2013-08-27 06:20 . 2012-11-02 12:17	261056	----a-w-	c:\windows\system32\drivers\avchv.sys
2013-08-27 05:47 . 2012-10-04 12:30	147232	----a-w-	c:\windows\system32\drivers\gzflt.sys
2013-08-27 05:47 . 2013-05-28 10:12	382536	----a-w-	c:\windows\system32\drivers\trufos.sys
2013-08-26 09:33 . 2013-08-27 15:17	--------	d-----w-	c:\programdata\BDLogging
2013-08-26 08:37 . 2013-08-31 13:28	--------	d-----w-	c:\users\Bianka\AppData\Roaming\Bitdefender
2013-08-26 08:22 . 2013-08-26 09:38	--------	d-----w-	c:\programdata\Bitdefender
2013-08-26 08:22 . 2013-08-26 08:37	--------	d-----w-	c:\program files\Bitdefender
2013-08-26 08:21 . 2013-08-26 08:21	--------	d-----w-	c:\users\Bianka\AppData\Roaming\QuickScan
2013-08-26 08:17 . 2013-08-26 08:17	--------	d-s---w-	c:\windows\SysWow64\Microsoft
2013-08-26 08:15 . 2013-08-27 14:58	--------	d-----w-	c:\program files\Common Files\Bitdefender
2013-08-26 08:15 . 2013-08-26 08:15	--------	d-----w-	c:\program files (x86)\Common Files\Bitdefender
2013-08-23 11:02 . 2013-08-06 08:58	9515512	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{2237E05D-1595-4C1C-871B-E5683C04183A}\mpengine.dll
2013-08-19 16:37 . 2013-07-09 05:51	1217024	----a-w-	c:\windows\system32\rpcrt4.dll
2013-08-19 16:37 . 2013-07-09 04:52	663552	----a-w-	c:\windows\SysWow64\rpcrt4.dll
2013-08-19 16:37 . 2013-07-09 05:52	224256	----a-w-	c:\windows\system32\wintrust.dll
2013-08-19 16:37 . 2013-07-09 05:46	1472512	----a-w-	c:\windows\system32\crypt32.dll
2013-08-19 16:37 . 2013-07-09 04:52	175104	----a-w-	c:\windows\SysWow64\wintrust.dll
2013-08-19 16:37 . 2013-07-09 04:46	1166848	----a-w-	c:\windows\SysWow64\crypt32.dll
2013-08-19 16:37 . 2013-07-09 05:46	184320	----a-w-	c:\windows\system32\cryptsvc.dll
2013-08-19 16:37 . 2013-07-09 05:46	139776	----a-w-	c:\windows\system32\cryptnet.dll
2013-08-19 16:37 . 2013-07-09 04:46	140288	----a-w-	c:\windows\SysWow64\cryptsvc.dll
2013-08-19 16:37 . 2013-07-09 04:46	103936	----a-w-	c:\windows\SysWow64\cryptnet.dll
2013-08-19 16:36 . 2013-07-25 09:25	1888768	----a-w-	c:\windows\system32\WMVDECOD.DLL
2013-08-19 16:36 . 2013-07-25 08:57	1620992	----a-w-	c:\windows\SysWow64\WMVDECOD.DLL
2013-08-19 16:36 . 2013-07-19 01:58	2048	----a-w-	c:\windows\system32\tzres.dll
2013-08-19 16:36 . 2013-07-19 01:41	2048	----a-w-	c:\windows\SysWow64\tzres.dll
2013-08-19 16:36 . 2013-06-15 04:32	39936	----a-w-	c:\windows\system32\drivers\tssecsrv.sys
2013-08-19 16:36 . 2013-07-06 06:03	1910208	----a-w-	c:\windows\system32\drivers\tcpip.sys
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-09-13 05:10 . 2013-07-02 12:41	71048	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-09-13 05:10 . 2013-07-02 12:41	692616	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2013-09-12 01:05 . 2013-03-15 05:23	79143768	----a-w-	c:\windows\system32\MRT.exe
2013-08-02 01:48 . 2013-09-11 19:48	44032	----a-w-	c:\windows\apppatch\acwow64.dll
2013-07-18 05:36 . 2013-07-18 05:36	59816	----a-r-	c:\users\Bianka\AppData\Roaming\Microsoft\Installer\{47C4D20F-1A75-44F4-BF51-479C3119BEEF}\ARPPRODUCTICON.exe
2013-07-18 05:36 . 2013-07-18 05:36	59816	----a-r-	c:\users\Bianka\AppData\Roaming\Microsoft\Installer\{1D2FF661-4402-4D75-AA40-B23FCAF81D32}\ARPPRODUCTICON.exe
2013-07-13 06:23 . 2013-07-13 06:23	87704	----a-w-	c:\windows\cadkasdeinst01.exe
2013-07-13 06:18 . 2013-07-13 06:18	82072	----a-w-	c:\windows\cadkasdeinst01e.exe
2013-07-04 05:39 . 2013-07-04 05:39	818168	----a-r-	c:\users\Bianka\AppData\Roaming\Microsoft\Installer\{6CCFA6CF-8C44-481E-BC34-B1038F570842}\TweetDeck.exe
2013-07-02 18:35 . 2013-07-02 18:35	97280	----a-w-	c:\windows\system32\mshtmled.dll
2013-07-02 18:35 . 2013-07-02 18:35	905728	----a-w-	c:\windows\system32\mshtmlmedia.dll
2013-07-02 18:35 . 2013-07-02 18:35	81408	----a-w-	c:\windows\system32\icardie.dll
2013-07-02 18:35 . 2013-07-02 18:35	762368	----a-w-	c:\windows\system32\ieapfltr.dll
2013-07-02 18:35 . 2013-07-02 18:35	73728	----a-w-	c:\windows\SysWow64\SetIEInstalledDate.exe
2013-07-02 18:35 . 2013-07-02 18:35	719360	----a-w-	c:\windows\SysWow64\mshtmlmedia.dll
2013-07-02 18:35 . 2013-07-02 18:35	61952	----a-w-	c:\windows\SysWow64\tdc.ocx
2013-07-02 18:35 . 2013-07-02 18:35	523264	----a-w-	c:\windows\SysWow64\vbscript.dll
2013-07-02 18:35 . 2013-07-02 18:35	48640	----a-w-	c:\windows\SysWow64\mshtmler.dll
2013-07-02 18:35 . 2013-07-02 18:35	452096	----a-w-	c:\windows\system32\dxtmsft.dll
2013-07-02 18:35 . 2013-07-02 18:35	441856	----a-w-	c:\windows\system32\html.iec
2013-07-02 18:35 . 2013-07-02 18:35	38400	----a-w-	c:\windows\SysWow64\imgutil.dll
2013-07-02 18:35 . 2013-07-02 18:35	361984	----a-w-	c:\windows\SysWow64\html.iec
2013-07-02 18:35 . 2013-07-02 18:35	281600	----a-w-	c:\windows\system32\dxtrans.dll
2013-07-02 18:35 . 2013-07-02 18:35	27648	----a-w-	c:\windows\system32\licmgr10.dll
2013-07-02 18:35 . 2013-07-02 18:35	270848	----a-w-	c:\windows\system32\iedkcs32.dll
2013-07-02 18:35 . 2013-07-02 18:35	247296	----a-w-	c:\windows\system32\webcheck.dll
2013-07-02 18:35 . 2013-07-02 18:35	235008	----a-w-	c:\windows\system32\url.dll
2013-07-02 18:35 . 2013-07-02 18:35	23040	----a-w-	c:\windows\SysWow64\licmgr10.dll
2013-07-02 18:35 . 2013-07-02 18:35	226304	----a-w-	c:\windows\system32\elshyph.dll
2013-07-02 18:35 . 2013-07-02 18:35	216064	----a-w-	c:\windows\system32\msls31.dll
2013-07-02 18:35 . 2013-07-02 18:35	197120	----a-w-	c:\windows\system32\msrating.dll
2013-07-02 18:35 . 2013-07-02 18:35	185344	----a-w-	c:\windows\SysWow64\elshyph.dll
2013-07-02 18:35 . 2013-07-02 18:35	167424	----a-w-	c:\windows\system32\iexpress.exe
2013-07-02 18:35 . 2013-07-02 18:35	158720	----a-w-	c:\windows\SysWow64\msls31.dll
2013-07-02 18:35 . 2013-07-02 18:35	1509376	----a-w-	c:\windows\system32\inetcpl.cpl
2013-07-02 18:35 . 2013-07-02 18:35	150528	----a-w-	c:\windows\SysWow64\iexpress.exe
2013-07-02 18:35 . 2013-07-02 18:35	144896	----a-w-	c:\windows\system32\wextract.exe
2013-07-02 18:35 . 2013-07-02 18:35	1441280	----a-w-	c:\windows\SysWow64\inetcpl.cpl
2013-07-02 18:35 . 2013-07-02 18:35	1400416	----a-w-	c:\windows\system32\ieapfltr.dat
2013-07-02 18:35 . 2013-07-02 18:35	138752	----a-w-	c:\windows\SysWow64\wextract.exe
2013-07-02 18:35 . 2013-07-02 18:35	137216	----a-w-	c:\windows\SysWow64\ieUnatt.exe
2013-07-02 18:35 . 2013-07-02 18:35	12800	----a-w-	c:\windows\SysWow64\mshta.exe
2013-07-02 18:35 . 2013-07-02 18:35	110592	----a-w-	c:\windows\SysWow64\IEAdvpack.dll
2013-07-02 18:35 . 2013-07-02 18:35	1054720	----a-w-	c:\windows\system32\MsSpellCheckingFacility.exe
2013-07-02 18:35 . 2013-07-02 18:35	102912	----a-w-	c:\windows\system32\inseng.dll
2013-07-02 18:35 . 2013-07-02 18:35	92160	----a-w-	c:\windows\system32\SetIEInstalledDate.exe
2013-07-02 18:35 . 2013-07-02 18:35	77312	----a-w-	c:\windows\system32\tdc.ocx
2013-07-02 18:35 . 2013-07-02 18:35	62976	----a-w-	c:\windows\system32\pngfilt.dll
2013-07-02 18:35 . 2013-07-02 18:35	599552	----a-w-	c:\windows\system32\vbscript.dll
2013-07-02 18:35 . 2013-07-02 18:35	52224	----a-w-	c:\windows\system32\msfeedsbs.dll
2013-07-02 18:35 . 2013-07-02 18:35	51200	----a-w-	c:\windows\system32\imgutil.dll
2013-07-02 18:35 . 2013-07-02 18:35	48640	----a-w-	c:\windows\system32\mshtmler.dll
2013-07-02 18:35 . 2013-07-02 18:35	173568	----a-w-	c:\windows\system32\ieUnatt.exe
2013-07-02 18:35 . 2013-07-02 18:35	149504	----a-w-	c:\windows\system32\occache.dll
2013-07-02 18:35 . 2013-07-02 18:35	13824	----a-w-	c:\windows\system32\mshta.exe
2013-07-02 18:35 . 2013-07-02 18:35	136192	----a-w-	c:\windows\system32\iepeers.dll
2013-07-02 18:35 . 2013-07-02 18:35	135680	----a-w-	c:\windows\system32\IEAdvpack.dll
2013-07-02 18:35 . 2013-07-02 18:35	12800	----a-w-	c:\windows\system32\msfeedssync.exe
2013-07-02 18:32 . 2013-07-02 18:32	9728	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-07-02 18:32 . 2013-07-02 18:32	9728	---ha-w-	c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-07-02 18:32 . 2013-07-02 18:32	648192	----a-w-	c:\windows\system32\d3d10level9.dll
2013-07-02 18:32 . 2013-07-02 18:32	604160	----a-w-	c:\windows\SysWow64\d3d10level9.dll
2013-07-02 18:32 . 2013-07-02 18:32	5632	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-07-02 18:32 . 2013-07-02 18:32	5632	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-07-02 18:32 . 2013-07-02 18:32	5632	---ha-w-	c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-07-02 18:32 . 2013-07-02 18:32	5632	---ha-w-	c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-07-02 18:32 . 2013-07-02 18:32	522752	----a-w-	c:\windows\system32\XpsGdiConverter.dll
2013-07-02 18:32 . 2013-07-02 18:32	465920	----a-w-	c:\windows\system32\WMPhoto.dll
2013-07-02 18:32 . 2013-07-02 18:32	417792	----a-w-	c:\windows\SysWow64\WMPhoto.dll
2013-07-02 18:32 . 2013-07-02 18:32	4096	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-07-02 18:32 . 2013-07-02 18:32	4096	---ha-w-	c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-07-02 18:32 . 2013-07-02 18:32	3928064	----a-w-	c:\windows\system32\d2d1.dll
2013-07-02 18:32 . 2013-07-02 18:32	364544	----a-w-	c:\windows\SysWow64\XpsGdiConverter.dll
2013-07-02 18:32 . 2013-07-02 18:32	363008	----a-w-	c:\windows\system32\dxgi.dll
2013-07-02 18:32 . 2013-07-02 18:32	3584	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-07-02 18:32 . 2013-07-02 18:32	3584	---ha-w-	c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-07-02 18:32 . 2013-07-02 18:32	3419136	----a-w-	c:\windows\SysWow64\d2d1.dll
2013-07-02 18:32 . 2013-07-02 18:32	333312	----a-w-	c:\windows\system32\d3d10_1core.dll
2013-07-02 18:32 . 2013-07-02 18:32	3072	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
2013-07-02 18:32 . 2013-07-02 18:32	3072	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-07-02 18:32 . 2013-07-02 18:32	3072	---ha-w-	c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-07-02 18:32 . 2013-07-02 18:32	3072	---ha-w-	c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-07-02 18:32 . 2013-07-02 18:32	296960	----a-w-	c:\windows\system32\d3d10core.dll
2013-07-02 18:32 . 2013-07-02 18:32	293376	----a-w-	c:\windows\SysWow64\dxgi.dll
2013-07-02 18:32 . 2013-07-02 18:32	2776576	----a-w-	c:\windows\system32\msmpeg2vdec.dll
2013-07-02 18:32 . 2013-07-02 18:32	2565120	----a-w-	c:\windows\system32\d3d10warp.dll
2013-07-02 18:32 . 2013-07-02 18:32	2560	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-07-02 18:32 . 2013-07-02 18:32	2560	---ha-w-	c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-07-02 18:32 . 2013-07-02 18:32	249856	----a-w-	c:\windows\SysWow64\d3d10_1core.dll
2013-07-02 18:32 . 2013-07-02 18:32	245248	----a-w-	c:\windows\system32\WindowsCodecsExt.dll
2013-07-02 18:32 . 2013-07-02 18:32	2284544	----a-w-	c:\windows\SysWow64\msmpeg2vdec.dll
2013-07-02 18:32 . 2013-07-02 18:32	221184	----a-w-	c:\windows\system32\UIAnimation.dll
2013-07-02 18:32 . 2013-07-02 18:32	220160	----a-w-	c:\windows\SysWow64\d3d10core.dll
2013-07-02 18:32 . 2013-07-02 18:32	207872	----a-w-	c:\windows\SysWow64\WindowsCodecsExt.dll
2013-07-02 18:32 . 2013-07-02 18:32	1988096	----a-w-	c:\windows\SysWow64\d3d10warp.dll
2013-07-02 18:32 . 2013-07-02 18:32	194560	----a-w-	c:\windows\system32\d3d10_1.dll
2013-07-02 18:32 . 2013-07-02 18:32	187392	----a-w-	c:\windows\SysWow64\UIAnimation.dll
2013-07-02 18:32 . 2013-07-02 18:32	1682432	----a-w-	c:\windows\system32\XpsPrint.dll
2013-07-02 18:32 . 2013-07-02 18:32	161792	----a-w-	c:\windows\SysWow64\d3d10_1.dll
2013-07-02 18:32 . 2013-07-02 18:32	1238528	----a-w-	c:\windows\system32\d3d10.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-06-21 23:34	130736	----a-w-	c:\users\Bianka\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-06-21 23:34	130736	----a-w-	c:\users\Bianka\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-06-21 23:34	130736	----a-w-	c:\users\Bianka\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\EldosIconOverlay-cbfs4]
@="{49BF1677-5BBA-4B40-B7DE-267BEED07C08}"
[HKEY_CLASSES_ROOT\CLSID\{49BF1677-5BBA-4B40-B7DE-267BEED07C08}]
2013-06-05 15:08	156520	----a-w-	c:\windows\SysWOW64\cbfsMntNtf4.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BoxcryptorClassic.exe"="c:\program files (x86)\Boxcryptor Classic\BoxcryptorClassic.exe" [2013-06-14 2239744]
"SSync"="c:\users\Bianka\AppData\Roaming\SSync\SSync.exe" [2013-04-09 36864]
"Bitdefender-Geldbörse-Agent"="c:\program files\Bitdefender\Bitdefender\pmbxag.exe" [2013-09-04 554992]
"Bitdefender-Geldbörse"="c:\program files\Bitdefender\Bitdefender\pwdmanui.exe" [2013-09-04 1005632]
"Bitdefender-Geldbörse-Anwendungs-Agent"="c:\program files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe" [2013-09-04 621448]
"SCheck"="c:\users\Bianka\AppData\Roaming\SCheck\SCheck.exe" [2013-04-09 36864]
"Snoozer"="c:\users\Bianka\AppData\Roaming\Snz\Snz.exe" [2013-08-28 1137764]
"Intermediate"="c:\users\Bianka\AppData\Roaming\Intermediate\Intermediate.exe" [2013-04-09 36864]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"RotateImage"="c:\program files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe" [2008-10-30 55808]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-11-17 113288]
"IMSS"="c:\program files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe" [2011-01-17 112152]
"PWMTRV"="c:\progra~2\ThinkPad\UTILIT~1\PWMTR64V.DLL" [2013-06-26 6002984]
"MMReminderService"="c:\program files (x86)\Mindjet\MindManager 7\MMReminderService.exe" [2007-05-17 37392]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-05-11 958576]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Bitdefender-Geldbörse-Agent"="c:\program files\Bitdefender\Bitdefender\pmbxag.exe" [2013-09-04 554992]
"Bitdefender-Geldbörse"="c:\program files\Bitdefender\Bitdefender\pwdmanui.exe" [2013-09-04 1005632]
"Bitdefender-Geldbörse-Anwendungs-Agent"="c:\program files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe" [2013-09-04 621448]
.
c:\users\Bianka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Gamma.lnk - c:\program files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664]
Dropbox.lnk - c:\users\Bianka\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2013-8-3 28057256]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\ThinkPad\Bluetooth Software\BTTray.exe [2010-12-19 1202976]
Digital Line Detect.lnk - c:\program files (x86)\Digital Line Detect\DLG.exe [2011-4-16 50688]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"DisableCAD"= 1 (0x1)
.
[hkey_local_machine\software\Wow6432Node\microsoft\windows\currentversion\explorer\SharedTaskScheduler]
"{59E75156-4875-43BB-B01E-254F782AB820}"= "c:\windows\SysWOW64\cbfsMntNtf4.dll" [2013-06-05 156520]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
"EldosMountNotificator-cbfs4"= {59E75156-4875-43BB-B01E-254F782AB820} - c:\windows\SysWOW64\cbfsMntNtf4.dll [2013-06-05 156520]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute	REG_MULTI_SZ   	autocheck autochk *\0sdnclean64.exe
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages	REG_MULTI_SZ   	scecli c:\program files\ThinkVantage Fingerprint Software\psqlpwd.dll
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 HyperW7Svc;HyperW7 Service;c:\program files\Lenovo\RapidBoot\HyperW7Svc64.exe;c:\program files\Lenovo\RapidBoot\HyperW7Svc64.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 BDSandBox;BDSandBox;c:\windows\system32\drivers\bdsandbox.sys;c:\windows\SYSNATIVE\drivers\bdsandbox.sys [x]
R3 BTWAMPFL;BTWAMPFL;c:\windows\system32\DRIVERS\btwampfl.sys;c:\windows\SYSNATIVE\DRIVERS\btwampfl.sys [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
R3 DozeSvc;Lenovo Doze Mode Service;c:\program files (x86)\ThinkPad\Utilities\DZSVC64.EXE;c:\program files (x86)\ThinkPad\Utilities\DZSVC64.EXE [x]
R3 ecnssndis; Mobile Broadband Driver;c:\windows\system32\Drivers\wwuss64.sys;c:\windows\SYSNATIVE\Drivers\wwuss64.sys [x]
R3 ecnssndisfltr; Mobile Broadband Driver Filter;c:\windows\system32\Drivers\wwussf64.sys;c:\windows\SYSNATIVE\Drivers\wwussf64.sys [x]
R3 l36wgps; Mobile Broadband GPS Port;c:\windows\system32\DRIVERS\l36wgps64.sys;c:\windows\SYSNATIVE\DRIVERS\l36wgps64.sys [x]
R3 Mbm3CBus;F5521gw Mobile Broadband Device (WDM);c:\windows\system32\DRIVERS\Mbm3CBus.sys;c:\windows\SYSNATIVE\DRIVERS\Mbm3CBus.sys [x]
R3 Mbm3DevMt; Mobile Broadband Device Management Driver (WDM);c:\windows\system32\DRIVERS\Mbm3DevMt.sys;c:\windows\SYSNATIVE\DRIVERS\Mbm3DevMt.sys [x]
R3 Mbm3mdfl; Mobile Broadband Modem Port Filter;c:\windows\system32\DRIVERS\Mbm3mdfl.sys;c:\windows\SYSNATIVE\DRIVERS\Mbm3mdfl.sys [x]
R3 Mbm3Mdm; Mobile Broadband Modem Port Driver;c:\windows\system32\DRIVERS\Mbm3Mdm.sys;c:\windows\SYSNATIVE\DRIVERS\Mbm3Mdm.sys [x]
R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys;c:\windows\SYSNATIVE\DRIVERS\netw5v64.sys [x]
R3 PCDSRVC{127174DC-C366ED8B-06020101}_0;PCDSRVC{127174DC-C366ED8B-06020101}_0 - PCDR Kernel Mode Service Helper Driver;c:\program files\pc-doctor\pcdsrvc_x64.pkms;c:\program files\pc-doctor\pcdsrvc_x64.pkms [x]
R3 pmxdrv;pmxdrv;c:\windows\system32\drivers\pmxdrv.sys;c:\windows\SYSNATIVE\drivers\pmxdrv.sys [x]
R3 PwmEWSvc;Cisco EnergyWise Enabler;c:\program files (x86)\ThinkPad\Utilities\PWMEWSVC.EXE;c:\program files (x86)\ThinkPad\Utilities\PWMEWSVC.EXE [x]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTAZL6.SYS [x]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTDPV6.SYS [x]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTCNXT6.SYS [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WwanUsbServ;Mobile Broadband Driver;c:\windows\system32\DRIVERS\WwanUsbMp64.sys;c:\windows\SYSNATIVE\DRIVERS\WwanUsbMp64.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 avc3;avc3;c:\windows\system32\DRIVERS\avc3.sys;c:\windows\SYSNATIVE\DRIVERS\avc3.sys [x]
S0 DzHDD64;DzHDD64;c:\windows\System32\DRIVERS\DzHDD64.sys;c:\windows\SYSNATIVE\DRIVERS\DzHDD64.sys [x]
S0 gzflt;gzflt;c:\windows\system32\DRIVERS\gzflt.sys;c:\windows\SYSNATIVE\DRIVERS\gzflt.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S0 TPDIGIMN;TPDIGIMN;c:\windows\System32\DRIVERS\ApsHM64.sys;c:\windows\SYSNATIVE\DRIVERS\ApsHM64.sys [x]
S1 BdfNdisf;BitDefender Firewall NDIS 6 Filter Driver;c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys;c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys [x]
S1 bdfwfpf;bdfwfpf;c:\program files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys;c:\program files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [x]
S1 bdfwfpf_pc;bdfwfpf_pc;c:\program files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys;c:\program files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys [x]
S1 BDVEDISK;BDVEDISK;c:\windows\system32\DRIVERS\bdvedisk.sys;c:\windows\SYSNATIVE\DRIVERS\bdvedisk.sys [x]
S1 cbfs4;cbfs4;c:\windows\system32\drivers\cbfs4.sys;c:\windows\SYSNATIVE\drivers\cbfs4.sys [x]
S1 lenovo.smi;Lenovo System Interface Driver;c:\windows\system32\DRIVERS\smiifx64.sys;c:\windows\SYSNATIVE\DRIVERS\smiifx64.sys [x]
S1 nvkflt;nvkflt;c:\windows\system32\DRIVERS\nvkflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvkflt.sys [x]
S1 PHCORE;PHCORE;c:\program files\Lenovo\RapidBoot\PHCORE64.SYS;c:\program files\Lenovo\RapidBoot\PHCORE64.SYS [x]
S2 BdDesktopParental;Bitdefender Desktop Parental Control;c:\program files\Bitdefender\Bitdefender\bdparentalservice.exe;c:\program files\Bitdefender\Bitdefender\bdparentalservice.exe [x]
S2 CxAudMsg;Conexant Audio Message Service;c:\windows\system32\CxAudMsg64.exe;c:\windows\SYSNATIVE\CxAudMsg64.exe [x]
S2 HsfXAudioService;HsfXAudioService;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 jhi_service;Intel(R) Identity Protection Technology Host Interface Service;c:\program files (x86)\Intel\Services\IPT\jhi_service.exe;c:\program files (x86)\Intel\Services\IPT\jhi_service.exe [x]
S2 LENOVO.CAMMUTE;Lenovo Camera Mute;c:\program files\Lenovo\Communications Utility\CAMMUTE.exe;c:\program files\Lenovo\Communications Utility\CAMMUTE.exe [x]
S2 LENOVO.MICMUTE;Lenovo Microphone Mute;c:\program files\LENOVO\HOTKEY\MICMUTE.exe;c:\program files\LENOVO\HOTKEY\MICMUTE.exe [x]
S2 LENOVO.TPKNRSVC;Lenovo Keyboard Noise Reduction;c:\program files\Lenovo\Communications Utility\TPKNRSVC.exe;c:\program files\Lenovo\Communications Utility\TPKNRSVC.exe [x]
S2 Lenovo.VIRTSCRLSVC;Lenovo Auto Scroll;c:\program files\LENOVO\VIRTSCRL\lvvsst.exe;c:\program files\LENOVO\VIRTSCRL\lvvsst.exe [x]
S2 risdxc;risdxc;c:\windows\system32\DRIVERS\risdxc64.sys;c:\windows\SYSNATIVE\DRIVERS\risdxc64.sys [x]
S2 SafeBox;SafeBox;c:\program files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe;c:\program files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe [x]
S2 SAService;Conexant SmartAudio service;c:\windows\system32\SAsrv.exe;c:\windows\SYSNATIVE\SAsrv.exe [x]
S2 smihlp;SMI Helper Driver (smihlp);c:\program files\ThinkVantage Fingerprint Software\smihlp.sys;c:\program files\ThinkVantage Fingerprint Software\smihlp.sys [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 TPHKLOAD;Lenovo Hotkey Client Loader;c:\program files\LENOVO\HOTKEY\TPHKLOAD.exe;c:\program files\LENOVO\HOTKEY\TPHKLOAD.exe [x]
S2 TPHKSVC;On Screen Display;c:\program files\LENOVO\HOTKEY\TPHKSVC.exe;c:\program files\LENOVO\HOTKEY\TPHKSVC.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 UPDATESRV;Bitdefender Desktop Update Service;c:\program files\Bitdefender\Bitdefender\updatesrv.exe;c:\program files\Bitdefender\Bitdefender\updatesrv.exe [x]
S2 WMCoreService;Mobile Broadband Service;c:\program files (x86)\Mobile Broadband drivers\WMCore\mini_WMCore.exe servicemode;c:\program files (x86)\Mobile Broadband drivers\WMCore\mini_WMCore.exe servicemode [x]
S3 5U877;USB Video Device;c:\windows\system32\DRIVERS\5U877.sys;c:\windows\SYSNATIVE\DRIVERS\5U877.sys [x]
S3 avchv;avchv Function Driver;c:\windows\system32\DRIVERS\avchv.sys;c:\windows\SYSNATIVE\DRIVERS\avchv.sys [x]
S3 avckf;avckf;c:\windows\system32\DRIVERS\avckf.sys;c:\windows\SYSNATIVE\DRIVERS\avckf.sys [x]
S3 CAXHWAZL;CAXHWAZL;c:\windows\system32\DRIVERS\CAXHWAZL.sys;c:\windows\SYSNATIVE\DRIVERS\CAXHWAZL.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3xhc.sys [x]
S3 Power Manager DBC Service;Power Manager DBC Service;c:\program files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE;c:\program files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE [x]
S3 TVTI2C;Lenovo SM bus driver;c:\windows\system32\DRIVERS\Tvti2c.sys;c:\windows\SYSNATIVE\DRIVERS\Tvti2c.sys [x]
S3 vpnpbus;EldoS PnP Virtual Bus driver;c:\windows\system32\DRIVERS\vpnpbus.sys;c:\windows\SYSNATIVE\DRIVERS\vpnpbus.sys [x]
S3 WSDScan;WSD-Scanunterstützung durch UMB;c:\windows\system32\DRIVERS\WSDScan.sys;c:\windows\SYSNATIVE\DRIVERS\WSDScan.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-09-05 06:21	1177552	----a-w-	c:\program files (x86)\Google\Chrome\Application\29.0.1547.66\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2013-09-17 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-07-04 05:49]
.
2013-09-17 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-07-04 05:49]
.
2013-09-17 c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job
- c:\program files\PC-Doctor\uaclauncher.exe [2010-12-09 22:52]
.
2013-09-17 c:\windows\Tasks\SystemToolsDailyTest.job
- c:\program files\PC-Doctor\pcdrcui.exe [2010-12-09 22:52]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-06-21 23:34	164016	----a-w-	c:\users\Bianka\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-06-21 23:34	164016	----a-w-	c:\users\Bianka\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-06-21 23:34	164016	----a-w-	c:\users\Bianka\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-06-21 23:34	164016	----a-w-	c:\users\Bianka\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\EldosIconOverlay-cbfs4]
@="{49BF1677-5BBA-4B40-B7DE-267BEED07C08}"
[HKEY_CLASSES_ROOT\CLSID\{49BF1677-5BBA-4B40-B7DE-267BEED07C08}]
2013-06-05 15:09	182632	----a-w-	c:\windows\System32\cbfsMntNtf4.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\__SafeBox1]
@="{152C96EB-288E-4EDC-B7C6-D21F8250ADF3}"
[HKEY_CLASSES_ROOT\CLSID\{152C96EB-288E-4EDC-B7C6-D21F8250ADF3}]
2013-07-08 13:59	206352	----a-w-	c:\program files\Bitdefender\Bitdefender Safebox\safeboxshell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\__SafeBox2]
@="{342DAA0B-D796-460D-8566-901E08A1CCAD}"
[HKEY_CLASSES_ROOT\CLSID\{342DAA0B-D796-460D-8566-901E08A1CCAD}]
2013-07-08 13:59	206352	----a-w-	c:\program files\Bitdefender\Bitdefender Safebox\safeboxshell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\__SafeBox3]
@="{57595DAE-1AE1-4D97-A49E-67CBB53B52DF}"
[HKEY_CLASSES_ROOT\CLSID\{57595DAE-1AE1-4D97-A49E-67CBB53B52DF}]
2013-07-08 13:59	206352	----a-w-	c:\program files\Bitdefender\Bitdefender Safebox\safeboxshell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\__SafeBox4]
@="{33816773-98AE-4723-ADE0-EBE54C8B5A67}"
[HKEY_CLASSES_ROOT\CLSID\{33816773-98AE-4723-ADE0-EBE54C8B5A67}]
2013-07-08 13:59	206352	----a-w-	c:\program files\Bitdefender\Bitdefender Safebox\safeboxshell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TpShocks"="TpShocks.exe" [2010-12-09 380776]
"SmartAudio"="c:\program files\CONEXANT\SAII\SAIICpl.exe" [2011-01-07 316032]
"ForteConfig"="c:\program files\Conexant\ForteConfig\fmapp.exe" [2010-10-26 49056]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-03-10 167960]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-03-10 391704]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-03-10 418840]
"LENOVO.TPKNRRES"="c:\program files\Lenovo\Communications Utility\TPKNRRES.exe" [2011-02-26 41320]
"ALCKRESI.EXE"="c:\program files\Lenovo\AutoLock\ALCKRESI.EXE" [2010-12-17 281448]
"AcWin7Hlpr"="c:\program files (x86)\Lenovo\Access Connections\AcTBenabler.exe" [2011-03-08 31592]
"nwiz"="c:\program files\NVIDIA Corporation\nview\nwiz.exe" [2013-02-28 2041192]
"Logitech Download Assistant"="c:\windows\System32\LogiLDA.dll" [2012-09-20 1832760]
"Bdagent"="c:\program files\Bitdefender\Bitdefender\bdagent.exe" [2013-09-04 1737944]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\SharedTaskScheduler]
"{59E75156-4875-43BB-B01E-254F782AB820}"= "c:\windows\system32\cbfsMntNtf4.dll" [2013-06-05 182632]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://lenovo.msn.com
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyServer = localhost:8080
IE: An OneNote s&enden - c:\progra~2\MICROS~4\Office14\ONBttnIE.dll/105
IE: Bild an &Bluetooth-Gerät senden... - c:\program files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm
IE: Nach Microsoft E&xcel exportieren - c:\progra~2\MICROS~4\Office14\EXCEL.EXE/3000
IE: Seite an &Bluetooth-Gerät senden... - c:\program files\ThinkPad\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\Bianka\AppData\Roaming\Mozilla\Firefox\Profiles\jh7nd2it.default-1374224086910\
FF - prefs.js: browser.startup.homepage - hxxp://www.meinauftrag.net
FF - ExtSQL: 2013-07-19 20:54; om@offermosquito.com; c:\users\Bianka\AppData\Roaming\Mozilla\Firefox\Profiles\jh7nd2it.default-1374224086910\extensions\om@offermosquito.com.xpi
FF - ExtSQL: 2013-08-05 19:11; ffpwdman@bitdefender.com; c:\program files\Bitdefender\Bitdefender\Antispam32\ffpwdman
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKCU-Run-OMESupervisor - c:\users\Bianka\AppData\Local\omesuperv.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-Locked - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
SSODL-EldosMountNotificator-cbfs4    REG_SZ    {59E75156-4875-43BB-B01E-254F782AB820}- - (no file)
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\PCDSRVC{127174DC-C366ED8B-06020101}_0]
"ImagePath"="\??\c:\program files\pc-doctor\pcdsrvc_x64.pkms"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_168_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_168_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_168_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_168_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_168.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_168.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_168.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_168.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
c:\windows\SysWOW64\SAsrv.exe
c:\program files (x86)\Mobile Broadband drivers\WMCore\mini_WMCore.exe
c:\program files (x86)\Lenovo\Access Connections\AcSvc.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\Lenovo\System Update\SUService.exe
c:\program files (x86)\Common Files\Lenovo\tvt_reg_monitor_svc.exe
c:\progra~1\LENOVO\VIRTSCRL\virtscrl.exe
c:\progra~1\Lenovo\Zoom\TPSCREX.EXE
c:\progra~1\Lenovo\HOTKEY\TPONSCR.EXE
c:\program files (x86)\Lenovo\Access Connections\AcDeskBandHlpr.exe
c:\program files (x86)\Lenovo\Access Connections\SvcGuiHlpr.exe
c:\windows\SysWOW64\rundll32.exe
c:\users\Bianka\AppData\Roaming\Dropbox\bin\Dropbox.exe
c:\windows\SysWOW64\RunDll32.exe
c:\progra~2\ThinkPad\UTILIT~1\SCHTASK.exe
c:\program files (x86)\LENOVO\Message Center Plus\MCPLaunch.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2013-09-17  17:20:33 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2013-09-17 15:20
.
Vor Suchlauf: 14 Verzeichnis(se), 133.538.684.928 Bytes frei
Nach Suchlauf: 19 Verzeichnis(se), 140.408.750.080 Bytes frei
.
- - End Of File - - 034E1C1FEE66EBD8878C47045A4D1D98

schrauber · 17.09.2013, 20:26

Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

und ein frisches FRST log bitte.

bianka.b · 18.09.2013, 12:16

So, hier nun mal alle neuen Logfiles:

Code:

ATTFilter

 Malwarebytes Anti-Malware  (Test) 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2013.09.18.02

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16686
Bianka :: THINKPAD [Administrator]

Schutz: Aktiviert

18.09.2013 07:16:39
mbam-log-2013-09-18 (07-16-39).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|Q:\|S:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 414559
Laufzeit: 1 Stunde(n), 1 Minute(n), 56 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 1
C:\Qoobox\Quarantine\C\Users\Bianka\AppData\Local\omesuperv.exe.vir (PUP.Optional.OfferMosquito.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)

Code:

ATTFilter

# AdwCleaner v3.004 - Bericht erstellt am 18/09/2013 um 12:30:00
# Updated 15/09/2013 von Xplode
# Betriebssystem : Windows 7 Professional Service Pack 1 (64 bits)
# Benutzername : Bianka - THINKPAD
# Gestartet von : C:\Users\Bianka\Desktop\adwcleaner.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\Users\Bianka\AppData\Roaming\Common\LuaRT
Ordner Gelöscht : C:\Users\Bianka\AppData\Roaming\Intermediate
Ordner Gelöscht : C:\Users\Bianka\AppData\Roaming\SCheck
Ordner Gelöscht : C:\Users\Bianka\AppData\Roaming\SSync
Datei Gelöscht : C:\Users\Bianka\AppData\Roaming\Mozilla\Firefox\Profiles\jh7nd2it.default-1374224086910\Extensions\om@offermosquito.com.xpi

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Wert Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Intermediate]
Wert Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [scheck]
Wert Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [ssync]
Schlüssel Gelöscht : HKCU\Software\httogroup
Schlüssel Gelöscht : HKCU\Software\piccshare
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}

***** [ Browser ] *****

-\\ Internet Explorer v10.0.9200.16686


-\\ Mozilla Firefox v23.0.1 (de)

[ Datei : C:\Users\Bianka\AppData\Roaming\Mozilla\Firefox\Profiles\jh7nd2it.default-1374224086910\prefs.js ]

Zeile gelöscht : user_pref("om.config", "{\"active\":true,\"name\":\"twde\",\"id\":25,\"dispId\":\"CH-25\",\"aboutLink\":\"\",\"trackingGeneral\":true,\"gaAccount\":\"UA-39484183-1\",\"gaDomain\":\"offermosquito.com\"[...]

-\\ Google Chrome v29.0.1547.66

[ Datei : C:\Users\Bianka\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [2096 octets] - [18/09/2013 12:29:34]
AdwCleaner[S0].txt - [1921 octets] - [18/09/2013 12:30:00]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1981 octets] ##########

Code:

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.1 (09.15.2013:1)
OS: Windows 7 Professional x64
Ran by Bianka on 18.09.2013 at 12:59:55,02
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ FireFox

Emptied folder: C:\Users\Bianka\AppData\Roaming\mozilla\firefox\profiles\jh7nd2it.default-1374224086910\minidumps [8 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 18.09.2013 at 13:10:07,12
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 16-09-2013 03
Ran by Bianka (administrator) on THINKPAD on 18-09-2013 13:12:35
Running from C:\Users\Bianka\Desktop
Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\vsserv.exe
(Lenovo.) C:\Windows\system32\ibmpmsvc.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(UPEK Inc.) C:\Program Files\ThinkVantage Fingerprint Software\upeksvr.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Lenovo Group Limited) C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
(Lenovo Group Limited) C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\bdparentalservice.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
(Conexant Systems Inc.) C:\Windows\system32\CxAudMsg64.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe
(Lenovo Group Limited) C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
(Lenovo Group Limited) C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Conexant Systems, Inc.) C:\Windows\SysWOW64\SAsrv.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Ericsson AB) C:\Program Files (x86)\Mobile Broadband drivers\WMCore\mini_WMCore.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\System Update\SUService.exe
(Lenovo Group Limited) C:\Program Files (x86)\Common Files\Lenovo\tvt_reg_monitor_svc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Lenovo Group Limited) C:\PROGRA~1\LENOVO\VIRTSCRL\virtscrl.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Lenovo.) C:\Windows\System32\TpShocks.exe
() C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\AutoLock\ALCKRESI.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\bdagent.exe
(Secomba GmbH) C:\Program Files (x86)\Boxcryptor Classic\BoxcryptorClassic.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
(Avanquest Software ) C:\Program Files (x86)\Digital Line Detect\DLG.exe
(Dropbox, Inc.) C:\Users\Bianka\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Ricoh co.,Ltd.) C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Mindjet) C:\Program Files (x86)\Mindjet\MindManager 7\MmReminderService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\SvcGuiHlpr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Lenovo Group Limited) C:\PROGRA~2\ThinkPad\UTILIT~1\SCHTASK.exe
(Lenovo) C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE
(Lenovo Group Limited) C:\PROGRA~1\Lenovo\Zoom\TPSCREX.EXE
(Lenovo Group Limited) C:\PROGRA~1\Lenovo\HOTKEY\TPONSCR.EXE
(Lenovo Group Limited) C:\PROGRA~1\Lenovo\HOTKEY\tpnumlkd.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\BdParentalSysTray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcDeskBandHlpr.exe
() C:\Program Files (x86)\LENOVO\Message Center Plus\MCPLaunch.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2697512 2011-02-17] (Synaptics Incorporated)
HKLM\...\Run: [TpShocks] - C:\Windows\system32\TpShocks.exe [380776 2010-12-09] (Lenovo.)
HKLM\...\Run: [SmartAudio] - C:\Program Files\CONEXANT\SAII\SAIICpl.exe [316032 2011-01-07] (Conexant systems, Inc.)
HKLM\...\Run: [ForteConfig] - C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] ()
HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [LENOVO.TPKNRRES] - C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [41320 2011-02-26] (Lenovo Group Limited)
HKLM\...\Run: [ALCKRESI.EXE] - C:\Program Files\Lenovo\AutoLock\ALCKRESI.EXE [281448 2010-12-17] (Lenovo Group Limited)
HKLM\...\Run: [AcWin7Hlpr] - C:\Program Files (x86)\Lenovo\Access Connections\AcTBenabler.exe [31592 2011-03-08] (Lenovo)
HKLM\...\Run: [nwiz] - C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2041192 2013-02-28] ()
HKLM\...\Run: [Logitech Download Assistant] - C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [Bdagent] - C:\Program Files\Bitdefender\Bitdefender\bdagent.exe [1737944 2013-09-04] (Bitdefender)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\psfus: C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll (UPEK Inc.)
HKCU\...\Run: [BoxcryptorClassic.exe] - C:\Program Files (x86)\Boxcryptor Classic\BoxcryptorClassic.exe [2239744 2013-06-14] (Secomba GmbH)
HKCU\...\Run: [Bitdefender-Geldbörse-Agent] - C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe [554992 2013-09-04] (Bitdefender)
HKCU\...\Run: [Bitdefender-Geldbörse] - C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe [1005632 2013-09-04] (Bitdefender)
HKCU\...\Run: [Bitdefender-Geldbörse-Anwendungs-Agent] - C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe [621448 2013-09-04] (Bitdefender)
HKCU\...\Run: [Snoozer] - C:\Users\Bianka\AppData\Roaming\Snz\Snz.exe [1137764 2013-08-28] ()
HKLM-x32\...\Run: [RotateImage] - C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe [55808 2008-10-31] (Ricoh co.,Ltd.)
HKLM-x32\...\Run: [NUSB3MON] - C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [IMSS] - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [112152 2011-01-17] (Intel Corporation)
HKLM-x32\...\Run: [PWMTRV] - C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL [6002984 2013-06-26] (Lenovo Group Limited)
HKLM-x32\...\Run: [MMReminderService] - C:\Program Files (x86)\Mindjet\MindManager 7\MMReminderService.exe [37392 2007-05-18] (Mindjet)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-05-11] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKU\Default\...\RunOnce: [] - [x]
HKU\Default\...\RunOnce: [Lenovoautoqdrive] - C:\PROGRA~2\Common~1\Lenovo\Lenovo~1\LenovoAutorunreg.exe [159744 2009-03-24] ()
HKU\Default User\...\RunOnce: [] - [x]
HKU\Default User\...\RunOnce: [Lenovoautoqdrive] - C:\PROGRA~2\Common~1\Lenovo\Lenovo~1\LenovoAutorunreg.exe [159744 2009-03-24] ()
AppInit_DLLs: C:\Windows\System32\nvinitx.dll [245872 2013-02-28] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll [201576 2013-02-28] (NVIDIA Corporation)
Lsa: [Notification Packages] scecli C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll
Startup: C:\Users\Bianka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Users\Bianka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Bianka\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
SSODL: EldosMountNotificator-cbfs4 - {59E75156-4875-43BB-B01E-254F782AB820} - C:\Windows\system32\cbfsMntNtf4.dll (EldoS Corporation)
SSODL-x32: EldosMountNotificator-cbfs4 - {59E75156-4875-43BB-B01E-254F782AB820} - C:\Windows\SysWOW64\cbfsMntNtf4.dll (EldoS Corporation)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

ProxyServer: localhost:8080
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com/welcome/thinkpad
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender\pmbxie.dll (Bitdefender)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: CmjBrowserHelperObject Object - {07A11D74-9D25-4fea-A833-8B0D76A5577A} - C:\Program Files (x86)\Mindjet\MindManager 7\Mm7InternetExplorer.dll (Mindjet)
BHO-x32: Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender\Antispam32\pmbxie.dll (Bitdefender)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: ChromeFrame BHO - {ECB3C477-1A0A-44BD-BB57-78F9EFE34FA7} - C:\Program Files (x86)\Google\Chrome Frame\Application\29.0.1547.66\npchrome_frame.dll (Google Inc.)
Handler: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} -  No File
Handler-x32: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - C:\Program Files (x86)\Google\Chrome Frame\Application\29.0.1547.66\npchrome_frame.dll (Google Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Bianka\AppData\Roaming\Mozilla\Firefox\Profiles\jh7nd2it.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
FF Plugin-x32: @Bitdefender.com/PasswordManager;version=17.8 - C:\Program Files\Bitdefender\Bitdefender\Antispam32\pmbxnp.dll (Bitdefender)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - C:\Program Files (x86)\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf - C:\Program Files (x86)\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender\bdtbext
FF Extension: No Name - C:\Program Files\Bitdefender\Bitdefender\bdtbext
FF HKLM-x32\...\Firefox\Extensions: [ffpwdman@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender\Antispam32\ffpwdman\
FF Extension: Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender\Antispam32\ffpwdman\
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender\bdtbext
FF Extension: No Name - C:\Program Files\Bitdefender\Bitdefender\bdtbext

Chrome: 
=======
CHR HomePage: hxxp://www.google.com
CHR RestoreOnStartup: 		"urls_to_restore_on_startup": [
CHR Extension: (Docs) - C:\Users\Bianka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.0.0.6_0
CHR Extension: (Google Drive) - C:\Users\Bianka\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0
CHR Extension: (YouTube) - C:\Users\Bianka\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0
CHR Extension: (Google Search) - C:\Users\Bianka\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0
CHR Extension: (OfferMosquito) - C:\Users\Bianka\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbmdkmlcnbapgegninelmjbfibaghdmk\0.5_0
CHR Extension: (Gmail) - C:\Users\Bianka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR HKLM-x32\...\Chrome\Extension: [ccahoghmggldkcdjiebjkidpfongdfbl] - C:\Program Files\Bitdefender\Bitdefender\Antispam32\pmbxcr.crx

==================== Services (Whitelisted) =================

S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2013-07-18] (Adobe Systems)
R2 BdDesktopParental; C:\Program Files\Bitdefender\Bitdefender\bdparentalservice.exe [75584 2013-07-05] (Bitdefender)
S3 DozeSvc; C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE [320576 2013-06-26] (Lenovo.)
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [93032 2010-04-07] (Lenovo Group Limited)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 SafeBox; C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe [94624 2013-07-08] (Bitdefender)
R2 ThinkVantage Registry Monitor Service; C:\Program Files (x86)\Common Files\Lenovo\tvt_reg_monitor_svc.exe [1028096 2010-12-11] (Lenovo Group Limited)
S3 TVT Backup Service; C:\Program Files (x86)\Lenovo\Rescue and Recovery\rrservice.exe [1475896 2010-12-11] (Lenovo Group Limited)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe [67320 2013-09-04] (Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender\vsserv.exe [1505688 2013-09-04] (Bitdefender)
R2 WMCoreService; C:\Program Files (x86)\Mobile Broadband drivers\WMCore\mini_WMCore.exe [584232 2010-12-09] (Ericsson AB)

==================== Drivers (Whitelisted) ====================

R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [727592 2013-07-19] (BitDefender)
R3 avchv; C:\Windows\System32\DRIVERS\avchv.sys [261056 2012-11-02] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [601360 2013-07-19] (BitDefender)
R1 BdfNdisf; c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys [93600 2013-02-22] (BitDefender LLC)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [103504 2011-11-14] (BitDefender LLC)
R1 bdfwfpf_pc; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys [109056 2013-01-29] (BitDefender SRL)
S3 BDSandBox; C:\Windows\system32\drivers\bdsandbox.sys [82824 2013-07-23] (BitDefender SRL)
R1 BDVEDISK; C:\Windows\System32\DRIVERS\bdvedisk.sys [76944 2012-04-17] (BitDefender)
R1 cbfs4; C:\Windows\system32\drivers\cbfs4.sys [385216 2013-06-05] (EldoS Corporation)
S3 ecnssndis; C:\Windows\System32\Drivers\wwuss64.sys [26664 2010-03-03] (Ericsson AB)
S3 ecnssndisfltr; C:\Windows\System32\Drivers\wwussf64.sys [30248 2010-03-03] (Ericsson AB)
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [147232 2012-10-04] (BitDefender LLC)
S3 l36wgps; C:\Windows\System32\DRIVERS\l36wgps64.sys [101416 2010-12-02] (Ericsson AB)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 Mbm3CBus; C:\Windows\System32\DRIVERS\Mbm3CBus.sys [411208 2010-11-01] (MCCI Corporation)
S3 Mbm3DevMt; C:\Windows\System32\DRIVERS\Mbm3DevMt.sys [419912 2010-11-01] (MCCI Corporation)
S3 Mbm3mdfl; C:\Windows\System32\DRIVERS\Mbm3mdfl.sys [19528 2010-11-01] (MCCI Corporation)
S3 Mbm3Mdm; C:\Windows\System32\DRIVERS\Mbm3Mdm.sys [472648 2010-11-01] (MCCI Corporation)
R1 nvkflt; C:\Windows\System32\DRIVERS\nvkflt.sys [284448 2013-02-28] (NVIDIA Corporation)
R1 PHCORE; C:\Program Files\Lenovo\RapidBoot\PHCORE64.SYS [31592 2010-12-03] (Lenovo Group Limited)
S3 pmxdrv; C:\Windows\system32\drivers\pmxdrv.sys [31152 2011-04-16] ()
S3 pmxdrv; C:\Windows\system32\drivers\pmxdrv.sys [31152 2011-04-16] ()
R2 smihlp; C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys [13840 2009-03-13] (UPEK Inc.)
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [382536 2013-05-28] (BitDefender S.R.L.)
R3 TVTI2C; C:\Windows\System32\DRIVERS\Tvti2c.sys [41536 2009-09-24] (Lenovo (United States) Inc.)
R3 vpnpbus; C:\Windows\System32\DRIVERS\vpnpbus.sys [18624 2013-06-05] (EldoS Corporation)
S3 WwanUsbServ; C:\Windows\System32\DRIVERS\WwanUsbMp64.sys [276008 2010-12-29] (Ericsson AB)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
S3 PCDSRVC{127174DC-C366ED8B-06020101}_0; \??\c:\program files\pc-doctor\pcdsrvc_x64.pkms [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-09-18 13:10 - 2013-09-18 13:10 - 00000772 _____ C:\Users\Bianka\Desktop\JRT.txt
2013-09-18 12:58 - 2013-09-18 12:58 - 00002061 _____ C:\Users\Bianka\Desktop\AdwCleaner[S0].txt
2013-09-18 12:29 - 2013-09-18 12:30 - 00000000 ____D C:\AdwCleaner
2013-09-18 07:15 - 2013-09-18 07:15 - 00000000 ____D C:\Users\Bianka\AppData\Roaming\Malwarebytes
2013-09-18 07:14 - 2013-09-18 07:14 - 00001124 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-09-18 07:14 - 2013-09-18 07:14 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-09-18 07:14 - 2013-09-18 07:14 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-09-18 07:14 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-09-18 07:12 - 2013-09-18 07:12 - 01029675 _____ (Thisisu) C:\Users\Bianka\Desktop\JRT.exe
2013-09-18 07:11 - 2013-09-18 07:11 - 01039554 _____ C:\Users\Bianka\Desktop\adwcleaner.exe
2013-09-17 17:20 - 2013-09-17 17:20 - 00043551 _____ C:\ComboFix.txt
2013-09-17 16:37 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2013-09-17 16:37 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2013-09-17 16:37 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2013-09-17 16:37 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-09-17 16:37 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-09-17 16:37 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2013-09-17 16:37 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2013-09-17 16:37 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2013-09-17 16:34 - 2013-09-17 17:21 - 00000000 ____D C:\Qoobox
2013-09-17 16:33 - 2013-09-17 17:14 - 00000000 ____D C:\Windows\erdnt
2013-09-17 16:27 - 2013-09-17 16:28 - 05128653 ____R (Swearware) C:\Users\Bianka\Desktop\ComboFix.exe
2013-09-17 10:16 - 2013-09-17 10:16 - 00000000 ____D C:\FRST
2013-09-17 10:15 - 2013-09-17 10:15 - 01950524 _____ (Farbar) C:\Users\Bianka\Desktop\FRST64.exe
2013-09-17 08:37 - 2013-09-17 08:37 - 00000966 _____ C:\cleannavi.txt
2013-09-17 08:36 - 2013-09-17 08:37 - 00000000 ____D C:\Navilog1
2013-09-17 08:36 - 2013-09-17 08:36 - 00000000 ____D C:\Program Files (x86)\Navilog1
2013-09-16 09:48 - 2013-09-16 09:48 - 638305131 _____ C:\Windows\MEMORY.DMP
2013-09-16 09:48 - 2013-09-16 09:48 - 00262144 _____ C:\Windows\Minidump\091613-19188-01.dmp
2013-09-16 09:48 - 2013-09-16 09:48 - 00000000 ____D C:\Windows\Minidump
2013-09-12 03:07 - 2013-08-10 07:22 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-09-12 03:07 - 2013-08-10 07:22 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-09-12 03:07 - 2013-08-10 07:22 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-09-12 03:07 - 2013-08-10 07:21 - 19246592 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-09-12 03:07 - 2013-08-10 07:21 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-09-12 03:07 - 2013-08-10 07:21 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-09-12 03:07 - 2013-08-10 07:20 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-09-12 03:07 - 2013-08-10 07:20 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-09-12 03:07 - 2013-08-10 07:20 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-09-12 03:07 - 2013-08-10 07:20 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-09-12 03:07 - 2013-08-10 07:20 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-09-12 03:07 - 2013-08-10 07:20 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-09-12 03:07 - 2013-08-10 07:20 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-09-12 03:07 - 2013-08-10 07:20 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-09-12 03:07 - 2013-08-10 05:59 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-09-12 03:07 - 2013-08-10 05:59 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-09-12 03:07 - 2013-08-10 05:58 - 14332928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-09-12 03:07 - 2013-08-10 05:58 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-09-12 03:07 - 2013-08-10 05:58 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-09-12 03:07 - 2013-08-10 05:58 - 02048000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-09-12 03:07 - 2013-08-10 05:58 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-09-12 03:07 - 2013-08-10 05:58 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-09-12 03:07 - 2013-08-10 05:58 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-09-12 03:07 - 2013-08-10 05:58 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-09-12 03:07 - 2013-08-10 05:58 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-09-12 03:07 - 2013-08-10 05:58 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-09-12 03:07 - 2013-08-10 05:58 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-09-12 03:07 - 2013-08-10 05:17 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-09-12 03:07 - 2013-08-10 05:07 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-09-12 03:07 - 2013-08-10 04:27 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-09-12 03:07 - 2013-08-10 04:17 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-09-11 21:52 - 2013-08-05 04:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2013-09-11 21:48 - 2013-08-02 04:23 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-09-11 21:48 - 2013-08-02 04:15 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-09-11 21:48 - 2013-08-02 04:15 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2013-09-11 21:48 - 2013-08-02 04:15 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-09-11 21:48 - 2013-08-02 04:15 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2013-09-11 21:48 - 2013-08-02 04:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2013-09-11 21:48 - 2013-08-02 04:14 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2013-09-11 21:48 - 2013-08-02 04:13 - 01161216 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2013-09-11 21:48 - 2013-08-02 04:13 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2013-09-11 21:48 - 2013-08-02 04:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2013-09-11 21:48 - 2013-08-02 04:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2013-09-11 21:48 - 2013-08-02 04:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 04:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 03:59 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-09-11 21:48 - 2013-08-02 03:59 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-09-11 21:48 - 2013-08-02 03:51 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-09-11 21:48 - 2013-08-02 03:50 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2013-09-11 21:48 - 2013-08-02 03:50 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2013-09-11 21:48 - 2013-08-02 03:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-09-11 21:48 - 2013-08-02 03:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2013-09-11 21:48 - 2013-08-02 03:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 03:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 03:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2013-09-11 21:48 - 2013-08-02 02:59 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2013-09-11 21:48 - 2013-08-02 02:45 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-09-11 21:48 - 2013-08-02 02:45 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-09-11 21:48 - 2013-08-02 02:45 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-09-11 21:48 - 2013-08-02 02:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-09-11 21:48 - 2013-08-02 02:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 02:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 02:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 02:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2013-09-11 21:36 - 2013-07-26 04:24 - 14172672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2013-09-11 21:36 - 2013-07-26 04:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2013-09-11 21:36 - 2013-07-26 03:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2013-09-11 21:36 - 2013-07-26 03:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2013-09-11 20:46 - 2013-08-08 03:20 - 03155456 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-09-10 15:39 - 2013-09-10 15:39 - 10003360 _____ (TimePunch KG                                                ) C:\Users\Bianka\Downloads\TimePunchONE.exe
2013-09-06 07:43 - 2013-09-06 07:43 - 00867240 _____ (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-09-06 07:43 - 2013-09-06 07:43 - 00789416 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-09-06 07:43 - 2013-09-06 07:43 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-09-06 07:43 - 2013-09-06 07:43 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-09-06 07:43 - 2013-09-06 07:43 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-09-06 07:43 - 2013-09-06 07:43 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-09-06 07:43 - 2013-09-06 07:43 - 00000000 ____D C:\ProgramData\Sun
2013-09-06 07:43 - 2013-09-06 07:43 - 00000000 ____D C:\Program Files (x86)\Java
2013-09-06 07:40 - 2013-09-06 07:42 - 31714728 _____ (Oracle Corporation) C:\Users\Bianka\Downloads\jre-7u25-windows-i586.exe
2013-09-05 17:32 - 2013-09-05 18:50 - 596069350 _____ C:\Users\Bianka\Downloads\onkeltomshuette_crow_1210.zip
2013-08-29 10:58 - 2013-08-29 11:05 - 88808360 _____ C:\Users\Bianka\Downloads\bitdefender_pc_2013_v195_32b.exe
2013-08-29 08:05 - 2013-08-29 08:05 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-08-27 18:07 - 2013-08-27 18:07 - 00000385 _____ C:\Users\Bianka\AppData\Roaminguser_gensett.xml
2013-08-27 17:17 - 2013-08-27 17:17 - 00000385 _____ C:\Windows\system32\user_gensett.xml
2013-08-27 08:21 - 2013-08-27 08:21 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_avchv_01009.Wdf
2013-08-27 08:21 - 2012-04-17 14:34 - 00076944 _____ (BitDefender) C:\Windows\system32\Drivers\bdvedisk.sys
2013-08-27 08:20 - 2013-07-23 16:50 - 00082824 _____ (BitDefender SRL) C:\Windows\system32\Drivers\bdsandbox.sys
2013-08-27 08:20 - 2013-07-19 18:08 - 00601360 _____ (BitDefender) C:\Windows\system32\Drivers\avckf.sys
2013-08-27 08:20 - 2013-07-19 18:04 - 00727592 _____ (BitDefender) C:\Windows\system32\Drivers\avc3.sys
2013-08-27 08:20 - 2013-02-22 19:46 - 00093600 _____ (BitDefender LLC) C:\Windows\system32\Drivers\BdfNdisf6.sys
2013-08-27 08:20 - 2012-11-02 14:17 - 00261056 _____ (BitDefender) C:\Windows\system32\Drivers\avchv.sys
2013-08-27 08:20 - 2007-04-11 11:11 - 00511328 _____ (Microsoft Corporation) C:\Windows\capicom.dll
2013-08-27 07:55 - 2013-08-27 08:21 - 00253404 ____H C:\bdr-ld01
2013-08-27 07:55 - 2013-08-27 08:21 - 00009216 ____H C:\bdr-ld01.mbr
2013-08-27 07:55 - 2013-06-25 18:20 - 38518480 ____H C:\bdr-im01.gz
2013-08-27 07:55 - 2012-08-15 15:28 - 02510608 ____H C:\bdr-bz01
2013-08-27 07:47 - 2013-05-28 12:12 - 00382536 _____ (BitDefender S.R.L.) C:\Windows\system32\Drivers\trufos.sys
2013-08-27 07:47 - 2012-10-04 14:30 - 00147232 _____ (BitDefender LLC) C:\Windows\system32\Drivers\gzflt.sys
2013-08-27 07:37 - 2013-08-27 07:40 - 37672592 _____ (Safer-Networking Ltd.                                       ) C:\Users\Bianka\Downloads\spybotsd-2.1.21-SR2.exe
2013-08-26 11:33 - 2013-08-27 17:17 - 00000000 ____D C:\ProgramData\BDLogging
2013-08-26 11:33 - 2013-08-27 08:21 - 00000684 ____H C:\bdr-cf01
2013-08-26 10:37 - 2013-08-31 15:28 - 00000000 ____D C:\Users\Bianka\AppData\Roaming\Bitdefender
2013-08-26 10:22 - 2013-08-26 11:38 - 00000000 ____D C:\ProgramData\Bitdefender
2013-08-26 10:22 - 2013-08-26 10:37 - 00000000 ____D C:\Program Files\Bitdefender
2013-08-26 10:21 - 2013-08-26 10:21 - 00000000 ____D C:\Users\Bianka\AppData\Roaming\QuickScan
2013-08-26 10:15 - 2013-08-27 16:58 - 00000000 ____D C:\Program Files\Common Files\Bitdefender
2013-08-23 12:57 - 2013-08-23 14:16 - 00000000 ____D C:\Users\Bianka\Desktop\Urlaubsfotos Türkei
2013-08-19 22:33 - 2013-08-19 22:35 - 00000000 ____D C:\Users\Bianka\Desktop\Download
2013-08-19 22:10 - 2013-08-19 22:21 - 362546197 _____ C:\Users\Bianka\Downloads\Download.zip
2013-08-19 21:55 - 2013-08-19 22:00 - 00000000 ____D C:\Users\Bianka\Desktop\ImageTransfer_2013-08-19_20-36
2013-08-19 20:37 - 2013-08-19 20:43 - 398503283 _____ C:\Users\Bianka\Downloads\ImageTransfer_2013-08-19_20-36.zip
2013-08-19 18:37 - 2013-07-09 07:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-08-19 18:37 - 2013-07-09 07:51 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2013-08-19 18:37 - 2013-07-09 07:46 - 01472512 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-08-19 18:37 - 2013-07-09 07:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-08-19 18:37 - 2013-07-09 07:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-08-19 18:37 - 2013-07-09 06:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2013-08-19 18:37 - 2013-07-09 06:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2013-08-19 18:37 - 2013-07-09 06:46 - 01166848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-08-19 18:37 - 2013-07-09 06:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-08-19 18:37 - 2013-07-09 06:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-08-19 18:36 - 2013-07-25 11:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-08-19 18:36 - 2013-07-25 10:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-08-19 18:36 - 2013-07-19 03:58 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-08-19 18:36 - 2013-07-19 03:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-08-19 18:36 - 2013-07-06 08:03 - 01910208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-08-19 18:36 - 2013-06-15 06:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys

==================== One Month Modified Files and Folders =======

2013-09-18 13:11 - 2011-04-16 09:42 - 00000528 _____ C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job
2013-09-18 13:10 - 2013-09-18 13:10 - 00000772 _____ C:\Users\Bianka\Desktop\JRT.txt
2013-09-18 13:03 - 2011-04-16 09:42 - 00000382 _____ C:\Windows\Tasks\SystemToolsDailyTest.job
2013-09-18 12:59 - 2013-07-02 21:04 - 00000000 ___RD C:\Users\Bianka\Dropbox
2013-09-18 12:59 - 2013-07-02 21:02 - 00000000 ____D C:\Users\Bianka\AppData\Roaming\Dropbox
2013-09-18 12:58 - 2013-09-18 12:58 - 00002061 _____ C:\Users\Bianka\Desktop\AdwCleaner[S0].txt
2013-09-18 12:58 - 2013-07-04 07:49 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-09-18 12:38 - 2011-04-16 09:19 - 01175335 _____ C:\Windows\WindowsUpdate.log
2013-09-18 12:38 - 2009-07-14 06:45 - 00020704 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-18 12:38 - 2009-07-14 06:45 - 00020704 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-18 12:31 - 2011-04-16 09:35 - 00000000 ____D C:\ProgramData\NVIDIA
2013-09-18 12:31 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-18 12:31 - 2009-07-14 06:51 - 00069230 _____ C:\Windows\setupact.log
2013-09-18 12:30 - 2013-09-18 12:29 - 00000000 ____D C:\AdwCleaner
2013-09-18 12:19 - 2013-07-04 07:49 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-09-18 12:09 - 2011-04-16 09:36 - 00066338 _____ C:\Windows\PFRO.log
2013-09-18 07:15 - 2013-09-18 07:15 - 00000000 ____D C:\Users\Bianka\AppData\Roaming\Malwarebytes
2013-09-18 07:14 - 2013-09-18 07:14 - 00001124 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-09-18 07:14 - 2013-09-18 07:14 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-09-18 07:14 - 2013-09-18 07:14 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-09-18 07:12 - 2013-09-18 07:12 - 01029675 _____ (Thisisu) C:\Users\Bianka\Desktop\JRT.exe
2013-09-18 07:11 - 2013-09-18 07:11 - 01039554 _____ C:\Users\Bianka\Desktop\adwcleaner.exe
2013-09-17 17:21 - 2013-09-17 16:34 - 00000000 ____D C:\Qoobox
2013-09-17 17:21 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Default
2013-09-17 17:20 - 2013-09-17 17:20 - 00043551 _____ C:\ComboFix.txt
2013-09-17 17:14 - 2013-09-17 16:33 - 00000000 ____D C:\Windows\erdnt
2013-09-17 16:59 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
2013-09-17 16:51 - 2009-07-14 04:34 - 81264640 _____ C:\Windows\system32\config\software.bak
2013-09-17 16:51 - 2009-07-14 04:34 - 16777216 _____ C:\Windows\system32\config\system.bak
2013-09-17 16:51 - 2009-07-14 04:34 - 00524288 _____ C:\Windows\system32\config\default.bak
2013-09-17 16:51 - 2009-07-14 04:34 - 00262144 _____ C:\Windows\system32\config\security.bak
2013-09-17 16:51 - 2009-07-14 04:34 - 00262144 _____ C:\Windows\system32\config\sam.bak
2013-09-17 16:28 - 2013-09-17 16:27 - 05128653 ____R (Swearware) C:\Users\Bianka\Desktop\ComboFix.exe
2013-09-17 10:16 - 2013-09-17 10:16 - 00000000 ____D C:\FRST
2013-09-17 10:15 - 2013-09-17 10:15 - 01950524 _____ (Farbar) C:\Users\Bianka\Desktop\FRST64.exe
2013-09-17 08:37 - 2013-09-17 08:37 - 00000966 _____ C:\cleannavi.txt
2013-09-17 08:37 - 2013-09-17 08:36 - 00000000 ____D C:\Navilog1
2013-09-17 08:36 - 2013-09-17 08:36 - 00000000 ____D C:\Program Files (x86)\Navilog1
2013-09-16 09:52 - 2013-07-05 10:45 - 00000000 ____D C:\Users\Bianka\Documents\My Kindle Content
2013-09-16 09:52 - 2011-04-16 09:31 - 00700630 _____ C:\Windows\system32\perfh007.dat
2013-09-16 09:52 - 2011-04-16 09:31 - 00149394 _____ C:\Windows\system32\perfc007.dat
2013-09-16 09:52 - 2009-07-14 07:13 - 01622100 _____ C:\Windows\system32\PerfStringBackup.INI
2013-09-16 09:48 - 2013-09-16 09:48 - 638305131 _____ C:\Windows\MEMORY.DMP
2013-09-16 09:48 - 2013-09-16 09:48 - 00262144 _____ C:\Windows\Minidump\091613-19188-01.dmp
2013-09-16 09:48 - 2013-09-16 09:48 - 00000000 ____D C:\Windows\Minidump
2013-09-16 07:59 - 2013-07-19 11:31 - 00000000 ____D C:\Users\Bianka\Desktop\Protokoll aktuell
2013-09-13 07:55 - 2013-07-05 11:39 - 00497152 ____H C:\Users\Bianka\Desktop\~WRL0002.tmp
2013-09-13 07:10 - 2013-07-02 14:41 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-09-13 07:10 - 2013-07-02 14:41 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-09-12 06:44 - 2013-07-02 19:20 - 00000000 ___RD C:\Users\Bianka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-09-12 06:44 - 2013-07-02 19:20 - 00000000 ___RD C:\Users\Bianka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-09-12 04:03 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-09-12 03:25 - 2009-07-14 06:45 - 00351120 _____ C:\Windows\system32\FNTCACHE.DAT
2013-09-12 03:07 - 2013-07-16 19:53 - 00000000 ____D C:\Windows\system32\MRT
2013-09-12 03:05 - 2013-07-02 15:16 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-09-12 03:05 - 2013-03-15 07:23 - 79143768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-09-10 15:39 - 2013-09-10 15:39 - 10003360 _____ (TimePunch KG                                                ) C:\Users\Bianka\Downloads\TimePunchONE.exe
2013-09-06 07:43 - 2013-09-06 07:43 - 00867240 _____ (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-09-06 07:43 - 2013-09-06 07:43 - 00789416 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-09-06 07:43 - 2013-09-06 07:43 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-09-06 07:43 - 2013-09-06 07:43 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-09-06 07:43 - 2013-09-06 07:43 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-09-06 07:43 - 2013-09-06 07:43 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-09-06 07:43 - 2013-09-06 07:43 - 00000000 ____D C:\ProgramData\Sun
2013-09-06 07:43 - 2013-09-06 07:43 - 00000000 ____D C:\Program Files (x86)\Java
2013-09-06 07:42 - 2013-09-06 07:40 - 31714728 _____ (Oracle Corporation) C:\Users\Bianka\Downloads\jre-7u25-windows-i586.exe
2013-09-05 18:50 - 2013-09-05 17:32 - 596069350 _____ C:\Users\Bianka\Downloads\onkeltomshuette_crow_1210.zip
2013-08-31 15:28 - 2013-08-26 10:37 - 00000000 ____D C:\Users\Bianka\AppData\Roaming\Bitdefender
2013-08-30 06:58 - 2013-07-17 08:43 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-08-29 11:05 - 2013-08-29 10:58 - 88808360 _____ C:\Users\Bianka\Downloads\bitdefender_pc_2013_v195_32b.exe
2013-08-29 08:05 - 2013-08-29 08:05 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-08-27 19:19 - 2009-07-14 04:34 - 00000478 _____ C:\Windows\win.ini
2013-08-27 18:07 - 2013-08-27 18:07 - 00000385 _____ C:\Users\Bianka\AppData\Roaminguser_gensett.xml
2013-08-27 17:17 - 2013-08-27 17:17 - 00000385 _____ C:\Windows\system32\user_gensett.xml
2013-08-27 17:17 - 2013-08-26 11:33 - 00000000 ____D C:\ProgramData\BDLogging
2013-08-27 16:58 - 2013-08-26 10:15 - 00000000 ____D C:\Program Files\Common Files\Bitdefender
2013-08-27 16:58 - 2013-07-29 08:41 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking
2013-08-27 16:58 - 2013-07-02 20:27 - 00000000 ____D C:\Windows\System32\Tasks\TVT
2013-08-27 16:58 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\registration
2013-08-27 16:58 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\AppCompat
2013-08-27 08:21 - 2013-08-27 08:21 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_avchv_01009.Wdf
2013-08-27 08:21 - 2013-08-27 07:55 - 00253404 ____H C:\bdr-ld01
2013-08-27 08:21 - 2013-08-27 07:55 - 00009216 ____H C:\bdr-ld01.mbr
2013-08-27 08:21 - 2013-08-26 11:33 - 00000684 ____H C:\bdr-cf01
2013-08-27 07:44 - 2013-07-29 08:41 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2013-08-27 07:40 - 2013-08-27 07:37 - 37672592 _____ (Safer-Networking Ltd.                                       ) C:\Users\Bianka\Downloads\spybotsd-2.1.21-SR2.exe
2013-08-27 07:22 - 2013-07-04 07:45 - 00000000 ____D C:\ProgramData\AVAST Software
2013-08-27 07:04 - 2013-07-02 19:19 - 00000000 ____D C:\Users\Bianka
2013-08-27 07:02 - 2013-07-04 07:49 - 00000000 _____ C:\Windows\SysWOW64\config.nt
2013-08-26 11:38 - 2013-08-26 10:22 - 00000000 ____D C:\ProgramData\Bitdefender
2013-08-26 10:37 - 2013-08-26 10:22 - 00000000 ____D C:\Program Files\Bitdefender
2013-08-26 10:21 - 2013-08-26 10:21 - 00000000 ____D C:\Users\Bianka\AppData\Roaming\QuickScan
2013-08-23 14:16 - 2013-08-23 12:57 - 00000000 ____D C:\Users\Bianka\Desktop\Urlaubsfotos Türkei
2013-08-23 12:58 - 2013-07-02 21:02 - 00000000 ____D C:\Users\Bianka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2013-08-19 22:35 - 2013-08-19 22:33 - 00000000 ____D C:\Users\Bianka\Desktop\Download
2013-08-19 22:21 - 2013-08-19 22:10 - 362546197 _____ C:\Users\Bianka\Downloads\Download.zip
2013-08-19 22:00 - 2013-08-19 21:55 - 00000000 ____D C:\Users\Bianka\Desktop\ImageTransfer_2013-08-19_20-36
2013-08-19 20:43 - 2013-08-19 20:37 - 398503283 _____ C:\Users\Bianka\Downloads\ImageTransfer_2013-08-19_20-36.zip

Some content of TEMP:
====================
C:\Users\Bianka\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-09-11 12:59

==================== End Of Log ============================

--- --- ---

--- --- ---

schrauber · 18.09.2013, 15:53

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Downloade Dir bitte

SecurityCheck und:

Speichere es auf dem Desktop.
Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.

Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?

bianka.b · 19.09.2013, 10:38

Also, hier mal die neuesten Logfiles:

Code:

ATTFilter

ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=9008aeeab7369947a7d741032fd76627
# engine=15180
# end=finished
# remove_checked=false
# archives_checked=false
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-09-19 07:21:30
# local_time=2013-09-19 09:21:30 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=1023 16777215 0 0 0 0 0 0
# compatibility_mode=5893 16776574 100 94 2128786 131205140 0 0
# scanned=227235
# found=0
# cleaned=0
# scan_time=7727

Code:

ATTFilter

 Results of screen317's Security Check version 0.99.73  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 10  
``````````````Antivirus/Firewall Check:`````````````` 
Bitdefender Antivirus   
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:````````` 
 Malwarebytes Anti-Malware Version 1.75.0.1300  
 Java 7 Update 25  
 Adobe Flash Player 11.8.800.168  
 Adobe Reader XI  
 Mozilla Firefox (23.0.1) 
 Mozilla Thunderbird (17.0.8) 
 Google Chrome 29.0.1547.62  
 Google Chrome 29.0.1547.66  
````````Process Check: objlist.exe by Laurent````````  
 Malwarebytes Anti-Malware mbamservice.exe  
 Malwarebytes Anti-Malware mbamgui.exe  
 Malwarebytes' Anti-Malware mbamscheduler.exe   
 Bitdefender Bitdefender vsserv.exe  
 Bitdefender Bitdefender bdparentalservice.exe  
 Bitdefender Bitdefender updatesrv.exe  
 Bitdefender Bitdefender SafeBox safeboxservice.exe  
 Bitdefender Bitdefender bdagent.exe  
 Bitdefender Bitdefender pmbxag.exe  
 Bitdefender Bitdefender antispam32 bdapppassmgr.exe 
 Bitdefender Bitdefender BdParentalSysTray.exe  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 16-09-2013
Ran by Bianka (administrator) on THINKPAD on 19-09-2013 09:37:04
Running from C:\Users\Bianka\Desktop
Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\vsserv.exe
(Lenovo.) C:\Windows\system32\ibmpmsvc.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(UPEK Inc.) C:\Program Files\ThinkVantage Fingerprint Software\upeksvr.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Lenovo Group Limited) C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
(Lenovo Group Limited) C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\bdparentalservice.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
(Conexant Systems Inc.) C:\Windows\system32\CxAudMsg64.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe
(Lenovo Group Limited) C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
(Lenovo Group Limited) C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Conexant Systems, Inc.) C:\Windows\SysWOW64\SAsrv.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Ericsson AB) C:\Program Files (x86)\Mobile Broadband drivers\WMCore\mini_WMCore.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe
(Lenovo Group Limited) C:\PROGRA~1\LENOVO\VIRTSCRL\virtscrl.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcDeskBandHlpr.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Lenovo.) C:\Windows\System32\TpShocks.exe
() C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\AutoLock\ALCKRESI.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\bdagent.exe
(Secomba GmbH) C:\Program Files (x86)\Boxcryptor Classic\BoxcryptorClassic.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
(Avanquest Software ) C:\Program Files (x86)\Digital Line Detect\DLG.exe
(Dropbox, Inc.) C:\Users\Bianka\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Ricoh co.,Ltd.) C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Mindjet) C:\Program Files (x86)\Mindjet\MindManager 7\MmReminderService.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\SvcGuiHlpr.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Lenovo Group Limited) C:\PROGRA~1\Lenovo\Zoom\TPSCREX.EXE
(Lenovo Group Limited) C:\PROGRA~1\Lenovo\HOTKEY\TPONSCR.EXE
(Lenovo Group Limited) C:\PROGRA~1\Lenovo\HOTKEY\tpnumlkd.exe
(Lenovo Group Limited) C:\PROGRA~2\ThinkPad\UTILIT~1\SCHTASK.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\BdParentalSysTray.exe
(Lenovo) C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\System Update\SUService.exe
(Lenovo Group Limited) C:\Program Files (x86)\Common Files\Lenovo\tvt_reg_monitor_svc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
() C:\Program Files (x86)\LENOVO\Message Center Plus\MCPLaunch.exe
(Farbar) C:\Users\Bianka\Desktop\FRST64(1).exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2697512 2011-02-17] (Synaptics Incorporated)
HKLM\...\Run: [TpShocks] - C:\Windows\system32\TpShocks.exe [380776 2010-12-09] (Lenovo.)
HKLM\...\Run: [SmartAudio] - C:\Program Files\CONEXANT\SAII\SAIICpl.exe [316032 2011-01-07] (Conexant systems, Inc.)
HKLM\...\Run: [ForteConfig] - C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] ()
HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [LENOVO.TPKNRRES] - C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [41320 2011-02-26] (Lenovo Group Limited)
HKLM\...\Run: [ALCKRESI.EXE] - C:\Program Files\Lenovo\AutoLock\ALCKRESI.EXE [281448 2010-12-17] (Lenovo Group Limited)
HKLM\...\Run: [AcWin7Hlpr] - C:\Program Files (x86)\Lenovo\Access Connections\AcTBenabler.exe [31592 2011-03-08] (Lenovo)
HKLM\...\Run: [nwiz] - C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2041192 2013-02-28] ()
HKLM\...\Run: [Logitech Download Assistant] - C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [Bdagent] - C:\Program Files\Bitdefender\Bitdefender\bdagent.exe [1737944 2013-09-04] (Bitdefender)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\psfus: C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll (UPEK Inc.)
HKCU\...\Run: [BoxcryptorClassic.exe] - C:\Program Files (x86)\Boxcryptor Classic\BoxcryptorClassic.exe [2239744 2013-06-14] (Secomba GmbH)
HKCU\...\Run: [Bitdefender-Geldbörse-Agent] - C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe [554992 2013-09-04] (Bitdefender)
HKCU\...\Run: [Bitdefender-Geldbörse] - C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe [1005632 2013-09-04] (Bitdefender)
HKCU\...\Run: [Bitdefender-Geldbörse-Anwendungs-Agent] - C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe [621448 2013-09-04] (Bitdefender)
HKCU\...\Run: [Snoozer] - C:\Users\Bianka\AppData\Roaming\Snz\Snz.exe [1137764 2013-08-28] ()
HKLM-x32\...\Run: [RotateImage] - C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe [55808 2008-10-31] (Ricoh co.,Ltd.)
HKLM-x32\...\Run: [NUSB3MON] - C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [IMSS] - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [112152 2011-01-17] (Intel Corporation)
HKLM-x32\...\Run: [PWMTRV] - C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL [6002984 2013-06-26] (Lenovo Group Limited)
HKLM-x32\...\Run: [MMReminderService] - C:\Program Files (x86)\Mindjet\MindManager 7\MMReminderService.exe [37392 2007-05-18] (Mindjet)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-05-11] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKU\Default\...\RunOnce: [] - [x]
HKU\Default\...\RunOnce: [Lenovoautoqdrive] - C:\PROGRA~2\Common~1\Lenovo\Lenovo~1\LenovoAutorunreg.exe [159744 2009-03-24] ()
HKU\Default User\...\RunOnce: [] - [x]
HKU\Default User\...\RunOnce: [Lenovoautoqdrive] - C:\PROGRA~2\Common~1\Lenovo\Lenovo~1\LenovoAutorunreg.exe [159744 2009-03-24] ()
AppInit_DLLs: C:\Windows\System32\nvinitx.dll [245872 2013-02-28] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll [201576 2013-02-28] (NVIDIA Corporation)
Lsa: [Notification Packages] scecli C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll
Startup: C:\Users\Bianka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Users\Bianka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Bianka\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
SSODL: EldosMountNotificator-cbfs4 - {59E75156-4875-43BB-B01E-254F782AB820} - C:\Windows\system32\cbfsMntNtf4.dll (EldoS Corporation)
SSODL-x32: EldosMountNotificator-cbfs4 - {59E75156-4875-43BB-B01E-254F782AB820} - C:\Windows\SysWOW64\cbfsMntNtf4.dll (EldoS Corporation)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

ProxyServer: localhost:8080
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com/welcome/thinkpad
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {CE403DA5-2AB4-462D-B794-220F15EDD0F4} URL = 
BHO: Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender\pmbxie.dll (Bitdefender)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: CmjBrowserHelperObject Object - {07A11D74-9D25-4fea-A833-8B0D76A5577A} - C:\Program Files (x86)\Mindjet\MindManager 7\Mm7InternetExplorer.dll (Mindjet)
BHO-x32: Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender\Antispam32\pmbxie.dll (Bitdefender)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: ChromeFrame BHO - {ECB3C477-1A0A-44BD-BB57-78F9EFE34FA7} - C:\Program Files (x86)\Google\Chrome Frame\Application\29.0.1547.76\npchrome_frame.dll (Google Inc.)
Handler: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} -  No File
Handler-x32: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - C:\Program Files (x86)\Google\Chrome Frame\Application\29.0.1547.76\npchrome_frame.dll (Google Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Bianka\AppData\Roaming\Mozilla\Firefox\Profiles\jh7nd2it.default-1374224086910
FF Homepage: hxxp://www.meinauftrag.net
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
FF Plugin-x32: @Bitdefender.com/PasswordManager;version=17.8 - C:\Program Files\Bitdefender\Bitdefender\Antispam32\pmbxnp.dll (Bitdefender)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - C:\Program Files (x86)\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf - C:\Program Files (x86)\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender\bdtbext
FF Extension: No Name - C:\Program Files\Bitdefender\Bitdefender\bdtbext
FF HKLM-x32\...\Firefox\Extensions: [ffpwdman@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender\Antispam32\ffpwdman\
FF Extension: Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender\Antispam32\ffpwdman\
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender\bdtbext
FF Extension: No Name - C:\Program Files\Bitdefender\Bitdefender\bdtbext

Chrome: 
=======
CHR HomePage: hxxp://www.google.com
CHR RestoreOnStartup: 		"urls_to_restore_on_startup": [
CHR Extension: (Docs) - C:\Users\Bianka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.0.0.6_0
CHR Extension: (Google Drive) - C:\Users\Bianka\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0
CHR Extension: (YouTube) - C:\Users\Bianka\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0
CHR Extension: (Google Search) - C:\Users\Bianka\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0
CHR Extension: (OfferMosquito) - C:\Users\Bianka\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbmdkmlcnbapgegninelmjbfibaghdmk\0.5_0
CHR Extension: (Gmail) - C:\Users\Bianka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR HKLM-x32\...\Chrome\Extension: [ccahoghmggldkcdjiebjkidpfongdfbl] - C:\Program Files\Bitdefender\Bitdefender\Antispam32\pmbxcr.crx

==================== Services (Whitelisted) =================

S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2013-07-18] (Adobe Systems)
R2 BdDesktopParental; C:\Program Files\Bitdefender\Bitdefender\bdparentalservice.exe [75584 2013-07-05] (Bitdefender)
S3 DozeSvc; C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE [320576 2013-06-26] (Lenovo.)
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [93032 2010-04-07] (Lenovo Group Limited)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 SafeBox; C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe [94624 2013-07-08] (Bitdefender)
R2 ThinkVantage Registry Monitor Service; C:\Program Files (x86)\Common Files\Lenovo\tvt_reg_monitor_svc.exe [1028096 2010-12-11] (Lenovo Group Limited)
S3 TVT Backup Service; C:\Program Files (x86)\Lenovo\Rescue and Recovery\rrservice.exe [1475896 2010-12-11] (Lenovo Group Limited)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe [67320 2013-09-04] (Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender\vsserv.exe [1505688 2013-09-04] (Bitdefender)
R2 WMCoreService; C:\Program Files (x86)\Mobile Broadband drivers\WMCore\mini_WMCore.exe [584232 2010-12-09] (Ericsson AB)

==================== Drivers (Whitelisted) ====================

R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [727592 2013-07-19] (BitDefender)
R3 avchv; C:\Windows\System32\DRIVERS\avchv.sys [261056 2012-11-02] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [601360 2013-07-19] (BitDefender)
R1 BdfNdisf; c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys [93600 2013-02-22] (BitDefender LLC)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [103504 2011-11-14] (BitDefender LLC)
R1 bdfwfpf_pc; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys [109056 2013-01-29] (BitDefender SRL)
S3 BDSandBox; C:\Windows\system32\drivers\bdsandbox.sys [82824 2013-07-23] (BitDefender SRL)
R1 BDVEDISK; C:\Windows\System32\DRIVERS\bdvedisk.sys [76944 2012-04-17] (BitDefender)
R1 cbfs4; C:\Windows\system32\drivers\cbfs4.sys [385216 2013-06-05] (EldoS Corporation)
S3 ecnssndis; C:\Windows\System32\Drivers\wwuss64.sys [26664 2010-03-03] (Ericsson AB)
S3 ecnssndisfltr; C:\Windows\System32\Drivers\wwussf64.sys [30248 2010-03-03] (Ericsson AB)
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [147232 2012-10-04] (BitDefender LLC)
S3 l36wgps; C:\Windows\System32\DRIVERS\l36wgps64.sys [101416 2010-12-02] (Ericsson AB)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 Mbm3CBus; C:\Windows\System32\DRIVERS\Mbm3CBus.sys [411208 2010-11-01] (MCCI Corporation)
S3 Mbm3DevMt; C:\Windows\System32\DRIVERS\Mbm3DevMt.sys [419912 2010-11-01] (MCCI Corporation)
S3 Mbm3mdfl; C:\Windows\System32\DRIVERS\Mbm3mdfl.sys [19528 2010-11-01] (MCCI Corporation)
S3 Mbm3Mdm; C:\Windows\System32\DRIVERS\Mbm3Mdm.sys [472648 2010-11-01] (MCCI Corporation)
R1 nvkflt; C:\Windows\System32\DRIVERS\nvkflt.sys [284448 2013-02-28] (NVIDIA Corporation)
R1 PHCORE; C:\Program Files\Lenovo\RapidBoot\PHCORE64.SYS [31592 2010-12-03] (Lenovo Group Limited)
S3 pmxdrv; C:\Windows\system32\drivers\pmxdrv.sys [31152 2011-04-16] ()
S3 pmxdrv; C:\Windows\system32\drivers\pmxdrv.sys [31152 2011-04-16] ()
R2 smihlp; C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys [13840 2009-03-13] (UPEK Inc.)
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [382536 2013-05-28] (BitDefender S.R.L.)
R3 TVTI2C; C:\Windows\System32\DRIVERS\Tvti2c.sys [41536 2009-09-24] (Lenovo (United States) Inc.)
R3 vpnpbus; C:\Windows\System32\DRIVERS\vpnpbus.sys [18624 2013-06-05] (EldoS Corporation)
S3 WwanUsbServ; C:\Windows\System32\DRIVERS\WwanUsbMp64.sys [276008 2010-12-29] (Ericsson AB)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
S3 PCDSRVC{127174DC-C366ED8B-06020101}_0; \??\c:\program files\pc-doctor\pcdsrvc_x64.pkms [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-09-19 09:35 - 2013-09-19 09:35 - 01950594 _____ (Farbar) C:\Users\Bianka\Desktop\FRST64(1).exe
2013-09-19 09:33 - 2013-09-19 09:33 - 01950594 _____ (Farbar) C:\Users\Bianka\Downloads\FRST64.exe
2013-09-19 09:31 - 2013-09-19 09:31 - 00001329 _____ C:\Users\Bianka\Desktop\checkup.txt
2013-09-19 07:08 - 2013-09-19 09:21 - 00000703 _____ C:\Users\Bianka\Desktop\ESET.txt
2013-09-18 16:52 - 2013-09-18 16:52 - 00000000 ____D C:\Users\Bianka\Desktop\dt-author-box
2013-09-18 16:45 - 2013-09-18 17:14 - 00000000 ____D C:\Users\Bianka\AppData\Roaming\FileZilla
2013-09-18 16:45 - 2013-09-18 16:45 - 00000000 ____D C:\Users\Bianka\Desktop\FileZilla-3.7.3
2013-09-18 16:44 - 2013-09-18 16:45 - 07241860 _____ C:\Users\Bianka\Downloads\FileZilla_3.7.3_win32.zip
2013-09-18 12:29 - 2013-09-18 12:30 - 00000000 ____D C:\AdwCleaner
2013-09-18 07:15 - 2013-09-18 07:15 - 00000000 ____D C:\Users\Bianka\AppData\Roaming\Malwarebytes
2013-09-18 07:14 - 2013-09-18 07:14 - 00001124 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-09-18 07:14 - 2013-09-18 07:14 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-09-18 07:14 - 2013-09-18 07:14 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-09-18 07:14 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-09-18 07:12 - 2013-09-18 07:12 - 01029675 _____ (Thisisu) C:\Users\Bianka\Desktop\JRT.exe
2013-09-18 07:11 - 2013-09-18 07:11 - 01039554 _____ C:\Users\Bianka\Desktop\adwcleaner.exe
2013-09-17 17:20 - 2013-09-17 17:20 - 00043551 _____ C:\ComboFix.txt
2013-09-17 16:37 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2013-09-17 16:37 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2013-09-17 16:37 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2013-09-17 16:37 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-09-17 16:37 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-09-17 16:37 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2013-09-17 16:37 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2013-09-17 16:37 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2013-09-17 16:34 - 2013-09-17 17:21 - 00000000 ____D C:\Qoobox
2013-09-17 16:33 - 2013-09-17 17:14 - 00000000 ____D C:\Windows\erdnt
2013-09-17 16:27 - 2013-09-17 16:28 - 05128653 ____R (Swearware) C:\Users\Bianka\Desktop\ComboFix.exe
2013-09-17 10:16 - 2013-09-17 10:16 - 00000000 ____D C:\FRST
2013-09-17 08:37 - 2013-09-17 08:37 - 00000966 _____ C:\cleannavi.txt
2013-09-17 08:36 - 2013-09-17 08:37 - 00000000 ____D C:\Navilog1
2013-09-17 08:36 - 2013-09-17 08:36 - 00000000 ____D C:\Program Files (x86)\Navilog1
2013-09-16 09:48 - 2013-09-16 09:48 - 638305131 _____ C:\Windows\MEMORY.DMP
2013-09-16 09:48 - 2013-09-16 09:48 - 00262144 _____ C:\Windows\Minidump\091613-19188-01.dmp
2013-09-16 09:48 - 2013-09-16 09:48 - 00000000 ____D C:\Windows\Minidump
2013-09-12 03:07 - 2013-08-10 07:22 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-09-12 03:07 - 2013-08-10 07:22 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-09-12 03:07 - 2013-08-10 07:22 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-09-12 03:07 - 2013-08-10 07:21 - 19246592 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-09-12 03:07 - 2013-08-10 07:21 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-09-12 03:07 - 2013-08-10 07:21 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-09-12 03:07 - 2013-08-10 07:20 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-09-12 03:07 - 2013-08-10 07:20 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-09-12 03:07 - 2013-08-10 07:20 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-09-12 03:07 - 2013-08-10 07:20 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-09-12 03:07 - 2013-08-10 07:20 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-09-12 03:07 - 2013-08-10 07:20 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-09-12 03:07 - 2013-08-10 07:20 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-09-12 03:07 - 2013-08-10 07:20 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-09-12 03:07 - 2013-08-10 05:59 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-09-12 03:07 - 2013-08-10 05:59 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-09-12 03:07 - 2013-08-10 05:58 - 14332928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-09-12 03:07 - 2013-08-10 05:58 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-09-12 03:07 - 2013-08-10 05:58 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-09-12 03:07 - 2013-08-10 05:58 - 02048000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-09-12 03:07 - 2013-08-10 05:58 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-09-12 03:07 - 2013-08-10 05:58 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-09-12 03:07 - 2013-08-10 05:58 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-09-12 03:07 - 2013-08-10 05:58 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-09-12 03:07 - 2013-08-10 05:58 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-09-12 03:07 - 2013-08-10 05:58 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-09-12 03:07 - 2013-08-10 05:58 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-09-12 03:07 - 2013-08-10 05:17 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-09-12 03:07 - 2013-08-10 05:07 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-09-12 03:07 - 2013-08-10 04:27 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-09-12 03:07 - 2013-08-10 04:17 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-09-11 21:52 - 2013-08-05 04:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2013-09-11 21:48 - 2013-08-02 04:23 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-09-11 21:48 - 2013-08-02 04:15 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-09-11 21:48 - 2013-08-02 04:15 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2013-09-11 21:48 - 2013-08-02 04:15 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-09-11 21:48 - 2013-08-02 04:15 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2013-09-11 21:48 - 2013-08-02 04:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2013-09-11 21:48 - 2013-08-02 04:14 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2013-09-11 21:48 - 2013-08-02 04:13 - 01161216 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2013-09-11 21:48 - 2013-08-02 04:13 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2013-09-11 21:48 - 2013-08-02 04:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2013-09-11 21:48 - 2013-08-02 04:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2013-09-11 21:48 - 2013-08-02 04:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 04:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 03:59 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-09-11 21:48 - 2013-08-02 03:59 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-09-11 21:48 - 2013-08-02 03:51 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-09-11 21:48 - 2013-08-02 03:50 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2013-09-11 21:48 - 2013-08-02 03:50 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2013-09-11 21:48 - 2013-08-02 03:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-09-11 21:48 - 2013-08-02 03:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2013-09-11 21:48 - 2013-08-02 03:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 03:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 03:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2013-09-11 21:48 - 2013-08-02 02:59 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2013-09-11 21:48 - 2013-08-02 02:45 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-09-11 21:48 - 2013-08-02 02:45 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-09-11 21:48 - 2013-08-02 02:45 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-09-11 21:48 - 2013-08-02 02:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-09-11 21:48 - 2013-08-02 02:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 02:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 02:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-09-11 21:48 - 2013-08-02 02:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2013-09-11 21:36 - 2013-07-26 04:24 - 14172672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2013-09-11 21:36 - 2013-07-26 04:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2013-09-11 21:36 - 2013-07-26 03:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2013-09-11 21:36 - 2013-07-26 03:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2013-09-11 20:46 - 2013-08-08 03:20 - 03155456 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-09-10 15:39 - 2013-09-10 15:39 - 10003360 _____ (TimePunch KG                                                ) C:\Users\Bianka\Downloads\TimePunchONE.exe
2013-09-06 07:43 - 2013-09-06 07:43 - 00867240 _____ (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-09-06 07:43 - 2013-09-06 07:43 - 00789416 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-09-06 07:43 - 2013-09-06 07:43 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-09-06 07:43 - 2013-09-06 07:43 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-09-06 07:43 - 2013-09-06 07:43 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-09-06 07:43 - 2013-09-06 07:43 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-09-06 07:43 - 2013-09-06 07:43 - 00000000 ____D C:\ProgramData\Sun
2013-09-06 07:43 - 2013-09-06 07:43 - 00000000 ____D C:\Program Files (x86)\Java
2013-09-06 07:40 - 2013-09-06 07:42 - 31714728 _____ (Oracle Corporation) C:\Users\Bianka\Downloads\jre-7u25-windows-i586.exe
2013-09-05 17:32 - 2013-09-05 18:50 - 596069350 _____ C:\Users\Bianka\Downloads\onkeltomshuette_crow_1210.zip
2013-08-29 10:58 - 2013-08-29 11:05 - 88808360 _____ C:\Users\Bianka\Downloads\bitdefender_pc_2013_v195_32b.exe
2013-08-29 08:05 - 2013-08-29 08:05 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-08-27 18:07 - 2013-08-27 18:07 - 00000385 _____ C:\Users\Bianka\AppData\Roaminguser_gensett.xml
2013-08-27 17:17 - 2013-08-27 17:17 - 00000385 _____ C:\Windows\system32\user_gensett.xml
2013-08-27 08:21 - 2013-08-27 08:21 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_avchv_01009.Wdf
2013-08-27 08:21 - 2012-04-17 14:34 - 00076944 _____ (BitDefender) C:\Windows\system32\Drivers\bdvedisk.sys
2013-08-27 08:20 - 2013-07-23 16:50 - 00082824 _____ (BitDefender SRL) C:\Windows\system32\Drivers\bdsandbox.sys
2013-08-27 08:20 - 2013-07-19 18:08 - 00601360 _____ (BitDefender) C:\Windows\system32\Drivers\avckf.sys
2013-08-27 08:20 - 2013-07-19 18:04 - 00727592 _____ (BitDefender) C:\Windows\system32\Drivers\avc3.sys
2013-08-27 08:20 - 2013-02-22 19:46 - 00093600 _____ (BitDefender LLC) C:\Windows\system32\Drivers\BdfNdisf6.sys
2013-08-27 08:20 - 2012-11-02 14:17 - 00261056 _____ (BitDefender) C:\Windows\system32\Drivers\avchv.sys
2013-08-27 08:20 - 2007-04-11 11:11 - 00511328 _____ (Microsoft Corporation) C:\Windows\capicom.dll
2013-08-27 07:55 - 2013-08-27 08:21 - 00253404 ____H C:\bdr-ld01
2013-08-27 07:55 - 2013-08-27 08:21 - 00009216 ____H C:\bdr-ld01.mbr
2013-08-27 07:55 - 2013-06-25 18:20 - 38518480 ____H C:\bdr-im01.gz
2013-08-27 07:55 - 2012-08-15 15:28 - 02510608 ____H C:\bdr-bz01
2013-08-27 07:47 - 2013-05-28 12:12 - 00382536 _____ (BitDefender S.R.L.) C:\Windows\system32\Drivers\trufos.sys
2013-08-27 07:47 - 2012-10-04 14:30 - 00147232 _____ (BitDefender LLC) C:\Windows\system32\Drivers\gzflt.sys
2013-08-27 07:37 - 2013-08-27 07:40 - 37672592 _____ (Safer-Networking Ltd.                                       ) C:\Users\Bianka\Downloads\spybotsd-2.1.21-SR2.exe
2013-08-26 11:33 - 2013-08-27 17:17 - 00000000 ____D C:\ProgramData\BDLogging
2013-08-26 11:33 - 2013-08-27 08:21 - 00000684 ____H C:\bdr-cf01
2013-08-26 10:37 - 2013-08-31 15:28 - 00000000 ____D C:\Users\Bianka\AppData\Roaming\Bitdefender
2013-08-26 10:22 - 2013-08-26 11:38 - 00000000 ____D C:\ProgramData\Bitdefender
2013-08-26 10:22 - 2013-08-26 10:37 - 00000000 ____D C:\Program Files\Bitdefender
2013-08-26 10:21 - 2013-08-26 10:21 - 00000000 ____D C:\Users\Bianka\AppData\Roaming\QuickScan
2013-08-26 10:15 - 2013-08-27 16:58 - 00000000 ____D C:\Program Files\Common Files\Bitdefender
2013-08-23 12:57 - 2013-08-23 14:16 - 00000000 ____D C:\Users\Bianka\Desktop\Urlaubsfotos Türkei

==================== One Month Modified Files and Folders =======

2013-09-19 09:36 - 2013-08-19 20:37 - 400053907 _____ C:\Users\Bianka\Downloads\ImageTransfer_2013-08-19_20-36.zip
2013-09-19 09:35 - 2013-09-19 09:35 - 01950594 _____ (Farbar) C:\Users\Bianka\Desktop\FRST64(1).exe
2013-09-19 09:33 - 2013-09-19 09:33 - 01950594 _____ (Farbar) C:\Users\Bianka\Downloads\FRST64.exe
2013-09-19 09:32 - 2011-04-16 09:42 - 00000528 _____ C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job
2013-09-19 09:31 - 2013-09-19 09:31 - 00001329 _____ C:\Users\Bianka\Desktop\checkup.txt
2013-09-19 09:25 - 2011-04-16 09:42 - 00000382 _____ C:\Windows\Tasks\SystemToolsDailyTest.job
2013-09-19 09:21 - 2013-09-19 07:08 - 00000703 _____ C:\Users\Bianka\Desktop\ESET.txt
2013-09-19 09:21 - 2013-07-02 21:02 - 00000000 ____D C:\Users\Bianka\AppData\Roaming\Dropbox
2013-09-19 09:19 - 2013-07-04 07:49 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-09-19 08:19 - 2013-07-04 07:49 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-09-19 07:59 - 2011-04-16 09:19 - 01213678 _____ C:\Windows\WindowsUpdate.log
2013-09-19 07:10 - 2009-07-14 06:45 - 00020704 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-19 07:10 - 2009-07-14 06:45 - 00020704 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-19 07:02 - 2013-07-02 21:04 - 00000000 ___RD C:\Users\Bianka\Dropbox
2013-09-19 06:59 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-19 06:58 - 2011-04-16 09:35 - 00000000 ____D C:\ProgramData\NVIDIA
2013-09-19 06:58 - 2009-07-14 06:51 - 00069286 _____ C:\Windows\setupact.log
2013-09-18 17:14 - 2013-09-18 16:45 - 00000000 ____D C:\Users\Bianka\AppData\Roaming\FileZilla
2013-09-18 16:52 - 2013-09-18 16:52 - 00000000 ____D C:\Users\Bianka\Desktop\dt-author-box
2013-09-18 16:45 - 2013-09-18 16:45 - 00000000 ____D C:\Users\Bianka\Desktop\FileZilla-3.7.3
2013-09-18 16:45 - 2013-09-18 16:44 - 07241860 _____ C:\Users\Bianka\Downloads\FileZilla_3.7.3_win32.zip
2013-09-18 12:30 - 2013-09-18 12:29 - 00000000 ____D C:\AdwCleaner
2013-09-18 12:30 - 2013-07-10 17:36 - 00000000 ____D C:\Users\Bianka\AppData\Roaming\Common
2013-09-18 12:09 - 2011-04-16 09:36 - 00066338 _____ C:\Windows\PFRO.log
2013-09-18 07:15 - 2013-09-18 07:15 - 00000000 ____D C:\Users\Bianka\AppData\Roaming\Malwarebytes
2013-09-18 07:14 - 2013-09-18 07:14 - 00001124 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-09-18 07:14 - 2013-09-18 07:14 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-09-18 07:14 - 2013-09-18 07:14 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-09-18 07:12 - 2013-09-18 07:12 - 01029675 _____ (Thisisu) C:\Users\Bianka\Desktop\JRT.exe
2013-09-18 07:11 - 2013-09-18 07:11 - 01039554 _____ C:\Users\Bianka\Desktop\adwcleaner.exe
2013-09-17 17:21 - 2013-09-17 16:34 - 00000000 ____D C:\Qoobox
2013-09-17 17:21 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Default
2013-09-17 17:20 - 2013-09-17 17:20 - 00043551 _____ C:\ComboFix.txt
2013-09-17 17:14 - 2013-09-17 16:33 - 00000000 ____D C:\Windows\erdnt
2013-09-17 16:59 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
2013-09-17 16:51 - 2009-07-14 04:34 - 81264640 _____ C:\Windows\system32\config\software.bak
2013-09-17 16:51 - 2009-07-14 04:34 - 16777216 _____ C:\Windows\system32\config\system.bak
2013-09-17 16:51 - 2009-07-14 04:34 - 00524288 _____ C:\Windows\system32\config\default.bak
2013-09-17 16:51 - 2009-07-14 04:34 - 00262144 _____ C:\Windows\system32\config\security.bak
2013-09-17 16:51 - 2009-07-14 04:34 - 00262144 _____ C:\Windows\system32\config\sam.bak
2013-09-17 16:28 - 2013-09-17 16:27 - 05128653 ____R (Swearware) C:\Users\Bianka\Desktop\ComboFix.exe
2013-09-17 10:16 - 2013-09-17 10:16 - 00000000 ____D C:\FRST
2013-09-17 08:37 - 2013-09-17 08:37 - 00000966 _____ C:\cleannavi.txt
2013-09-17 08:37 - 2013-09-17 08:36 - 00000000 ____D C:\Navilog1
2013-09-17 08:36 - 2013-09-17 08:36 - 00000000 ____D C:\Program Files (x86)\Navilog1
2013-09-16 09:52 - 2013-07-05 10:45 - 00000000 ____D C:\Users\Bianka\Documents\My Kindle Content
2013-09-16 09:52 - 2011-04-16 09:31 - 00700630 _____ C:\Windows\system32\perfh007.dat
2013-09-16 09:52 - 2011-04-16 09:31 - 00149394 _____ C:\Windows\system32\perfc007.dat
2013-09-16 09:52 - 2009-07-14 07:13 - 01622100 _____ C:\Windows\system32\PerfStringBackup.INI
2013-09-16 09:48 - 2013-09-16 09:48 - 638305131 _____ C:\Windows\MEMORY.DMP
2013-09-16 09:48 - 2013-09-16 09:48 - 00262144 _____ C:\Windows\Minidump\091613-19188-01.dmp
2013-09-16 09:48 - 2013-09-16 09:48 - 00000000 ____D C:\Windows\Minidump
2013-09-16 07:59 - 2013-07-19 11:31 - 00000000 ____D C:\Users\Bianka\Desktop\Protokoll aktuell
2013-09-13 07:55 - 2013-07-05 11:39 - 00497152 ____H C:\Users\Bianka\Desktop\~WRL0002.tmp
2013-09-13 07:10 - 2013-07-02 14:41 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-09-13 07:10 - 2013-07-02 14:41 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-09-12 06:44 - 2013-07-02 19:20 - 00000000 ___RD C:\Users\Bianka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-09-12 06:44 - 2013-07-02 19:20 - 00000000 ___RD C:\Users\Bianka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-09-12 04:03 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-09-12 03:25 - 2009-07-14 06:45 - 00351120 _____ C:\Windows\system32\FNTCACHE.DAT
2013-09-12 03:07 - 2013-07-16 19:53 - 00000000 ____D C:\Windows\system32\MRT
2013-09-12 03:05 - 2013-07-02 15:16 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-09-12 03:05 - 2013-03-15 07:23 - 79143768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-09-10 15:39 - 2013-09-10 15:39 - 10003360 _____ (TimePunch KG                                                ) C:\Users\Bianka\Downloads\TimePunchONE.exe
2013-09-06 07:43 - 2013-09-06 07:43 - 00867240 _____ (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-09-06 07:43 - 2013-09-06 07:43 - 00789416 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-09-06 07:43 - 2013-09-06 07:43 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-09-06 07:43 - 2013-09-06 07:43 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-09-06 07:43 - 2013-09-06 07:43 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-09-06 07:43 - 2013-09-06 07:43 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-09-06 07:43 - 2013-09-06 07:43 - 00000000 ____D C:\ProgramData\Sun
2013-09-06 07:43 - 2013-09-06 07:43 - 00000000 ____D C:\Program Files (x86)\Java
2013-09-06 07:42 - 2013-09-06 07:40 - 31714728 _____ (Oracle Corporation) C:\Users\Bianka\Downloads\jre-7u25-windows-i586.exe
2013-09-05 18:50 - 2013-09-05 17:32 - 596069350 _____ C:\Users\Bianka\Downloads\onkeltomshuette_crow_1210.zip
2013-08-31 15:28 - 2013-08-26 10:37 - 00000000 ____D C:\Users\Bianka\AppData\Roaming\Bitdefender
2013-08-30 06:58 - 2013-07-17 08:43 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-08-29 11:05 - 2013-08-29 10:58 - 88808360 _____ C:\Users\Bianka\Downloads\bitdefender_pc_2013_v195_32b.exe
2013-08-29 08:05 - 2013-08-29 08:05 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-08-27 19:19 - 2009-07-14 04:34 - 00000478 _____ C:\Windows\win.ini
2013-08-27 18:07 - 2013-08-27 18:07 - 00000385 _____ C:\Users\Bianka\AppData\Roaminguser_gensett.xml
2013-08-27 17:17 - 2013-08-27 17:17 - 00000385 _____ C:\Windows\system32\user_gensett.xml
2013-08-27 17:17 - 2013-08-26 11:33 - 00000000 ____D C:\ProgramData\BDLogging
2013-08-27 16:58 - 2013-08-26 10:15 - 00000000 ____D C:\Program Files\Common Files\Bitdefender
2013-08-27 16:58 - 2013-07-29 08:41 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking
2013-08-27 16:58 - 2013-07-02 20:27 - 00000000 ____D C:\Windows\System32\Tasks\TVT
2013-08-27 16:58 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\registration
2013-08-27 16:58 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\AppCompat
2013-08-27 08:21 - 2013-08-27 08:21 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_avchv_01009.Wdf
2013-08-27 08:21 - 2013-08-27 07:55 - 00253404 ____H C:\bdr-ld01
2013-08-27 08:21 - 2013-08-27 07:55 - 00009216 ____H C:\bdr-ld01.mbr
2013-08-27 08:21 - 2013-08-26 11:33 - 00000684 ____H C:\bdr-cf01
2013-08-27 07:44 - 2013-07-29 08:41 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2013-08-27 07:40 - 2013-08-27 07:37 - 37672592 _____ (Safer-Networking Ltd.                                       ) C:\Users\Bianka\Downloads\spybotsd-2.1.21-SR2.exe
2013-08-27 07:22 - 2013-07-04 07:45 - 00000000 ____D C:\ProgramData\AVAST Software
2013-08-27 07:04 - 2013-07-02 19:19 - 00000000 ____D C:\Users\Bianka
2013-08-27 07:02 - 2013-07-04 07:49 - 00000000 _____ C:\Windows\SysWOW64\config.nt
2013-08-26 11:38 - 2013-08-26 10:22 - 00000000 ____D C:\ProgramData\Bitdefender
2013-08-26 10:37 - 2013-08-26 10:22 - 00000000 ____D C:\Program Files\Bitdefender
2013-08-26 10:21 - 2013-08-26 10:21 - 00000000 ____D C:\Users\Bianka\AppData\Roaming\QuickScan
2013-08-23 14:16 - 2013-08-23 12:57 - 00000000 ____D C:\Users\Bianka\Desktop\Urlaubsfotos Türkei
2013-08-23 12:58 - 2013-07-02 21:02 - 00000000 ____D C:\Users\Bianka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox

Some content of TEMP:
====================
C:\Users\Bianka\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-09-11 12:59

==================== End Of Log ============================

--- --- ---

Ich werd mal im Laufe des Tages beobachten, ob das Problem noch mal auftaucht. Im Moment schaut es gut aus.

Und was genau war nun eigentlich das Problem? Und wo kam es her? Und was kann ich machen, damit es nicht wiederkommt?

Vielen Dank einstweilen schon mal

Bianka

schrauber · 19.09.2013, 16:47

Aufpassen beim Download undbeim Surfen, und wenn Du was installierst immer benutzerdefiniert.

Fertig

Die Reihenfolge ist hier entscheidend.

Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
- Windowstaste + R > Combofix /Uninstall (eingeben) > OK
- Alternative: Combofix.exe in uninstall.exe umbenennen und starten
- Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
Downloade Dir bitte auf jeden Fall DelFix auf deinen Desktop:
- Schließe alle offenen Programme.
- Starte die delfix.exe mit einem Doppelklick.
- Setze vor jede Funktion ein Häkchen.
- Klicke auf Start.
- Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
- Starte deinen Rechner abschließend neu.
Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.

Hier noch ein paar Tipps zur Absicherung deines Systems.

Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.

Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
Windows Updates
- Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
- Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
Gehe sicher das die automatischen Updates aktiviert sind.
Software Updates
Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.

Anti- Viren Software

Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.

Zusätzlicher Schutz

MalwareBytes Anti Malware
Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
Ein Tutorial zur Verwendung findest Du hier.
WinPatrol
Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.

Sicheres Browsen

SpywareBlaster
Eine kurze Einführung findest du Hier
MVPs hosts file
Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
WOT (Web of trust)
Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.

Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.

Opera
Mozilla Firefox.
- Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
- NoScript
  Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
- AdblockPlus
  Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
  Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )

Don'ts

Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe

Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.

bianka.b · 20.09.2013, 09:44

Die PopUps sind weg - und bleiben es hoffentlich auch! Das Thema ist damit erledigt und kann geschlossen werden.

Vielen herzlichen Dank nochmal!

Das war ganz tolle Arbeit!

Liebe Grüße,
Bianka

schrauber · 20.09.2013, 15:20

Gern Geschehen

20.09.2013, 15:20	#12
schrauber /// the machine /// TB-Ausbilder	Virus in Form von Werbe-PopUps? Gern Geschehen __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

Virus in Form von Werbe-PopUps?

Plagegeister aller Art und deren Bekämpfung: Virus in Form von Werbe-PopUps?