Windows 7 : Avg melded Tojaner: dropper.generik8.CLXE und kann ihn nicht entfernen

schrauber · 19.11.2013, 10:38

Die kommt jetzt immer noch?

Den Ordner haben wir mit dem letzten Fix erfolgreich gekillt.

Zitat:

C:\ProgramData\BitGuard => Moved successfully.

AVG will mich ärgern

Poste ein frisches FRST log bitte.

mariomon11 · 19.11.2013, 15:45

bitte sehr, das

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 18-11-2013
Ran by Kiwi (administrator) on GAMER-PC on 19-11-2013 15:40:47
Running from C:\Users\Kiwi\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgfws.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
(Conexant Systems Inc.) C:\Windows\system32\CxAudMsg64.exe
(Lenovo (Beijing) Limited) C:\Program Files\Lenovo\Instant Reset\DamageGuardSvc.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\PSIA.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgrsa.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.1.2\ToolbarUpdater.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
() C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.1.2\loggingserver.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
() C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe
(Samsung Electronics) C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
(Spotify Ltd) C:\Users\Kiwi\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Nexon Korea Corp.) C:\Nexon\NexonPlug\NexonPlug.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
() C:\Program Files\Rainmeter\Rainmeter.exe
( ) C:\Program Files (x86)\LockKey\LockKey.exe
(CyberLink) C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe
(Vimicro) C:\Program Files (x86)\USB Camera\VM331_STI.EXE
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(Lenovo) C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
(cyberlink) C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
() C:\Program Files (x86)\Trust Gaming Mouse\Mouse.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe
() C:\Program Files (x86)\AVG Secure Search\vprot.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BtStackServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Microsoft Corporation) C:\Windows\system32\msiexec.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\Bluetooth Headset Helper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(ppy) C:\Program Files (x86)\osu!\osu!.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security Scan\Engine\4.0.3.24\NSS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(McAfee, Inc.) c:\PROGRA~2\mcafee\SITEAD~1\saui.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(Farbar) C:\Users\Kiwi\Desktop\FRST64 (3).exe
(McAfee, Inc.) c:\PROGRA~2\mcafee\SITEAD~1\saUpd.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [cAudioFilterAgent] - C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe [564352 2011-12-15] (Conexant Systems, Inc.)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2867984 2011-12-22] (Synaptics Incorporated)
HKLM\...\Run: [Energy Management] - C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [8079408 2012-05-21] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] - C:\Program Files (x86)\Lenovo\Energy Management\utility.exe [6199128 2012-05-21] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo EE Boot Optimizer] - C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe [206176 2012-05-21] (Lenovo)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [472984 2013-09-25] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [Pando Media Booster] - C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [3093624 2013-01-01] ()
HKCU\...\Run: [Steam] - C:\Program Files (x86)\Steam\Steam.exe [1820584 2013-10-30] (Valve Corporation)
HKCU\...\Run: [KiesPreload] - C:\Program Files (x86)\Samsung\Kies\Kies.exe [1476104 2012-12-20] (Samsung)
HKCU\...\Run: [KiesAirMessage] - C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe [578560 2012-12-18] (Samsung Electronics)
HKCU\...\Run: [] - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [844296 2012-12-20] (Samsung)
HKCU\...\Run: [Spotify] - C:\Users\Kiwi\AppData\Roaming\Spotify\spotify.exe [4643328 2013-06-23] (Spotify Ltd)
HKCU\...\Run: [Spotify Web Helper] - C:\Users\Kiwi\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1104384 2013-06-23] (Spotify Ltd)
HKCU\...\Run: [NexonPlug] - C:\Nexon\NexonPlug\NexonPlug.exe [2120024 2013-10-16] (Nexon Korea Corp.)
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20549280 2013-10-21] (Skype Technologies S.A.)
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-11-29] (Intel Corporation)
HKLM-x32\...\Run: [USB3MON] - C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-27] (Intel Corporation)
HKLM-x32\...\Run: [LockKey] - C:\Program Files (x86)\LockKey\LockKey.exe [337776 2011-08-25] ( )
HKLM-x32\...\Run: [Dolby Advanced Audio v2] - C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [507744 2011-12-20] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [331BigDog] - C:\Program Files (x86)\USB Camera\VM331_STI.EXE [548864 2011-11-24] (Vimicro)
HKLM-x32\...\Run: [YouCam Mirage] - C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [136488 2011-01-28] (CyberLink)
HKLM-x32\...\Run: [YouCam Tray] - C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe [228448 2011-01-28] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateP2GShortCut] - C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2010-07-26] (CyberLink Corp.)
HKLM-x32\...\Run: [VeriFaceManager] - C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe [329056 2012-05-21] (Lenovo)
HKLM-x32\...\Run: [RemoteControl10] - C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe [87336 2010-02-02] (CyberLink Corp.)
HKLM-x32\...\Run: [BDRegion] - C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [75048 2011-09-28] (cyberlink)
HKLM-x32\...\Run: [UpdatePRCShortCut] - C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe [222504 2009-05-13] (CyberLink Corp.)
HKLM-x32\...\Run: [Trust Gaming Mouse] - C:\Program Files (x86)\Trust Gaming Mouse\Mouse.exe [2245632 2011-01-17] ()
HKLM-x32\...\Run: [TQ566808] - "F:\Setup.exe"
HKLM-x32\...\Run: [KiesTrayAgent] - C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [310280 2012-12-20] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [AVG_UI] - C:\Program Files (x86)\AVG\AVG2014\avgui.exe [4908592 2013-10-07] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [vProt] - C:\Program Files (x86)\AVG Secure Search\vprot.exe [2420248 2013-11-14] ()
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-09-05] (Adobe Systems Incorporated)
HKU\Default\...\RunOnce: [Lenovo.ShowBand] - C:\Program Files\Lenovo\SimpleTap DeskBand\ShowBand.exe [52584 2013-08-08] (Lenovo)
HKU\Default User\...\RunOnce: [Lenovo.ShowBand] - C:\SWTOOLS\SimpleTap DeskBand\ShowBand.exe /show
HKU\UpdatusUser\...\Run: [Power2GoExpress] - NA
AppInit_DLLs: C:\ProgramData\BitGuard\2.7.1769.27\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\loader.dll [1952224 2013-10-22] ()
Lsa: [Notification Packages] scecli C:\Program Files\Lenovo\Bluetooth Software\BtwProximityCP.dll
Startup: C:\Users\Kiwi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk
ShortcutTarget: OpenOffice.org 3.2.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
Startup: C:\Users\Kiwi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk
ShortcutTarget: Rainmeter.lnk -> C:\Program Files\Rainmeter\Rainmeter.exe ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.nexon.com
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=LENN&bmod=LENN
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo.msn.com
HKLM\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo.msn.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/
URLSearchHook: HKCU - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
URLSearchHook: HKCU - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - DefaultScope {0633ee93-d776-472f-a0ff-e1416b8b2e3a} URL = hxxp://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll No File
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM-x32 - No Name - {95B7759C-8C7F-4BF1-B163-73684A933233} -  No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

Chrome: 
=======
CHR HomePage: hxxp://www.google.com/
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (AVG SiteSafety plugin) - C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\15.2.0\\npsitesafety.dll (AVG Technologies)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File
CHR Plugin: (Intel\u00AE Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel\u00AE Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (Java(TM) Platform SE 7 U10) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll No File
CHR Plugin: (McAfee SiteAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
CHR Plugin: (Pando Web Plugin) - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.100.18) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll No File
CHR Extension: (SiteAdvisor) - C:\Users\Kiwi\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.6.2.1341_1
CHR Extension: (Google Docs) - C:\Users\Kiwi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\Kiwi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\Kiwi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Adblock Plus) - C:\Users\Kiwi\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.6.1_0
CHR Extension: (Google Search) - C:\Users\Kiwi\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (FrankerFaceZ) - C:\Users\Kiwi\AppData\Local\Google\Chrome\User Data\Default\Extensions\fadndhdgpmmaapbmfcknlfgcflmmmieb\1.40_0
CHR Extension: (SiteAdvisor) - C:\Users\Kiwi\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.6.2.1341_1
CHR Extension: (Auto Replay for YouTube) - C:\Users\Kiwi\AppData\Local\Google\Chrome\User Data\Default\Extensions\kanbnempkjnhadplbfgdaagijdbdbjeb\1.9.28_0
CHR Extension: (Auto HD For YouTube\u2122) - C:\Users\Kiwi\AppData\Local\Google\Chrome\User Data\Default\Extensions\koiaokdomkpjdgniimnkhgbilbjgpeak\5.24_0
CHR Extension: (AVG Secure Search) - C:\Users\Kiwi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\17.1.2.1_0
CHR Extension: (Pokemon Red) - C:\Users\Kiwi\AppData\Local\Google\Chrome\User Data\Default\Extensions\njkgicmllgmdcfmfpjmkaoepfikefmlh\1_0
CHR Extension: (Google Wallet) - C:\Users\Kiwi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0
CHR Extension: (Gmail) - C:\Users\Kiwi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx
CHR HKLM-x32\...\Chrome\Extension: [ndibdjnfmopecpmkdieinmbadjfpblof] - C:\ProgramData\AVG Secure Search\ChromeExt\17.1.2.1\avg.crx

==================== Services (Whitelisted) =================

R2 avgfws; C:\Program Files (x86)\AVG\AVG2014\avgfws.exe [1358944 2013-09-25] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3538480 2013-10-03] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [301152 2013-09-25] (AVG Technologies CZ, s.r.o.)
R2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [945440 2012-02-01] (Broadcom Corporation.)
S2 CLKMSVC10_3A60B698; C:\Program Files (x86)\Lenovo\PowerDVD10\NavFilter\kmsvc.exe [241648 2011-04-20] (CyberLink)
R2 DamageGuardSvc; C:\Program Files\Lenovo\Instant Reset\DamageGuardSvc.exe [572976 2012-02-13] (Lenovo (Beijing) Limited)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-28] (Intel Corporation)
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [30184 2013-08-08] ()
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe [101048 2011-02-16] (McAfee, Inc.)
S3 npggsvc; C:\Windows\SysWow64\GameMon.des [5127200 2013-05-26] (INCA Internet Co., Ltd.)
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1228504 2013-11-04] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [660184 2013-11-04] (Secunia)
R2 vToolbarUpdater17.1.2; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.1.2\ToolbarUpdater.exe [1734680 2013-11-14] (AVG Secure Search)

==================== Drivers (Whitelisted) ====================

S3 ActionReplayDS; C:\Windows\System32\Drivers\ActionReplayDS_x64.sys [51600 2007-02-08] (Thesycon GmbH, Germany)
R1 aswKbd; C:\Windows\System32\Drivers\aswKbd.sys [22600 2013-03-21] (AVAST Software)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [147768 2013-09-25] (AVG Technologies CZ, s.r.o.)
R1 Avgfwfd; C:\Windows\System32\DRIVERS\avgfwd6a.sys [57144 2013-11-03] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [246072 2013-05-04] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [71480 2013-05-04] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [206136 2013-05-04] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [311096 2013-05-04] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [116536 2013-05-04] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [45880 2013-05-04] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [239416 2013-05-04] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [46368 2013-11-14] (AVG Technologies)
R3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [134696 2012-02-02] (Broadcom Corporation.)
R1 DamageGuard; C:\Windows\System32\DRIVERS\DamageGuardX64.sys [217392 2012-02-10] (Lenovo)
R1 dgFltr; C:\Windows\System32\drivers\dgFltrX64.sys [23648 2011-12-13] (Lenovo)
R3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-11-04] (Secunia)
R3 vm331avs; C:\Windows\System32\Drivers\vm331avs.sys [952832 2011-12-06] (Vimicro Corporation)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
U3 BcmSqlStartupSvc; 
U2 CLKMSVC10_C3B3B687; 
U2 DriverService; 
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [x]
U2 iATAgentService; 
U2 idealife Update Service; 
U3 IGRS; 
U2 IviRegMgr; 
U2 Oasis2Service; 
U2 PCCarerService; 
U2 ReadyComm.DirectRouter; 
U2 RichVideo; 
U2 RtLedService; 
U2 SeaPort; 
U2 SoftwareService; 
U3 SQLWriter; 

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-11-19 15:40 - 2013-11-19 15:40 - 00024532 _____ C:\Users\Kiwi\Desktop\FRST.txt
2013-11-19 15:39 - 2013-11-19 15:39 - 01957964 _____ (Farbar) C:\Users\Kiwi\Desktop\FRST64 (3).exe
2013-11-19 15:37 - 2013-11-19 15:37 - 00003630 _____ C:\Windows\System32\Tasks\Norton Security Scan for Kiwi
2013-11-19 15:37 - 2013-11-19 15:37 - 00000474 ____H C:\Windows\Tasks\Norton Security Scan for Kiwi.job
2013-11-19 15:37 - 2013-11-19 15:37 - 00000000 ____D C:\Windows\system32\Drivers\NSSx64
2013-11-19 15:37 - 2013-11-19 15:37 - 00000000 ____D C:\ProgramData\Symantec
2013-11-19 15:37 - 2013-11-19 15:37 - 00000000 ____D C:\ProgramData\Norton
2013-11-19 15:37 - 2013-11-19 15:37 - 00000000 ____D C:\Program Files (x86)\Norton Security Scan
2013-11-19 15:35 - 2013-11-19 15:35 - 00000020 ___SH C:\Users\TEMP\ntuser.ini
2013-11-19 15:35 - 2013-11-19 15:35 - 00000000 _SHDL C:\Users\TEMP\Vorlagen
2013-11-19 15:35 - 2013-11-19 15:35 - 00000000 _SHDL C:\Users\TEMP\Startmenü
2013-11-19 15:35 - 2013-11-19 15:35 - 00000000 _SHDL C:\Users\TEMP\Netzwerkumgebung
2013-11-19 15:35 - 2013-11-19 15:35 - 00000000 _SHDL C:\Users\TEMP\Lokale Einstellungen
2013-11-19 15:35 - 2013-11-19 15:35 - 00000000 _SHDL C:\Users\TEMP\Eigene Dateien
2013-11-19 15:35 - 2013-11-19 15:35 - 00000000 _SHDL C:\Users\TEMP\Druckumgebung
2013-11-19 15:35 - 2013-11-19 15:35 - 00000000 _SHDL C:\Users\TEMP\Documents\Eigene Musik
2013-11-19 15:35 - 2013-11-19 15:35 - 00000000 _SHDL C:\Users\TEMP\Documents\Eigene Bilder
2013-11-19 15:35 - 2013-11-19 15:35 - 00000000 _SHDL C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-11-19 15:35 - 2013-11-19 15:35 - 00000000 _SHDL C:\Users\TEMP\AppData\Local\Verlauf
2013-11-19 15:35 - 2013-11-19 15:35 - 00000000 _SHDL C:\Users\TEMP\AppData\Local\Anwendungsdaten
2013-11-19 15:35 - 2013-11-19 15:35 - 00000000 _SHDL C:\Users\TEMP\Anwendungsdaten
2013-11-19 15:35 - 2013-05-09 13:56 - 00000000 ____D C:\Users\TEMP\AppData\Roaming\TuneUp Software
2013-11-19 15:35 - 2012-05-21 19:03 - 00000000 ____D C:\Users\TEMP\AppData\Roaming\Macromedia
2013-11-19 15:35 - 2012-05-21 19:02 - 00002115 _____ C:\Users\TEMP\Desktop\OneKey Recovery.lnk
2013-11-19 15:35 - 2012-05-21 19:02 - 00000000 ____D C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo
2013-11-19 15:35 - 2012-05-21 18:57 - 00001151 _____ C:\Users\TEMP\Desktop\Cyberlink Power2Go.lnk
2013-11-19 15:35 - 2010-12-19 06:31 - 00000189 _____ C:\Users\TEMP\Desktop\Lenovo Telephony Start Now.url
2013-11-19 15:35 - 2009-07-14 05:54 - 00000000 ___RD C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2013-11-19 15:35 - 2009-07-14 05:49 - 00000000 ___RD C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2013-11-18 17:37 - 2013-11-18 17:37 - 04897880 _____ (Adobe Systems Inc.) C:\Users\Kiwi\Downloads\Shockwave_Installer_Slim (1).exe
2013-11-17 13:45 - 2013-11-17 13:45 - 00985600 _____ C:\Users\Kiwi\Downloads\MicrosoftFixit50123.msi
2013-11-17 11:48 - 2013-11-17 11:49 - 00000000 ___SD C:\uninstall.exe
2013-11-17 11:36 - 2013-11-19 00:21 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-11-17 11:36 - 2013-11-17 11:36 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-11-17 11:36 - 2013-11-17 11:36 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-11-17 11:36 - 2013-11-17 11:36 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-11-17 11:36 - 2013-11-17 11:36 - 00000000 ____D C:\Windows\system32\Macromed
2013-11-17 11:26 - 2013-11-17 11:26 - 00000000 ____D C:\Users\Kiwi\AppData\Local\Secunia PSI
2013-11-17 11:26 - 2013-11-17 11:26 - 00000000 ____D C:\Program Files (x86)\Secunia
2013-11-17 11:26 - 2013-11-04 13:42 - 00018456 _____ (Secunia) C:\Windows\system32\Drivers\psi_mf_amd64.sys
2013-11-17 11:18 - 2013-11-17 11:18 - 03865488 _____ (Secunia) C:\Users\Kiwi\Downloads\PSI9015Setup.exe
2013-11-17 11:16 - 2013-11-17 11:16 - 00000000 ____D C:\a2df232b4d27f48767d2b7
2013-11-16 17:53 - 2013-11-16 17:53 - 00000000 ____D C:\Users\Kiwi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth-Geräte
2013-11-16 12:29 - 2013-11-16 12:30 - 43386880 _____ C:\Users\Kiwi\Downloads\jre-7u45-windows-x64.gz
2013-11-16 12:27 - 2013-11-16 12:27 - 30694824 _____ (Oracle Corporation) C:\Users\Kiwi\Downloads\jre-7u45-windows-x64 (1).exe
2013-11-16 12:25 - 2013-11-16 12:25 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-11-16 12:25 - 2013-11-16 12:25 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-11-16 12:25 - 2013-11-16 12:25 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-11-16 12:25 - 2013-11-16 12:25 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2013-11-16 12:25 - 2013-11-16 12:25 - 00000000 ____D C:\ProgramData\Oracle
2013-11-16 12:24 - 2013-11-16 12:24 - 30694824 _____ (Oracle Corporation) C:\Users\Kiwi\Downloads\jre-7u45-windows-x64.exe
2013-11-16 12:22 - 2013-11-16 12:22 - 00915368 _____ (Oracle Corporation) C:\Users\Kiwi\Downloads\chromeinstall-7u45 (1).exe
2013-11-16 12:17 - 2013-11-16 12:17 - 00000000 ____D C:\Users\Kiwi\Documents\Adobe Application Manager 7.0
2013-11-16 12:15 - 2013-11-16 12:16 - 65088528 _____ (Adobe Systems Incorporated) C:\Users\Kiwi\Downloads\ApplicationManager7.0_all.exe
2013-11-16 12:05 - 2013-11-16 12:05 - 00915368 _____ (Oracle Corporation) C:\Users\Kiwi\Downloads\chromeinstall-7u45.exe
2013-11-16 11:27 - 2013-11-16 11:27 - 01550496 _____ (Skype Technologies S.A.) C:\Users\Kiwi\Downloads\SkypeSetup.exe
2013-11-16 11:27 - 2013-11-16 11:27 - 00002727 _____ C:\Users\Public\Desktop\Skype.lnk
2013-11-16 11:27 - 2013-11-16 11:27 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-11-15 13:57 - 2013-11-17 11:47 - 00000000 ____D C:\Users\Kiwi\Desktop\Alles von antivirus kram
2013-11-15 13:20 - 2013-11-15 13:20 - 01957794 _____ (Farbar) C:\Users\Kiwi\Downloads\FRST64 (2).exe
2013-11-15 13:04 - 2013-11-15 13:04 - 00891184 _____ C:\Users\Kiwi\Downloads\SecurityCheck.exe
2013-11-15 12:47 - 2013-11-15 12:48 - 02347384 _____ (ESET) C:\Users\Kiwi\Downloads\esetsmartinstaller_enu.exe
2013-11-14 19:29 - 2013-11-14 19:29 - 00000000 ____D C:\Windows\ERUNT
2013-11-14 19:28 - 2013-11-14 19:28 - 01034531 _____ (Thisisu) C:\Users\Kiwi\Downloads\JRT.exe
2013-11-14 15:53 - 2013-10-04 03:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2013-11-14 15:53 - 2013-10-04 03:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2013-11-14 15:53 - 2013-10-04 03:24 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2013-11-14 15:53 - 2013-10-04 02:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2013-11-14 15:53 - 2013-10-04 02:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-11-14 15:53 - 2013-10-04 02:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2013-11-14 15:50 - 2013-10-12 03:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2013-11-14 15:50 - 2013-10-12 03:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2013-11-14 15:50 - 2013-10-12 03:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2013-11-14 15:50 - 2013-10-12 03:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2013-11-14 15:50 - 2013-10-12 03:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2013-11-14 15:50 - 2013-10-03 03:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2013-11-14 15:50 - 2013-10-03 03:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2013-11-14 15:48 - 2013-11-14 15:48 - 01085542 _____ C:\Users\Kiwi\Downloads\adwcleaner (2).exe
2013-11-14 15:48 - 2013-11-14 15:48 - 01085542 _____ C:\Users\Kiwi\Downloads\adwcleaner (1).exe
2013-11-14 15:28 - 2013-11-14 15:28 - 00000000 ____D C:\Users\Kiwi\AppData\Roaming\Malwarebytes
2013-11-14 15:28 - 2013-11-14 15:28 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-11-14 15:28 - 2013-11-14 15:28 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-11-14 15:28 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-11-14 15:27 - 2013-11-14 15:27 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Kiwi\Downloads\mbam-setup-1.75.0.1300.exe
2013-11-14 15:25 - 2013-11-14 15:25 - 05145576 _____ (Swearware) C:\Users\Kiwi\Downloads\ComboFix.exe
2013-11-13 17:58 - 2013-11-13 17:58 - 01957610 _____ (Farbar) C:\Users\Kiwi\Downloads\FRST64 (1).exe
2013-11-12 13:54 - 2011-06-26 07:45 - 00256000 _____ C:\Windows\PEV.exe
2013-11-12 13:54 - 2010-11-07 18:20 - 00208896 _____ C:\Windows\MBR.exe
2013-11-12 13:54 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2013-11-12 13:54 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-11-12 13:54 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-11-12 13:54 - 2000-08-31 01:00 - 00212480 _____ (SteelWerX) C:\Windows\SWXCACLS.exe
2013-11-12 13:54 - 2000-08-31 01:00 - 00098816 _____ C:\Windows\sed.exe
2013-11-12 13:54 - 2000-08-31 01:00 - 00080412 _____ C:\Windows\grep.exe
2013-11-12 13:54 - 2000-08-31 01:00 - 00068096 _____ C:\Windows\zip.exe
2013-11-12 13:50 - 2013-11-12 13:53 - 00000000 ____D C:\Qoobox
2013-11-12 13:45 - 2013-11-12 13:45 - 00000000 ____D C:\Windows\erdnt
2013-11-11 20:06 - 2013-11-11 20:06 - 00000000 ____D C:\FRST
2013-11-11 20:03 - 2013-11-11 20:03 - 01957590 _____ (Farbar) C:\Users\Kiwi\Downloads\FRST64.exe
2013-11-11 20:03 - 2013-11-11 20:03 - 00377856 _____ C:\Users\Kiwi\Downloads\gmer_2.1.19163.exe
2013-11-11 20:03 - 2013-11-11 20:03 - 00050477 _____ C:\Users\Kiwi\Downloads\Defogger.exe
2013-11-11 19:48 - 2013-11-17 11:11 - 00000000 ____D C:\AdwCleaner
2013-11-11 19:47 - 2013-11-11 19:47 - 01085542 _____ C:\Users\Kiwi\Downloads\adwcleaner.exe
2013-11-11 18:37 - 2013-11-11 19:23 - 00001908 _____ C:\Windows\diagwrn.xml
2013-11-11 18:37 - 2013-11-11 19:23 - 00001908 _____ C:\Windows\diagerr.xml
2013-11-11 18:37 - 2013-11-11 18:57 - 00000000 ____D C:\$WINDOWS.~BT
2013-11-04 19:24 - 2013-11-04 19:24 - 00000000 ____D C:\Users\Kiwi\AppData\Roaming\Adobe
2013-11-04 19:24 - 2013-11-04 19:24 - 00000000 ____D C:\Users\Kiwi\AppData\Roaming\Adobe
2013-11-04 17:39 - 2013-11-04 19:19 - 00000000 ____D C:\ProgramData\MFAData
2013-11-04 17:39 - 2013-11-04 19:19 - 00000000 ____D C:\ProgramData\MFAData
2013-11-04 17:39 - 2013-11-04 17:39 - 00000000 ____D C:\Users\Kiwi\AppData\Local\MFAData
2013-11-04 17:39 - 2013-11-04 17:39 - 00000000 ____D C:\Users\Kiwi\AppData\Local\MFAData
2013-11-04 17:39 - 2013-11-04 17:39 - 00000000 ____D C:\Users\Kiwi\AppData\Local\Avg2014
2013-11-04 17:39 - 2013-11-04 17:39 - 00000000 ____D C:\Users\Kiwi\AppData\Local\Avg2014
2013-11-04 17:38 - 2013-11-04 17:38 - 04424240 _____ (AVG Technologies) C:\Users\Kiwi\Downloads\avg_avct_stb_all_2014_4116_cm10.exe
2013-11-03 18:26 - 2013-11-03 18:26 - 00057144 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgfwd6a.sys
2013-11-03 18:22 - 2013-11-03 18:22 - 04436536 _____ (AVG Technologies) C:\Users\Kiwi\Downloads\avg_isct_stb_all_2014_4158.exe
2013-11-03 17:53 - 2013-11-03 17:53 - 00000000 ____D C:\Users\Kiwi\AppData\Local\Google
2013-11-03 17:53 - 2013-11-03 17:53 - 00000000 ____D C:\Users\Kiwi\AppData\Local\Google
2013-11-03 03:00 - 2013-11-03 03:00 - 00000000 ____D C:\ProgramData\BitGuard
2013-11-03 03:00 - 2013-11-03 03:00 - 00000000 ____D C:\ProgramData\BitGuard
2013-11-02 21:40 - 2013-11-03 14:09 - 00000165 _____ C:\Users\Kiwi\Desktop\tembild.txt
2013-10-29 21:18 - 2013-10-29 21:18 - 00000000 ____D C:\Users\Kiwi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard
2013-10-24 19:18 - 2013-11-17 01:59 - 00002003 _____ C:\Users\Kiwi\Desktop\cooki.txt
2013-10-23 17:49 - 2013-10-23 17:49 - 00837410 _____ C:\Users\Kiwi\Downloads\117826 Duca - Welcome Berry's (1).osz
2013-10-22 02:11 - 2013-10-22 02:16 - 258366720 _____ (NVIDIA Corporation) C:\Users\Kiwi\Downloads\331.58-notebook-win8-win7-64bit-international-whql.exe
2013-10-21 20:47 - 2013-10-21 20:47 - 00001290 _____ C:\Users\Kiwi\Desktop\MineLaunchSP - Verknüpfung.lnk
2013-10-21 20:45 - 2013-10-21 20:45 - 00000000 ____D C:\Users\Kiwi\Desktop\minecraft
2013-10-21 18:39 - 2013-10-21 18:39 - 00000000 ____D C:\Users\Kiwi\Downloads\mc152-mods (1)
2013-10-21 18:20 - 2013-10-21 18:38 - 544515098 _____ C:\Users\Kiwi\Downloads\mc152-mods (1).zip
2013-10-21 18:08 - 2013-10-21 18:14 - 172932726 _____ C:\Users\Kiwi\Downloads\mc152-mods.zip

==================== One Month Modified Files and Folders =======

2013-11-19 15:43 - 2013-01-01 03:03 - 00000000 ____D C:\Users\Kiwi\AppData\Local\PMB Files
2013-11-19 15:42 - 2013-11-19 15:40 - 00024532 _____ C:\Users\Kiwi\Desktop\FRST.txt
2013-11-19 15:40 - 2012-12-31 12:54 - 00000000 ____D C:\Program Files (x86)\osu!
2013-11-19 15:39 - 2013-11-19 15:39 - 01957964 _____ (Farbar) C:\Users\Kiwi\Desktop\FRST64 (3).exe
2013-11-19 15:38 - 2012-12-31 12:48 - 00000000 ____D C:\Users\Kiwi\AppData\Roaming\Skype
2013-11-19 15:37 - 2013-11-19 15:37 - 00003630 _____ C:\Windows\System32\Tasks\Norton Security Scan for Kiwi
2013-11-19 15:37 - 2013-11-19 15:37 - 00000474 ____H C:\Windows\Tasks\Norton Security Scan for Kiwi.job
2013-11-19 15:37 - 2013-11-19 15:37 - 00000000 ____D C:\Windows\system32\Drivers\NSSx64
2013-11-19 15:37 - 2013-11-19 15:37 - 00000000 ____D C:\ProgramData\Symantec
2013-11-19 15:37 - 2013-11-19 15:37 - 00000000 ____D C:\ProgramData\Norton
2013-11-19 15:37 - 2013-11-19 15:37 - 00000000 ____D C:\Program Files (x86)\Norton Security Scan
2013-11-19 15:35 - 2013-11-19 15:35 - 00000020 ___SH C:\Users\TEMP\ntuser.ini
2013-11-19 15:35 - 2013-11-19 15:35 - 00000000 _SHDL C:\Users\TEMP\Vorlagen
2013-11-19 15:35 - 2013-11-19 15:35 - 00000000 _SHDL C:\Users\TEMP\Startmenü
2013-11-19 15:35 - 2013-11-19 15:35 - 00000000 _SHDL C:\Users\TEMP\Netzwerkumgebung
2013-11-19 15:35 - 2013-11-19 15:35 - 00000000 _SHDL C:\Users\TEMP\Lokale Einstellungen
2013-11-19 15:35 - 2013-11-19 15:35 - 00000000 _SHDL C:\Users\TEMP\Eigene Dateien
2013-11-19 15:35 - 2013-11-19 15:35 - 00000000 _SHDL C:\Users\TEMP\Druckumgebung
2013-11-19 15:35 - 2013-11-19 15:35 - 00000000 _SHDL C:\Users\TEMP\Documents\Eigene Musik
2013-11-19 15:35 - 2013-11-19 15:35 - 00000000 _SHDL C:\Users\TEMP\Documents\Eigene Bilder
2013-11-19 15:35 - 2013-11-19 15:35 - 00000000 _SHDL C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-11-19 15:35 - 2013-11-19 15:35 - 00000000 _SHDL C:\Users\TEMP\AppData\Local\Verlauf
2013-11-19 15:35 - 2013-11-19 15:35 - 00000000 _SHDL C:\Users\TEMP\AppData\Local\Anwendungsdaten
2013-11-19 15:35 - 2013-11-19 15:35 - 00000000 _SHDL C:\Users\TEMP\Anwendungsdaten
2013-11-19 15:35 - 2013-04-13 17:06 - 00000000 ____D C:\Users\Kiwi\AppData\Roaming\Spotify
2013-11-19 15:32 - 2013-01-27 17:00 - 00000000 ____D C:\Program Files (x86)\Steam
2013-11-19 15:32 - 1601-01-02 05:16 - 00250299 _____ C:\Windows\system32\fastboot.set
2013-11-19 15:31 - 2012-05-21 19:01 - 00001120 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-11-19 15:28 - 1601-01-02 05:16 - 00001117 _____ C:\Windows\setupact.log
2013-11-19 15:28 - 1601-01-02 05:16 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-11-19 00:25 - 2012-05-21 18:17 - 01764577 _____ C:\Windows\WindowsUpdate.log
2013-11-19 00:21 - 2013-11-17 11:36 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-11-18 23:46 - 2012-05-21 19:01 - 00001124 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-11-18 17:37 - 2013-11-18 17:37 - 04897880 _____ (Adobe Systems Inc.) C:\Users\Kiwi\Downloads\Shockwave_Installer_Slim (1).exe
2013-11-18 17:37 - 2013-01-01 03:36 - 00000000 ____D C:\Windows\SysWOW64\Adobe
2013-11-17 13:45 - 2013-11-17 13:45 - 00985600 _____ C:\Users\Kiwi\Downloads\MicrosoftFixit50123.msi
2013-11-17 12:12 - 2013-06-27 10:57 - 00449148 _____ C:\Windows\PFRO.log
2013-11-17 11:49 - 2013-11-17 11:48 - 00000000 ___SD C:\uninstall.exe
2013-11-17 11:47 - 2013-11-15 13:57 - 00000000 ____D C:\Users\Kiwi\Desktop\Alles von antivirus kram
2013-11-17 11:41 - 2013-08-02 21:27 - 00000000 ____D C:\Users\Kiwi\Desktop\Neuer Ordner (2)
2013-11-17 11:40 - 2012-12-31 12:47 - 00000000 ____D C:\Users\Kiwi\AppData\Local\Adobe
2013-11-17 11:36 - 2013-11-17 11:36 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-11-17 11:36 - 2013-11-17 11:36 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-11-17 11:36 - 2013-11-17 11:36 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-11-17 11:36 - 2013-11-17 11:36 - 00000000 ____D C:\Windows\system32\Macromed
2013-11-17 11:26 - 2013-11-17 11:26 - 00000000 ____D C:\Users\Kiwi\AppData\Local\Secunia PSI
2013-11-17 11:26 - 2013-11-17 11:26 - 00000000 ____D C:\Program Files (x86)\Secunia
2013-11-17 11:18 - 2013-11-17 11:18 - 03865488 _____ (Secunia) C:\Users\Kiwi\Downloads\PSI9015Setup.exe
2013-11-17 11:16 - 2013-11-17 11:16 - 00000000 ____D C:\a2df232b4d27f48767d2b7
2013-11-17 11:11 - 2013-11-11 19:48 - 00000000 ____D C:\AdwCleaner
2013-11-17 01:59 - 2013-10-24 19:18 - 00002003 _____ C:\Users\Kiwi\Desktop\cooki.txt
2013-11-16 17:53 - 2013-11-16 17:53 - 00000000 ____D C:\Users\Kiwi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth-Geräte
2013-11-16 12:30 - 2013-11-16 12:29 - 43386880 _____ C:\Users\Kiwi\Downloads\jre-7u45-windows-x64.gz
2013-11-16 12:28 - 2013-01-10 11:38 - 00000000 ____D C:\Program Files\Java
2013-11-16 12:27 - 2013-11-16 12:27 - 30694824 _____ (Oracle Corporation) C:\Users\Kiwi\Downloads\jre-7u45-windows-x64 (1).exe
2013-11-16 12:25 - 2013-11-16 12:25 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-11-16 12:25 - 2013-11-16 12:25 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-11-16 12:25 - 2013-11-16 12:25 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-11-16 12:25 - 2013-11-16 12:25 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2013-11-16 12:25 - 2013-11-16 12:25 - 00000000 ____D C:\ProgramData\Oracle
2013-11-16 12:24 - 2013-11-16 12:24 - 30694824 _____ (Oracle Corporation) C:\Users\Kiwi\Downloads\jre-7u45-windows-x64.exe
2013-11-16 12:22 - 2013-11-16 12:22 - 00915368 _____ (Oracle Corporation) C:\Users\Kiwi\Downloads\chromeinstall-7u45 (1).exe
2013-11-16 12:22 - 2013-01-10 11:41 - 00000000 ____D C:\Program Files (x86)\Java
2013-11-16 12:17 - 2013-11-16 12:17 - 00000000 ____D C:\Users\Kiwi\Documents\Adobe Application Manager 7.0
2013-11-16 12:16 - 2013-11-16 12:15 - 65088528 _____ (Adobe Systems Incorporated) C:\Users\Kiwi\Downloads\ApplicationManager7.0_all.exe
2013-11-16 12:05 - 2013-11-16 12:05 - 00915368 _____ (Oracle Corporation) C:\Users\Kiwi\Downloads\chromeinstall-7u45.exe
2013-11-16 11:28 - 2012-12-31 12:48 - 00000000 ____D C:\ProgramData\Skype
2013-11-16 11:27 - 2013-11-16 11:27 - 01550496 _____ (Skype Technologies S.A.) C:\Users\Kiwi\Downloads\SkypeSetup.exe
2013-11-16 11:27 - 2013-11-16 11:27 - 00002727 _____ C:\Users\Public\Desktop\Skype.lnk
2013-11-16 11:27 - 2013-11-16 11:27 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-11-15 18:14 - 2012-12-31 13:05 - 00000000 ____D C:\Users\Kiwi\Desktop\Bilder Undso
2013-11-15 13:20 - 2013-11-15 13:20 - 01957794 _____ (Farbar) C:\Users\Kiwi\Downloads\FRST64 (2).exe
2013-11-15 13:04 - 2013-11-15 13:04 - 00891184 _____ C:\Users\Kiwi\Downloads\SecurityCheck.exe
2013-11-15 12:53 - 1601-01-02 05:16 - 01672852 _____ C:\Windows\system32\PerfStringBackup.INI
2013-11-15 12:53 - 1601-01-02 05:16 - 00727118 _____ C:\Windows\system32\perfh007.dat
2013-11-15 12:53 - 1601-01-02 05:16 - 00158012 _____ C:\Windows\system32\perfc007.dat
2013-11-15 12:48 - 2013-11-15 12:47 - 02347384 _____ (ESET) C:\Users\Kiwi\Downloads\esetsmartinstaller_enu.exe
2013-11-14 20:03 - 2013-07-27 02:00 - 00000000 ____D C:\Windows\system32\MRT
2013-11-14 20:00 - 1601-01-02 05:16 - 82896128 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-11-14 19:29 - 2013-11-14 19:29 - 00000000 ____D C:\Windows\ERUNT
2013-11-14 19:28 - 2013-11-14 19:28 - 01034531 _____ (Thisisu) C:\Users\Kiwi\Downloads\JRT.exe
2013-11-14 18:26 - 2013-09-25 17:01 - 00000000 ____D C:\Program Files (x86)\AVG Secure Search
2013-11-14 18:26 - 1601-01-02 05:16 - 00046368 _____ (AVG Technologies) C:\Windows\system32\Drivers\avgtpx64.sys
2013-11-14 15:48 - 2013-11-14 15:48 - 01085542 _____ C:\Users\Kiwi\Downloads\adwcleaner (2).exe
2013-11-14 15:48 - 2013-11-14 15:48 - 01085542 _____ C:\Users\Kiwi\Downloads\adwcleaner (1).exe
2013-11-14 15:28 - 2013-11-14 15:28 - 00000000 ____D C:\Users\Kiwi\AppData\Roaming\Malwarebytes
2013-11-14 15:28 - 2013-11-14 15:28 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-11-14 15:28 - 2013-11-14 15:28 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-11-14 15:27 - 2013-11-14 15:27 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Kiwi\Downloads\mbam-setup-1.75.0.1300.exe
2013-11-14 15:25 - 2013-11-14 15:25 - 05145576 _____ (Swearware) C:\Users\Kiwi\Downloads\ComboFix.exe
2013-11-13 17:58 - 2013-11-13 17:58 - 01957610 _____ (Farbar) C:\Users\Kiwi\Downloads\FRST64 (1).exe
2013-11-12 13:53 - 2013-11-12 13:50 - 00000000 ____D C:\Qoobox
2013-11-12 13:45 - 2013-11-12 13:45 - 00000000 ____D C:\Windows\erdnt
2013-11-11 20:06 - 2013-11-11 20:06 - 00000000 ____D C:\FRST
2013-11-11 20:03 - 2013-11-11 20:03 - 01957590 _____ (Farbar) C:\Users\Kiwi\Downloads\FRST64.exe
2013-11-11 20:03 - 2013-11-11 20:03 - 00377856 _____ C:\Users\Kiwi\Downloads\gmer_2.1.19163.exe
2013-11-11 20:03 - 2013-11-11 20:03 - 00050477 _____ C:\Users\Kiwi\Downloads\Defogger.exe
2013-11-11 19:47 - 2013-11-11 19:47 - 01085542 _____ C:\Users\Kiwi\Downloads\adwcleaner.exe
2013-11-11 19:30 - 2009-07-14 05:45 - 00316560 _____ C:\Windows\system32\FNTCACHE.DAT
2013-11-11 19:23 - 2013-11-11 18:37 - 00001908 _____ C:\Windows\diagwrn.xml
2013-11-11 19:23 - 2013-11-11 18:37 - 00001908 _____ C:\Windows\diagerr.xml
2013-11-11 19:20 - 1601-01-02 05:16 - 00000000 _____ C:\Windows\setuperr.log
2013-11-11 18:57 - 2013-11-11 18:37 - 00000000 ____D C:\$WINDOWS.~BT
2013-11-04 19:24 - 2013-11-04 19:24 - 00000000 ____D C:\Users\Kiwi\AppData\Roaming\Adobe
2013-11-04 19:24 - 2013-11-04 19:24 - 00000000 ____D C:\Users\Kiwi\AppData\Roaming\Adobe
2013-11-04 19:19 - 2013-11-04 17:39 - 00000000 ____D C:\ProgramData\MFAData
2013-11-04 19:19 - 2013-11-04 17:39 - 00000000 ____D C:\ProgramData\MFAData
2013-11-04 17:39 - 2013-11-04 17:39 - 00000000 ____D C:\Users\Kiwi\AppData\Local\MFAData
2013-11-04 17:39 - 2013-11-04 17:39 - 00000000 ____D C:\Users\Kiwi\AppData\Local\MFAData
2013-11-04 17:39 - 2013-11-04 17:39 - 00000000 ____D C:\Users\Kiwi\AppData\Local\Avg2014
2013-11-04 17:39 - 2013-11-04 17:39 - 00000000 ____D C:\Users\Kiwi\AppData\Local\Avg2014
2013-11-04 17:38 - 2013-11-04 17:38 - 04424240 _____ (AVG Technologies) C:\Users\Kiwi\Downloads\avg_avct_stb_all_2014_4116_cm10.exe
2013-11-04 13:42 - 2013-11-17 11:26 - 00018456 _____ (Secunia) C:\Windows\system32\Drivers\psi_mf_amd64.sys
2013-11-03 18:26 - 2013-11-03 18:26 - 00057144 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgfwd6a.sys
2013-11-03 18:22 - 2013-11-03 18:22 - 04436536 _____ (AVG Technologies) C:\Users\Kiwi\Downloads\avg_isct_stb_all_2014_4158.exe
2013-11-03 17:53 - 2013-11-03 17:53 - 00000000 ____D C:\Users\Kiwi\AppData\Local\Google
2013-11-03 17:53 - 2013-11-03 17:53 - 00000000 ____D C:\Users\Kiwi\AppData\Local\Google
2013-11-03 14:09 - 2013-11-02 21:40 - 00000165 _____ C:\Users\Kiwi\Desktop\tembild.txt
2013-11-03 14:08 - 2013-09-25 17:00 - 00000000 ____D C:\ProgramData\AVG2014
2013-11-03 03:00 - 2013-11-03 03:00 - 00000000 ____D C:\ProgramData\BitGuard
2013-11-03 03:00 - 2013-11-03 03:00 - 00000000 ____D C:\ProgramData\BitGuard
2013-11-02 19:05 - 2013-06-02 00:13 - 00001507 _____ C:\Users\Kiwi\Desktop\Neues Textdokument.txt
2013-10-31 21:53 - 2012-09-15 17:02 - 00000000 ___RD C:\Users\Kiwi\Desktop\.
2013-10-29 21:18 - 2013-10-29 21:18 - 00000000 ____D C:\Users\Kiwi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard
2013-10-28 04:28 - 2013-01-01 03:03 - 00000000 ____D C:\ProgramData\PMB Files
2013-10-23 17:49 - 2013-10-23 17:49 - 00837410 _____ C:\Users\Kiwi\Downloads\117826 Duca - Welcome Berry's (1).osz
2013-10-22 02:16 - 2013-10-22 02:11 - 258366720 _____ (NVIDIA Corporation) C:\Users\Kiwi\Downloads\331.58-notebook-win8-win7-64bit-international-whql.exe
2013-10-22 02:03 - 2013-07-13 10:41 - 00039139 _____ C:\Windows\IE10_main.log
2013-10-22 02:03 - 2013-07-13 10:41 - 00039139 _____ C:\Windows\IE10_main.log
2013-10-21 20:47 - 2013-10-21 20:47 - 00001290 _____ C:\Users\Kiwi\Desktop\MineLaunchSP - Verknüpfung.lnk
2013-10-21 20:45 - 2013-10-21 20:45 - 00000000 ____D C:\Users\Kiwi\Desktop\minecraft
2013-10-21 19:43 - 1601-01-02 05:16 - 548703693 _____ C:\Users\Kiwi\Desktop\minecraft.rar
2013-10-21 18:39 - 2013-10-21 18:39 - 00000000 ____D C:\Users\Kiwi\Downloads\mc152-mods (1)
2013-10-21 18:38 - 2013-10-21 18:20 - 544515098 _____ C:\Users\Kiwi\Downloads\mc152-mods (1).zip
2013-10-21 18:14 - 2013-10-21 18:08 - 172932726 _____ C:\Users\Kiwi\Downloads\mc152-mods.zip
2013-10-21 17:59 - 2013-07-18 20:59 - 00000000 ____D C:\Users\Kiwi\AppData\Roaming\.minecraft

Some content of TEMP:
====================
C:\Users\Kiwi\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-10-26 17:39

==================== End Of Log ============================

--- --- ---

--- --- ---

schrauber · 20.11.2013, 09:59

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

2013-11-03 03:00 - 2013-11-03 03:00 - 00000000 ____D C:\ProgramData\BitGuard

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

Lade SystemLook von jpshortstuff von einem der folgenden Spiegel herunter und speichere das Tool auf dem Desktop.
SystemLook (64 bit)

Doppelklicke auf die SystemLook_x64.exe, um das Tool zu starten.
Kopiere den Inhalt der folgenden Codebox in das Textfeld des Tools:
Code:
ATTFilter
```
:folderfind
*BitGuard*
         
```
Klicke nun auf den Button Look, um den Scan zu starten.
Der Suchlauf kann einige Zeit dauern.
Wenn der Suchlauf beendet ist, wird sich Dein Editor mit den Ergebnissen öffnen, poste diese in deinen Thread.
Die Ergebnisse werden auf dem Desktop als SystemLook.txt gespeichert.

mariomon11 · 20.11.2013, 16:19

Fixlog , Log :

Code:

ATTFilter

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 18-11-2013
Ran by Kiwi at 2013-11-20 16:15:35 Run:3
Running from C:\Users\Kiwi\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
2013-11-03 03:00 - 2013-11-03 03:00 - 00000000 ____D C:\ProgramData\BitGuard
*****************

C:\ProgramData\BitGuard => Moved successfully.

==== End of Fixlog ====

SystemLook, Log

Code:

ATTFilter

SystemLook 30.07.11 by jpshortstuff
Log created at 16:15 on 20/11/2013 by Kiwi
Administrator - Elevation successful

========== folderfind ==========

Searching for "*BitGuard*"
No folders found.

-= EOF =-

Bitte sehr , weiter ? ^^ (avg hat ist immernoch der Meinung das der da ist)

schrauber · 21.11.2013, 11:50

Zeig mal wo AVG jetzt meckert, warscheinlich in der Quarantäne von FRST

mariomon11 · 21.11.2013, 17:26

ich schick einfach noch nen screen shot

da o:

schrauber · 22.11.2013, 13:32

Unmöglich. mach bitte nen richtigen Volscan mit AVG und poste das logfile.

21.11.2013, 11:50	#20
schrauber /// the machine /// TB-Ausbilder	Windows 7 : Avg melded Tojaner: dropper.generik8.CLXE und kann ihn nicht entfernen Zeig mal wo AVG jetzt meckert, warscheinlich in der Quarantäne von FRST __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

22.11.2013, 13:32	#22
schrauber /// the machine /// TB-Ausbilder	Windows 7 : Avg melded Tojaner: dropper.generik8.CLXE und kann ihn nicht entfernen Unmöglich. mach bitte nen richtigen Volscan mit AVG und poste das logfile. __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

Windows 7 : Avg melded Tojaner: dropper.generik8.CLXE und kann ihn nicht entfernen

Log-Analyse und Auswertung: Windows 7 : Avg melded Tojaner: dropper.generik8.CLXE und kann ihn nicht entfernen