Vista64bit; Lüfter läuft ständig und malwarebytes startet nicht.

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 16-12-2013 02
Ran by antje (administrator) on ANTJE-PC on 16-12-2013 21:48:40
Running from C:\Users\antje\Desktop
Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) OS Language: German Standard
Internet Explorer Version 8
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(Logitech Inc.) C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Egis Technology Inc.) C:\Program Files\EgisTec\VITAKEY\CompPtcVUI.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE
() C:\ProgramData\DatacardService\HWDeviceService.exe
() C:\ProgramData\Omnitel mobilusis internetas\OnlineUpdate\ouc.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(Iminent) C:\Program Files\Common Files\Umbrella\umbrella.exe
() C:\Program Files\Verbindungsassistent\WTGService.exe
(Microsoft Corporation) C:\Windows\System32\iashost.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(Cyberlink Corp.) C:\Program Files\HomeCinema\PowerDVD\PDVDServ.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(shbox.de) C:\Program Files\FreePDF_XP\fpassist.exe
(Ask) C:\Program Files\Ask.com\Updater\Updater.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Iminent) C:\Program Files\Iminent\Iminent.exe
(Iminent) C:\Program Files\Iminent\Iminent.Messengers.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Macrovision Corporation) C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Samsung) C:\Program Files\Samsung\Kies\Kies.exe
(Nokia) C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(PC Drivers Headquarters) C:\Program Files\DriverBoost\DriverBoost\DriverBoost.exe
(Microsoft Corporation) C:\Windows\System32\wscript.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
(Nuance Communications, Inc.) C:\Program Files\Nuance\NaturallySpeaking10\Program\natspeak.exe
(Dropbox, Inc.) C:\Users\antje\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Nuance Communications, Inc.) C:\Program Files\Common Files\Nuance\NaturallySpeaking10\dgnuiasvr.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
(Yahoo! Inc.) C:\Program Files\Yahoo!\Messenger\Ymsgr_tray.exe
(Nokia) C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
(Hewlett-Packard) C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
(Macrovision Corporation) C:\ProgramData\Macrovision\FLEXnet Connect\6\agent.exe
(Macrovision Corporation) C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe
(Nokia) C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\WINWORD.EXE

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Windows Defender] - C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] - C:\Windows\RtHDVCpl.exe [6265376 2008-07-24] (Realtek Semiconductor)
HKLM\...\Run: [RemoteControl] - C:\Program Files\HomeCinema\PowerDVD\PDVDServ.exe [71216 2007-02-09] (Cyberlink Corp.)
HKLM\...\Run: [LanguageShortcut] - C:\Program Files\HomeCinema\PowerDVD\Language\Language.exe [52256 2007-01-08] ()
HKLM\...\Run: [UCam_Menu] - C:\Program Files\HomeCinema\YouCam\MUITransfer\MUIStartMenu.exe [210216 2008-06-13] (CyberLink Corp.)
HKLM\...\Run: [Adobe Photo Downloader] - C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe [57344 2005-06-23] (Adobe Systems Incorporated)
HKLM\...\Run: [GrooveMonitor] - C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [NvCplDaemon] - RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [NvMediaCenter] - RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
HKLM\...\Run: [AppleSyncNotifier] - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [58656 2011-04-20] (Apple Inc.)
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [421888 2010-11-29] (Apple Inc.)
HKLM\...\Run: [SSBkgdUpdate] - C:\Program Files\Common Files\ScanSoft Shared\SSBkgdUpdate\SSBkgdUpdate.exe [210472 2006-10-25] (Nuance Communications, Inc.)
HKLM\...\Run: [DNS7reminder] - C:\Program Files\Nuance\NaturallySpeaking10\Ereg\Ereg.exe [259624 2007-04-16] (Nuance Communications, Inc.)
HKLM\...\Run: [FreePDF Assistant] - C:\Program Files\FreePDF_XP\fpassist.exe [371200 2011-02-23] (shbox.de)
HKLM\...\Run: [] - [x]
HKLM\...\Run: [ApnUpdater] - C:\Program Files\Ask.com\Updater\Updater.exe [1648264 2013-04-25] (Ask)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-05] (Adobe Systems Incorporated)
HKLM\...\Run: [Skytel] - C:\Windows\SkyTel.exe [1833504 2008-07-24] (Realtek Semiconductor Corp.)
HKLM\...\Run: [KiesTrayAgent] - C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [310128 2013-02-13] (Samsung Electronics Co., Ltd.)
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] - C:\Program Files\iTunes\iTunesHelper.exe [152392 2013-05-31] (Apple Inc.)
HKLM\...\Run: [Iminent] - C:\Program Files\Iminent\Iminent.exe [1074736 2013-07-02] (Iminent)
HKLM\...\Run: [IminentMessenger] - C:\Program Files\Iminent\Iminent.Messengers.exe [884784 2013-07-02] (Iminent)
HKLM\...\Run: [HP Software Update] - C:\Program Files\HP\HP Software Update\hpwuSchd2.exe [49152 2007-10-14] (Hewlett-Packard)
HKLM\...\Run: [hpqSRMon] - C:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exe [80896 2007-08-22] (Hewlett-Packard)
HKCU\...\Run: [EPSON Stylus DX4400 Series] - C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATICAE.EXE /FU "C:\Windows\TEMP\E_S82EA.tmp" /EF "HKCU"
HKCU\...\Run: [ehTray.exe] - C:\Windows\ehome\ehtray.exe [125952 2008-01-21] (Microsoft Corporation)
HKCU\...\Run: [ISUSPM] - C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe [222128 2007-03-29] (Macrovision Corporation)
HKCU\...\Run: [Messenger (Yahoo!)] - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe [5252408 2010-06-01] (Yahoo! Inc.)
HKCU\...\Run: [Skype] - C:\Program Files\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
HKCU\...\Run: [KiesPreload] - C:\Program Files\Samsung\Kies\Kies.exe [1509232 2013-02-13] (Samsung)
HKCU\...\Run: [] - C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [844144 2013-02-13] (Samsung)
HKCU\...\Run: [NokiaSuite.exe] - C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe [1090040 2012-12-21] (Nokia)
HKCU\...\Run: [DriverBoost] - C:\Program Files\DriverBoost\DriverBoost\DriverBoost.exe [3537336 2012-11-12] (PC Drivers Headquarters)
HKCU\...\Run: [04b8] - C:\Users\antje\AppData\Roaming\12a\04b8.js [46865 2013-12-16] ()
HKCU\...\Run: [WMPNSCFG] - C:\Program Files\Windows Media Player\wmpnscfg.exe [202240 2008-01-21] (Microsoft Corporation)
MountPoints2: G - G:\LaunchU3.exe -a
MountPoints2: {596566e7-5292-11df-b702-001f16091995} - G:\LaunchU3.exe -a
MountPoints2: {6c235fc2-38ce-11df-88bd-001f16091995} - G:\DPFMate.exe
MountPoints2: {7c6af35e-3f30-11df-99fd-001f16091995} - H:\StartVMCLite.exe
MountPoints2: {7c6af360-3f30-11df-99fd-001f16091995} - H:\StartVMCLite.exe
MountPoints2: {90b2666f-306a-11e0-9468-001f16091995} - G:\.\Autorun.exe AUTORUN=1
MountPoints2: {a6301e50-3cc7-11e3-bdb8-001f16091995} - G:\.\StartModem.exe
MountPoints2: {be8fd33d-492c-11e3-9f45-001f16091995} - G:\AutoRun.exe
MountPoints2: {be8fd390-492c-11e3-9f45-8931d6563df5} - G:\AutoRun.exe
MountPoints2: {c0ed58ba-3f14-11df-9f62-001f16091995} - G:\StartVMCLite.exe
MountPoints2: {c0ed58c4-3f14-11df-9f62-001f16091995} - H:\StartVMCLite.exe
MountPoints2: {daf5e385-34c3-11e1-b541-001f16091995} - G:\StartVMCLite.exe
MountPoints2: {eb0c18ba-3075-11e0-87f7-001f16091995} - G:\setup_vmc_lite.exe /checkApplicationPresence
MountPoints2: {ef289e70-3f31-11df-882b-001f16091995} - H:\StartVMCLite.exe
MountPoints2: {ef289e73-3f31-11df-882b-001f16091995} - G:\StartVMCLite.exe
HKU\Default\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\Default User\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\Nilu\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
AppInit_DLLs: c:\docume~1\㘀  [ ] ()
Lsa: [Notification Packages] C:\Program Files\EgisTec\VITAKEY\PwdFilter
Startup: C:\Users\antje\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\50f.js ()
Startup: C:\Users\antje\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dragon NaturallySpeaking.lnk
ShortcutTarget: Dragon NaturallySpeaking.lnk -> C:\Program Files\Nuance\NaturallySpeaking10\Program\natspeak.exe (Nuance Communications, Inc.)
Startup: C:\Users\antje\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\antje\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2269050
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = hxxp://www.delta-search.com/?babsrc=HP_ss&mntrId=B297001F16091995&affID=121563&tt=040713_xmlful&tsp=4936
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.yahoo.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://de.yahoo.com
URLSearchHook: HKLM - (No Name) - {03402f96-3dc7-4285-bc50-9e81fefafe43} -  No File
URLSearchHook: HKLM - DVDVideoSoftTB Toolbar - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\prxtbDVD0.dll (Conduit Ltd.)
URLSearchHook: HKCU - UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
URLSearchHook: HKCU - (No Name) - {03402f96-3dc7-4285-bc50-9e81fefafe43} -  No File
URLSearchHook: HKCU - DVDVideoSoftTB Toolbar - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\prxtbDVD0.dll (Conduit Ltd.)
SearchScopes: HKLM - DefaultScope {AFDBDDAA-5D3F-42EE-B79C-185A7020515B} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050
SearchScopes: HKLM - {0B4A10D1-FBD6-451d-BFDA-F03252B05984} URL = hxxp://slirsredirect.search.aol.com/redirector/sredir?sredir=2706&query={searchTerms}&invocationType=tb50-ie-aim-chromesbox-en-us&tb_uuid=20100724220556851&tb_oid=24-07-2010&tb_mrud=24-07-2010
SearchScopes: HKLM - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050
SearchScopes: HKCU - C14CB7041C0543CA8C5206501495D32A URL = hxxp://search.babylon.com/web/{searchTerms}?babsrc=browsersearch&AF=66756&tt=110911_startpage
SearchScopes: HKCU - {0B4A10D1-FBD6-451d-BFDA-F03252B05984} URL = hxxp://slirsredirect.search.aol.com/redirector/sredir?sredir=2706&query={searchTerms}&invocationType=tb50-ie-aim-chromesbox-en-us&tb_uuid=20100724220556851&tb_oid=24-07-2010&tb_mrud=24-07-2010
SearchScopes: HKCU - {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = 
SearchScopes: HKCU - {95BAF4D4-067D-4CEA-9566-786DC76C2775} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=crm&q={searchTerms}&locale=de_DE&apn_ptnrs=^U3&apn_dtid=^OSJ000^YY^DE&apn_uid=0A07BE36-792A-4DC5-B927-4071DF464E24&apn_sauid=46145A72-D639-40C9-9056-AF6768869A83
SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050
SearchScopes: HKCU - {DECA3892-BA8F-44b8-A993-A466AD694AE4} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}
BHO: No Name - {02478D38-C3F9-4efb-9B51-7695ECA05670} -  No File
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: No Name - {7E853D72-626A-48EC-A868-BA8D5E23E045} -  No File
BHO: DVDVideoSoftTB Toolbar - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\prxtbDVD0.dll (Conduit Ltd.)
BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: IMinent WebBooster (BHO) - {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} - C:\Program Files\Iminent\Iminent.WebBooster.InternetExplorer.dll (SIEN)
BHO: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO: No Name - {b0cda128-b425-4eef-a174-61a11ac5dbf8} -  No File
BHO: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: DVDVideoSoft WebPageAdjuster Class - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
BHO: SeeSimilar - {F225A2E3-8EE1-4204-B7A0-F4C551578A87} - C:\Program Files\SeeSimilar\ScriptHost.dll (SeeSimilar.com)
BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - No Name - {61539ecd-cc67-4437-a03c-9aaccbd14326} -  No File
Toolbar: HKLM - DVDVideoSoftTB Toolbar - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\prxtbDVD0.dll (Conduit Ltd.)
Toolbar: HKLM - Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
Toolbar: HKCU - No Name - {61539ECD-CC67-4437-A03C-9AACCBD14326} -  No File
Toolbar: HKCU - DVDVideoSoftTB Toolbar - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - C:\Program Files\DVDVideoSoftTB\prxtbDVD0.dll (Conduit Ltd.)
Toolbar: HKCU - Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 4.4.4.4
Tcpip\..\Interfaces\{3FDDA5A2-8B9E-4098-A77D-CD60DE3369E7}: [NameServer]77.74.36.229 8.8.8.8

FireFox:
========
FF ProfilePath: C:\Users\antje\AppData\Roaming\Mozilla\Firefox\Profiles\8p1e7wk8.default
FF user.js: detected! => C:\Users\antje\AppData\Roaming\Mozilla\Firefox\Profiles\8p1e7wk8.default\user.js
FF NewTab: hxxp://www.delta-search.com/?babsrc=NT_ss&mntrId=B297001F16091995&affID=121563&tt=040713_xmlful&tsp=4936
FF SearchEngineOrder.1: Delta Search
FF SearchEngineOrder.3: Bing 
FF Homepage: hxxp://search.conduit.com/?CUI=UN32364231433581261&ctid=CT2269050&SearchSource=13
FF Keyword.URL: hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=2&CUI=UN32364231433581261&UM=UM_ID&q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @ei.VideoDownloadConverter_4z.com/Plugin - C:\Program Files\VideoDownloadConverter_4zEI\Installr\1.bin\NP4zEISB.dll (VideoDownloadConverter)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 - C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @nokia.com/EnablerPlugin - C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\antje\AppData\Roaming\Mozilla\Firefox\Profiles\8p1e7wk8.default\searchplugins\askcom.xml
FF SearchPlugin: C:\Users\antje\AppData\Roaming\Mozilla\Firefox\Profiles\8p1e7wk8.default\searchplugins\askcomsearch.xml
FF SearchPlugin: C:\Users\antje\AppData\Roaming\Mozilla\Firefox\Profiles\8p1e7wk8.default\searchplugins\babylon.xml
FF SearchPlugin: C:\Users\antje\AppData\Roaming\Mozilla\Firefox\Profiles\8p1e7wk8.default\searchplugins\bingp.xml
FF SearchPlugin: C:\Users\antje\AppData\Roaming\Mozilla\Firefox\Profiles\8p1e7wk8.default\searchplugins\BrowserDefender.xml
FF SearchPlugin: C:\Users\antje\AppData\Roaming\Mozilla\Firefox\Profiles\8p1e7wk8.default\searchplugins\conduit.xml
FF SearchPlugin: C:\Users\antje\AppData\Roaming\Mozilla\Firefox\Profiles\8p1e7wk8.default\searchplugins\delta.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\babylon.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Visualisateur 3D de 20-20 - C:\Users\antje\AppData\Roaming\Mozilla\Firefox\Profiles\8p1e7wk8.default\Extensions\2020Player_IKEA@2020Technologies.com
FF Extension: Babylon - C:\Users\antje\AppData\Roaming\Mozilla\Firefox\Profiles\8p1e7wk8.default\Extensions\ffxtlbr@babylon.com
FF Extension: Ask Toolbar - C:\Users\antje\AppData\Roaming\Mozilla\Firefox\Profiles\8p1e7wk8.default\Extensions\toolbar@ask.com
FF Extension: DVDVideoSoftTB  - C:\Users\antje\AppData\Roaming\Mozilla\Firefox\Profiles\8p1e7wk8.default\Extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
FF Extension: Adblock Plus - C:\Users\antje\AppData\Roaming\Mozilla\Firefox\Profiles\8p1e7wk8.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
FF Extension: adapter - C:\Users\antje\AppData\Roaming\Mozilla\Firefox\Profiles\8p1e7wk8.default\Extensions\adapter@babylontc.com.xpi
FF Extension: amznUWL2 - C:\Users\antje\AppData\Roaming\Mozilla\Firefox\Profiles\8p1e7wk8.default\Extensions\amznUWL2@amazon.com.xpi
FF Extension: ocr - C:\Users\antje\AppData\Roaming\Mozilla\Firefox\Profiles\8p1e7wk8.default\Extensions\ocr@babylon.com.xpi
FF Extension: webbooster - C:\Users\antje\AppData\Roaming\Mozilla\Firefox\Profiles\8p1e7wk8.default\Extensions\webbooster@iminent.com.xpi
FF Extension: DVDVideoSoft Menu - C:\Users\antje\AppData\Roaming\Mozilla\Firefox\Profiles\8p1e7wk8.default\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi
FF Extension: Adblock Plus - C:\Users\antje\AppData\Roaming\Mozilla\Firefox\Profiles\8p1e7wk8.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM\...\Firefox\Extensions: [{ACAA314B-EEBA-48e4-AD47-84E31C44796C}] - C:\Program Files\Common Files\DVDVideoSoft\plugins\ff\
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Program Files\Common Files\DVDVideoSoft\plugins\ff\

========================== Services (Whitelisted) =================

S4 AVM WLAN Connection Service; C:\Program Files\avmwlanstick\WlanNetService.exe [356352 2006-12-28] (AVM Berlin)
R2 EPSON_PM_RPCV4_01; C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE [113664 2007-01-11] (SEIKO EPSON CORPORATION)
R2 HWDeviceService.exe; C:\ProgramData\DatacardService\HWDeviceService.exe [271712 2011-03-14] ()
S4 IGBASVC; C:\Program Files\EgisTec\VITAKEY\BASVC.exe [2180392 2008-08-29] ()
S2 Omnitel mobilusis internetas. RunOuc; C:\Program Files\Omnitel mobilusis internetas\UpdateDog\ouc.exe [655744 2012-11-14] ()
S4 ProtexisLicensing; C:\Windows\system32\PSIService.exe [177704 2007-06-05] ()
S4 RichVideo; C:\Program Files\CyberLink\Shared Files\RichVideo.exe [241734 2008-06-30] ()
S4 Scan2PC; C:\Program Files\Scan2PC\Sc2PCSvc.exe [69632 2008-10-27] ()
R2 Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3064000 2012-10-02] (Skype Technologies S.A.)
R2 SProtection; C:\Program Files\Common Files\Umbrella\umbrella.exe [2905408 2013-11-25] (Iminent)
S4 srvcPVR; C:\Program Files\Sceneo\AbsolutTV\Services\PVR\PVRService.exe [1801216 2008-02-28] (Buhl Data Service GmbH)
R2 UMVPFSrv; C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [450848 2012-01-18] (Logitech Inc.)
S3 usnjsvc; C:\Program Files\Windows Live\Messenger\usnsvc.exe [98328 2007-10-18] (Microsoft Corporation)
S3 WLSetupSvc; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [266240 2007-10-25] (Microsoft Corporation)
R2 WTGService; C:\Program Files\Verbindungsassistent\wtgservice.exe [330696 2011-02-07] ()
S4 x10nets; C:\Program Files\Common Files\X10\Common\X10nets.exe [20480 2001-11-12] (X10)

==================== Drivers (Whitelisted) ====================

S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [4352 2006-12-28] (AVM Berlin)
S3 ewsercd; C:\Windows\System32\DRIVERS\ewsercd.sys [100224 2011-02-04] (Huawei Technologies Co., Ltd.)
R2 FPSensor; C:\Windows\System32\Drivers\FPSensor.sys [26920 2008-08-28] (LTT)
R0 FPWinIo; C:\Windows\System32\DRIVERS\FPWinIo.sys [66856 2008-08-28] ()
S3 FWLANUSB; C:\Windows\System32\DRIVERS\fwlanusb.sys [265088 2006-12-28] (AVM GmbH)
S3 huawei_cdcacm; C:\Windows\System32\DRIVERS\ew_jucdcacm.sys [96000 2012-11-14] (Huawei Technologies Co., Ltd.)
S3 huawei_cdcecm; C:\Windows\System32\DRIVERS\ew_jucdcecm.sys [69760 2012-11-14] (Huawei Technologies Co., Ltd.)
S3 huawei_ext_ctrl; C:\Windows\System32\DRIVERS\ew_juextctrl.sys [27520 2012-11-14] (Huawei Technologies Co., Ltd.)
S3 mtkmbim; C:\Windows\System32\DRIVERS\mtkmbimv.sys [174592 2012-12-13] (MediaTek Inc.)
S3 PhilCap; C:\Windows\System32\DRIVERS\PhilCap.sys [908896 2007-07-31] (NXP Semiconductors Germany GmbH)
S3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1753984 2008-07-10] ()
S3 w200bus; C:\Windows\System32\DRIVERS\w200bus.sys [61504 2006-11-07] (MCCI)
S3 w200mdfl; C:\Windows\System32\DRIVERS\w200mdfl.sys [9328 2006-11-07] (MCCI)
S3 w200mdm; C:\Windows\System32\DRIVERS\w200mdm.sys [97056 2006-11-07] (MCCI)
S3 w200mgmt; C:\Windows\System32\DRIVERS\w200mgmt.sys [88560 2006-11-07] (MCCI)
S3 w200obex; C:\Windows\System32\DRIVERS\w200obex.sys [86368 2006-11-07] (MCCI)
S3 wdf_usb; C:\Windows\System32\DRIVERS\usb2ser.sys [68480 2013-04-08] (MediaTek Inc.)
R3 X10Hid; C:\Windows\System32\Drivers\x10hid.sys [13976 2006-11-17] (X10 Wireless Technology, Inc.)
R3 XUIF; C:\Windows\System32\Drivers\x10ufx2.sys [27416 2006-11-30] (X10 Wireless Technology, Inc.)
U3 uwlorpow; C:\Users\antje\AppData\Local\Temp\uwlorpow.sys [103680 2013-12-16] (GMER)
U5 ewusbnet; C:\Windows\System32\Drivers\ewusbnet.sys [249472 2012-11-14] (Huawei Technologies Co., Ltd.)
S3 hwusbfake; system32\DRIVERS\ewusbfake.sys [x]
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]
S3 PCASp50; System32\Drivers\PCASp50.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-12-16 21:48 - 2013-12-16 21:49 - 00027860 _____ C:\Users\antje\Desktop\FRST.txt
2013-12-16 21:48 - 2013-12-16 21:48 - 00000000 ____D C:\FRST
2013-12-16 21:47 - 2013-12-16 21:47 - 01060997 _____ (Farbar) C:\Users\antje\Desktop\FRST.exe
2013-12-16 21:41 - 2013-12-16 21:42 - 00377856 _____ C:\Users\antje\Desktop\gmer_2.1.19163.exe
2013-12-16 21:39 - 2013-12-16 21:39 - 00000472 _____ C:\Windows\system32\defogger_disable.log
2013-12-16 21:36 - 2013-12-16 21:37 - 00000446 _____ C:\Users\antje\Downloads\defogger_disable.log
2013-12-16 21:36 - 2013-12-16 21:36 - 00000000 _____ C:\Users\antje\defogger_reenable
2013-12-16 21:35 - 2013-12-16 21:35 - 00050477 _____ C:\Users\antje\Desktop\Defogger.exe
2013-12-16 21:22 - 2013-12-16 21:23 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\antje\Downloads\mbam-setup-1.75.0.1300.exe
2013-12-16 20:54 - 2013-12-16 20:54 - 00614784 _____ C:\Users\antje\Downloads\Malwarebytes Anti Malware - CHIP-Downloader.exe
2013-12-16 20:54 - 2013-12-16 20:54 - 00614784 _____ C:\Users\antje\Downloads\Malwarebytes Anti Malware - CHIP-Downloader(1).exe
2013-12-16 14:07 - 2013-12-16 14:07 - 15682442 _____ C:\Users\antje\Desktop\Lubinus.Nilufar.Sommerfeld.zip
2013-12-16 14:05 - 2013-12-16 14:06 - 00000000 ____D C:\Users\antje\Desktop\Lubinus.Nilufar.Sommerfeld
2013-12-15 10:49 - 2013-12-15 10:49 - 00014222 _____ C:\Users\antje\Downloads\lufthansa_6d436087-326f-4322-89be-e91a7e1e9861.pkpass
2013-12-13 15:14 - 2013-12-13 15:14 - 00000916 _____ C:\Users\Public\Desktop\Adobe Download Assistant.lnk
2013-12-13 15:14 - 2013-12-13 15:14 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2013-12-13 15:14 - 2013-12-13 15:14 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2013-12-13 15:14 - 2013-12-13 15:14 - 00000000 ____D C:\Users\antje\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
2013-12-13 15:14 - 2013-12-13 15:14 - 00000000 ____D C:\Program Files\Common Files\Adobe AIR
2013-12-13 15:14 - 2013-12-13 15:14 - 00000000 ____D C:\Program Files\Adobe Download Assistant
2013-12-13 15:12 - 2013-12-13 15:13 - 02469824 _____ C:\Users\antje\Downloads\AdobeDownloadAssistant.exe
2013-12-13 15:11 - 2013-12-13 15:11 - 00401752 _____ (Softonic                                        ) C:\Users\antje\Downloads\SoftonicDownloader_fuer_photoscape.exe
2013-12-12 21:36 - 2013-10-30 05:12 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\SysFxUI.dll
2013-12-12 21:36 - 2013-10-30 04:43 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2013-12-12 21:36 - 2013-10-30 03:43 - 00167936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2013-12-12 21:36 - 2013-10-30 03:35 - 02050560 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-12-12 21:36 - 2013-10-25 11:19 - 06018560 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-12-12 21:36 - 2013-10-22 10:19 - 00158208 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2013-12-12 21:36 - 2013-10-11 05:08 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2013-12-12 21:36 - 2013-10-11 05:08 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2013-12-12 21:36 - 2013-10-11 05:08 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wshcon.dll
2013-12-12 21:36 - 2013-10-11 03:35 - 00155648 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2013-12-12 21:36 - 2013-10-11 03:35 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2013-12-12 21:35 - 2013-10-25 11:25 - 00916992 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-12-12 21:35 - 2013-10-25 11:24 - 01213440 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-12-12 21:35 - 2013-10-25 11:24 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-12-12 21:35 - 2013-10-25 11:22 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-12-12 21:35 - 2013-10-25 11:20 - 00611840 _____ (Microsoft Corporation) C:\Windows\system32\mstime.dll
2013-12-12 21:35 - 2013-10-25 11:19 - 00630272 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-12-12 21:35 - 2013-10-25 11:19 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-12-12 21:35 - 2013-10-25 11:19 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-12-12 21:35 - 2013-10-25 11:18 - 11111936 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-12-12 21:35 - 2013-10-25 11:18 - 02005504 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-12-12 21:35 - 2013-10-25 11:18 - 01469440 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-12-12 21:35 - 2013-10-25 11:18 - 00387584 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-12-12 21:35 - 2013-10-25 11:18 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-12-12 21:35 - 2013-10-25 11:18 - 00164352 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-12-12 21:35 - 2013-10-25 11:18 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-12-12 21:35 - 2013-10-25 11:18 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-12-12 21:35 - 2013-10-25 11:18 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-12-12 21:35 - 2013-10-25 11:18 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-12-12 21:35 - 2013-10-25 11:18 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-12-12 21:35 - 2013-10-25 11:16 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\corpol.dll
2013-12-12 21:35 - 2013-10-25 09:39 - 00385024 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-12-12 21:35 - 2013-10-25 07:55 - 00174080 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-12-12 21:35 - 2013-10-25 07:55 - 00133632 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-12-12 21:35 - 2013-10-25 07:53 - 01638912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-12-12 21:35 - 2013-10-25 07:53 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-12-10 11:08 - 2013-12-10 11:08 - 00000582 _____ C:\Users\antje\Desktop\Fotos_Bühnenwerk.lnk
2013-12-10 11:03 - 2013-12-10 11:04 - 01495500 _____ C:\Users\antje\Downloads\Fotos_Bühnenwerk.zip
2013-11-27 09:45 - 2013-11-27 09:50 - 00049904 _____ C:\Users\antje\Desktop\Unterschrift.Natalja.psp
2013-11-27 08:58 - 2013-11-27 08:58 - 00000000 ____D C:\Users\antje\Desktop\27.11.2013
2013-11-23 19:10 - 2013-11-29 09:35 - 00000000 ____D C:\Users\antje\Desktop\scaNS
2013-11-23 00:51 - 2013-11-23 00:51 - 00000000 ____D C:\Users\antje\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard

==================== One Month Modified Files and Folders =======

2013-12-16 21:49 - 2013-12-16 21:48 - 00027860 _____ C:\Users\antje\Desktop\FRST.txt
2013-12-16 21:49 - 2013-11-15 11:19 - 00000396 ____H C:\Windows\Tasks\User_Feed_Synchronization-{6F8A69D5-92C7-433B-B0C4-CA3DB482CC12}.job
2013-12-16 21:48 - 2013-12-16 21:48 - 00000000 ____D C:\FRST
2013-12-16 21:48 - 2009-12-16 23:27 - 01564067 _____ C:\Windows\WindowsUpdate.log
2013-12-16 21:47 - 2013-12-16 21:47 - 01060997 _____ (Farbar) C:\Users\antje\Desktop\FRST.exe
2013-12-16 21:47 - 2010-04-07 10:39 - 00000416 ____H C:\Windows\Tasks\User_Feed_Synchronization-{DBB08646-4DAB-49FD-A054-36120F768FB3}.job
2013-12-16 21:47 - 2006-11-02 14:18 - 00000000 ____D C:\Windows\tracing
2013-12-16 21:45 - 2013-09-10 11:41 - 00000000 ____D C:\Users\antje\Desktop\Zeugnisse
2013-12-16 21:45 - 2008-08-28 08:26 - 00000438 ____H C:\Windows\Tasks\User_Feed_Synchronization-{103B65BD-4798-4CA0-9487-EB211B637804}.job
2013-12-16 21:44 - 2013-08-26 15:52 - 00000000 ____D C:\Users\antje\Desktop\DCIM
2013-12-16 21:42 - 2013-12-16 21:41 - 00377856 _____ C:\Users\antje\Desktop\gmer_2.1.19163.exe
2013-12-16 21:39 - 2013-12-16 21:39 - 00000472 _____ C:\Windows\system32\defogger_disable.log
2013-12-16 21:37 - 2013-12-16 21:36 - 00000446 _____ C:\Users\antje\Downloads\defogger_disable.log
2013-12-16 21:36 - 2013-12-16 21:36 - 00000000 _____ C:\Users\antje\defogger_reenable
2013-12-16 21:36 - 2009-12-16 23:34 - 00000000 ____D C:\Users\antje
2013-12-16 21:35 - 2013-12-16 21:35 - 00050477 _____ C:\Users\antje\Desktop\Defogger.exe
2013-12-16 21:25 - 2010-02-02 21:13 - 00000000 ____D C:\Users\antje\AppData\Roaming\Skype
2013-12-16 21:23 - 2013-12-16 21:22 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\antje\Downloads\mbam-setup-1.75.0.1300.exe
2013-12-16 21:20 - 2010-06-16 16:07 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-12-16 21:17 - 2006-11-02 15:47 - 00004016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-12-16 21:17 - 2006-11-02 15:47 - 00004016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-12-16 21:15 - 2012-08-11 21:14 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-12-16 20:54 - 2013-12-16 20:54 - 00614784 _____ C:\Users\antje\Downloads\Malwarebytes Anti Malware - CHIP-Downloader.exe
2013-12-16 20:54 - 2013-12-16 20:54 - 00614784 _____ C:\Users\antje\Downloads\Malwarebytes Anti Malware - CHIP-Downloader(1).exe
2013-12-16 14:07 - 2013-12-16 14:07 - 15682442 _____ C:\Users\antje\Desktop\Lubinus.Nilufar.Sommerfeld.zip
2013-12-16 14:06 - 2013-12-16 14:05 - 00000000 ____D C:\Users\antje\Desktop\Lubinus.Nilufar.Sommerfeld
2013-12-16 14:05 - 2008-08-28 07:28 - 00098749 _____ C:\ProgramData\nvModes.001
2013-12-16 13:53 - 2013-09-10 21:34 - 00000000 ____D C:\Users\antje\Documents\Eigene Scans
2013-12-16 09:21 - 2011-11-07 01:13 - 00000000 ____D C:\Users\antje\AppData\Roaming\Dropbox
2013-12-16 09:20 - 2011-11-07 01:16 - 00000000 ___RD C:\Users\antje\Dropbox
2013-12-16 09:19 - 2012-12-24 00:24 - 00000374 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2013-12-16 09:18 - 2009-12-16 23:34 - 00000000 ____D C:\Users\antje\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Home Cinema
2013-12-16 09:17 - 2012-09-06 22:40 - 00065536 _____ C:\Windows\system32\Ikeext.etl
2013-12-16 09:17 - 2010-06-16 16:07 - 00001094 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-12-16 09:17 - 2006-11-02 16:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-12-15 20:38 - 2013-10-11 10:28 - 00163455 _____ C:\Windows\Minidump\Mini121513-01.dmp
2013-12-15 20:38 - 2010-03-30 12:52 - 00000000 ____D C:\Windows\Minidump
2013-12-15 17:39 - 2006-11-02 16:01 - 00032610 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-12-15 10:49 - 2013-12-15 10:49 - 00014222 _____ C:\Users\antje\Downloads\lufthansa_6d436087-326f-4322-89be-e91a7e1e9861.pkpass
2013-12-15 01:38 - 2008-08-28 05:21 - 00000012 _____ C:\Windows\bthservsdp.dat
2013-12-13 18:35 - 2013-07-13 23:48 - 00000000 ____D C:\Windows\system32\MRT
2013-12-13 18:11 - 2013-10-11 10:28 - 00163279 _____ C:\Windows\Minidump\Mini121313-01.dmp
2013-12-13 16:03 - 2006-11-02 15:47 - 00435344 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-13 16:00 - 2013-07-25 21:19 - 00128700 _____ C:\Windows\PFRO.log
2013-12-13 15:57 - 2008-08-28 07:26 - 00000000 ____D C:\Windows\system32\RTCOM
2013-12-13 15:57 - 2008-08-28 07:22 - 00000000 ____D C:\ProgramData\NVIDIA
2013-12-13 15:14 - 2013-12-13 15:14 - 00000916 _____ C:\Users\Public\Desktop\Adobe Download Assistant.lnk
2013-12-13 15:14 - 2013-12-13 15:14 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2013-12-13 15:14 - 2013-12-13 15:14 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2013-12-13 15:14 - 2013-12-13 15:14 - 00000000 ____D C:\Users\antje\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
2013-12-13 15:14 - 2013-12-13 15:14 - 00000000 ____D C:\Program Files\Common Files\Adobe AIR
2013-12-13 15:14 - 2013-12-13 15:14 - 00000000 ____D C:\Program Files\Adobe Download Assistant
2013-12-13 15:14 - 2009-12-16 23:41 - 00000000 ____D C:\Users\antje\AppData\Roaming\Adobe
2013-12-13 15:14 - 2008-08-28 11:22 - 00000000 ____D C:\ProgramData\Adobe
2013-12-13 15:14 - 2008-08-28 11:22 - 00000000 ____D C:\Program Files\Adobe
2013-12-13 15:13 - 2013-12-13 15:12 - 02469824 _____ C:\Users\antje\Downloads\AdobeDownloadAssistant.exe
2013-12-13 15:13 - 2009-12-16 23:41 - 00000000 ____D C:\Users\antje\AppData\Local\Adobe
2013-12-13 15:11 - 2013-12-13 15:11 - 00401752 _____ (Softonic                                        ) C:\Users\antje\Downloads\SoftonicDownloader_fuer_photoscape.exe
2013-12-13 14:57 - 2008-08-28 11:53 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-12-13 14:45 - 2006-11-02 13:24 - 88123800 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2013-12-10 20:52 - 2013-10-11 10:28 - 00164127 _____ C:\Windows\Minidump\Mini121013-01.dmp
2013-12-10 11:08 - 2013-12-10 11:08 - 00000582 _____ C:\Users\antje\Desktop\Fotos_Bühnenwerk.lnk
2013-12-10 11:04 - 2013-12-10 11:03 - 01495500 _____ C:\Users\antje\Downloads\Fotos_Bühnenwerk.zip
2013-12-04 23:13 - 2013-10-11 10:28 - 00163407 _____ C:\Windows\Minidump\Mini120413-01.dmp
2013-12-01 11:57 - 2006-11-02 14:18 - 00000000 ____D C:\Windows\system32\LogFiles
2013-11-30 13:53 - 2013-02-20 17:28 - 00000000 ____D C:\ProgramData\PC Suite
2013-11-29 09:35 - 2013-11-23 19:10 - 00000000 ____D C:\Users\antje\Desktop\scaNS
2013-11-27 15:10 - 2013-07-30 15:22 - 00020716 _____ C:\Windows\setupact.log
2013-11-27 09:50 - 2013-11-27 09:45 - 00049904 _____ C:\Users\antje\Desktop\Unterschrift.Natalja.psp
2013-11-27 08:58 - 2013-11-27 08:58 - 00000000 ____D C:\Users\antje\Desktop\27.11.2013
2013-11-27 08:55 - 2010-02-02 21:11 - 00000000 ___RD C:\Program Files\Skype
2013-11-27 08:55 - 2010-02-02 21:11 - 00000000 ____D C:\ProgramData\Skype
2013-11-26 08:56 - 2013-07-06 00:43 - 00000000 ____D C:\Program Files\Common Files\Umbrella
2013-11-23 00:51 - 2013-11-23 00:51 - 00000000 ____D C:\Users\antje\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard
2013-11-19 14:10 - 2012-04-26 15:18 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-11-18 11:01 - 2013-07-04 09:54 - 00000000 ____D C:\Program Files\Mozilla Firefox

Files to move or delete:
====================
C:\Users\antje\AppData\Roaming\desktop.ini


Some content of TEMP:
====================
C:\Users\antje\AppData\Local\Temp\6nt3oifa.dll
C:\Users\antje\AppData\Local\Temp\AskSLib.dll
C:\Users\antje\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\antje\AppData\Local\Temp\NOSEventMessages.dll
C:\Users\antje\AppData\Local\Temp\setup_fsu_cid.exe
C:\Users\antje\AppData\Local\Temp\SkypeSetup.exe
C:\Users\antje\AppData\Local\Temp\uninst1.exe
C:\Users\Nilu\AppData\Local\Temp\AskSLib.dll
C:\Users\Nilu\AppData\Local\Temp\IminentSetup.exe
C:\Users\Nilu\AppData\Local\Temp\SeeSimilarSetup.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit