Google Redirect Virus lässt sich nicht aus dem Netzwerk entfernen und plötzlicher Bluescreen

TheMrDJJ · 02.01.2014, 15:05

Hi,

Ich werde seit einigen Tagen bei Google-Suchen ungewollt auf dubiose Webseiten umgeleitet (z.B. "URL4Short.info").
Das geschieht allerdings nicht nur auf meinem PC, sondern auch auf unserem Familien-Tablet-PC.
Beide Geräte sind am gleichen privaten WiFi-Netzwerk.

Ich habe bereits folgende Schritt unternommen:

Scan mit Security Essentials. Es wurden 2 Bedrohungen gefunden und entfernt. Logfile siehe unten.
Scan mit Malwarebytes Anti-Malware. Es wurden 13 weitere Bedrohungen gefunden und entfernt. Logfile siehe unten.
Ich vermute, dass dort auch viel Adware dabei war, die ich mir auf einer der umgeleiteten Seiten eingefangen habe.
Zum Schutz hiervor habe ich mir bereits Web of trust in Firefox installiert, die ungewollten Werbebanner sind verschwunden.
Ich habe die Tipps in diesem Video: hxxp://www.youtube.com/watch?v=H-YPtErh1t4 befolgt.
Ich habe mir also die "hosts"-Datei unter System32/drivers/etc angeschaut, dort konnte ich aber keinen zusätzlichen (verdächtigen) Eintrag finden.
Dann habe ich die "ntbtlog.txt" laut Anleitung erstellt, habe dort aber keinen verdächtigen Eintrag gefunden. "ntbtlog.txt" siehe unten.
Ich habe die hier im Forum geforderten Logfiles mit Hilfe der drei Programme erstellt. Logfiles siehe untern.

Komischerweise hatte ich direkt nach dem letzten Schritt einen plötzlichen Bluescreen (ich habe in dem Moment nichts getan), danach lies sich der PC wieder normal starten.
Bis jetzt ist das nicht wieder passiert.
Ich glaube auch mir einzubilden, dass der PC etwas langsamer läuft.

Vielen Dank im Voraus und frohes Neues,
Daniel

--------------Ende des Posts es folgen Logfiles----------------------------

MPDetection-[...].log (Security Essentials)

Code:

ATTFilter

2013-12-22T20:09:25.369Z Service started - Microsoft Security Essentials (EDB4FA23-53B8-4AFA-8C5D-99752CCA7094)
2013-12-22T20:09:36.933Z Version: Product 4.4.304.0 Service 4.4.304.0 Engine 1.1.10201.0 AS 1.165.416.0 AV 1.165.416.0
2013-12-23T10:53:08.623Z Service started - Microsoft Security Essentials (EDB4FA23-53B8-4AFA-8C5D-99752CCA7094)
2013-12-23T10:53:16.184Z Version: Product 4.4.304.0 Service 4.4.304.0 Engine 1.1.10201.0 AS 1.165.416.0 AV 1.165.416.0
2013-12-24T10:28:57.876Z Service started - Microsoft Security Essentials (EDB4FA23-53B8-4AFA-8C5D-99752CCA7094)
2013-12-24T10:29:02.803Z Version: Product 4.4.304.0 Service 4.4.304.0 Engine 1.1.10201.0 AS 1.165.470.0 AV 1.165.470.0
2013-12-25T08:59:14.556Z Service started - Microsoft Security Essentials (EDB4FA23-53B8-4AFA-8C5D-99752CCA7094)
2013-12-25T08:59:23.405Z Version: Product 4.4.304.0 Service 4.4.304.0 Engine 1.1.10201.0 AS 1.165.566.0 AV 1.165.566.0
2013-12-26T15:56:20.667Z Service started - Microsoft Security Essentials (EDB4FA23-53B8-4AFA-8C5D-99752CCA7094)
2013-12-26T15:56:28.486Z Version: Product 4.4.304.0 Service 4.4.304.0 Engine 1.1.10201.0 AS 1.165.566.0 AV 1.165.566.0
2013-12-27T10:07:20.744Z Service started - Microsoft Security Essentials (EDB4FA23-53B8-4AFA-8C5D-99752CCA7094)
2013-12-27T10:07:31.503Z Version: Product 4.4.304.0 Service 4.4.304.0 Engine 1.1.10201.0 AS 1.165.634.0 AV 1.165.634.0
2013-12-27T17:08:51.764Z Service started - Microsoft Security Essentials (EDB4FA23-53B8-4AFA-8C5D-99752CCA7094)
2013-12-27T17:08:56.522Z Version: Product 4.4.304.0 Service 4.4.304.0 Engine 1.1.10201.0 AS 1.165.634.0 AV 1.165.634.0
2013-12-28T08:35:01.892Z Service started - Microsoft Security Essentials (EDB4FA23-53B8-4AFA-8C5D-99752CCA7094)
2013-12-28T08:35:14.047Z Version: Product 4.4.304.0 Service 4.4.304.0 Engine 1.1.10201.0 AS 1.165.634.0 AV 1.165.634.0
2013-12-28T11:38:48.934Z Service started - Microsoft Security Essentials (EDB4FA23-53B8-4AFA-8C5D-99752CCA7094)
2013-12-28T11:38:59.632Z Version: Product 4.4.304.0 Service 4.4.304.0 Engine 1.1.10201.0 AS 1.165.755.0 AV 1.165.755.0
2013-12-28T17:12:12.009Z Service started - Microsoft Security Essentials (EDB4FA23-53B8-4AFA-8C5D-99752CCA7094)
2013-12-28T17:12:18.594Z Version: Product 4.4.304.0 Service 4.4.304.0 Engine 1.1.10201.0 AS 1.165.755.0 AV 1.165.755.0
2013-12-29T09:18:03.979Z Service started - Microsoft Security Essentials (EDB4FA23-53B8-4AFA-8C5D-99752CCA7094)
2013-12-29T09:18:09.178Z Version: Product 4.4.304.0 Service 4.4.304.0 Engine 1.1.10201.0 AS 1.165.755.0 AV 1.165.755.0
2013-12-29T10:06:45.931Z Service started - Microsoft Security Essentials (EDB4FA23-53B8-4AFA-8C5D-99752CCA7094)
2013-12-29T10:06:54.098Z Version: Product 4.4.304.0 Service 4.4.304.0 Engine 1.1.10201.0 AS 1.165.787.0 AV 1.165.787.0
2013-12-29T15:30:15.293Z Service started - Microsoft Security Essentials (EDB4FA23-53B8-4AFA-8C5D-99752CCA7094)
2013-12-29T15:30:22.380Z Version: Product 4.4.304.0 Service 4.4.304.0 Engine 1.1.10201.0 AS 1.165.787.0 AV 1.165.787.0
2013-12-30T09:46:37.759Z Service started - Microsoft Security Essentials (EDB4FA23-53B8-4AFA-8C5D-99752CCA7094)
2013-12-30T09:46:43.669Z Version: Product 4.4.304.0 Service 4.4.304.0 Engine 1.1.10201.0 AS 1.165.787.0 AV 1.165.787.0
2013-12-30T12:54:29.945Z Service started - Microsoft Security Essentials (EDB4FA23-53B8-4AFA-8C5D-99752CCA7094)
2013-12-30T12:54:37.517Z Version: Product 4.4.304.0 Service 4.4.304.0 Engine 1.1.10201.0 AS 1.165.822.0 AV 1.165.822.0
2013-12-30T17:17:07.478Z Service started - Microsoft Security Essentials (EDB4FA23-53B8-4AFA-8C5D-99752CCA7094)
2013-12-30T17:17:30.530Z Version: Product 4.4.304.0 Service 4.4.304.0 Engine 1.1.10201.0 AS 1.165.822.0 AV 1.165.822.0
2013-12-31T10:47:53.648Z Service started - Microsoft Security Essentials (EDB4FA23-53B8-4AFA-8C5D-99752CCA7094)
2013-12-31T10:48:02.790Z Version: Product 4.4.304.0 Service 4.4.304.0 Engine 1.1.10201.0 AS 1.165.822.0 AV 1.165.822.0
2013-12-31T20:58:22.483Z Service started - Microsoft Security Essentials (EDB4FA23-53B8-4AFA-8C5D-99752CCA7094)
2013-12-31T20:58:27.070Z Version: Product 4.4.304.0 Service 4.4.304.0 Engine 1.1.10201.0 AS 1.165.887.0 AV 1.165.887.0
2014-01-01T10:54:58.152Z Service started - Microsoft Security Essentials (EDB4FA23-53B8-4AFA-8C5D-99752CCA7094)
2014-01-01T10:55:07.653Z Version: Product 4.4.304.0 Service 4.4.304.0 Engine 1.1.10201.0 AS 1.165.887.0 AV 1.165.887.0
2014-01-01T17:45:47.160Z Service started - Microsoft Security Essentials (EDB4FA23-53B8-4AFA-8C5D-99752CCA7094)
2014-01-01T17:45:51.819Z Version: Product 4.4.304.0 Service 4.4.304.0 Engine 1.1.10201.0 AS 1.165.977.0 AV 1.165.977.0
2014-01-01T19:26:58.904Z Service started - Microsoft Security Essentials (EDB4FA23-53B8-4AFA-8C5D-99752CCA7094)
2014-01-01T19:27:10.819Z Version: Product 4.4.304.0 Service 4.4.304.0 Engine 1.1.10201.0 AS 1.165.977.0 AV 1.165.977.0
2014-01-01T19:49:06.147Z DETECTION Adware:Win32/FastSaveApp file:C:\$Recycle.Bin\S-1-5-21-3895061128-266478412-1364876304-1000\$RJMGT3N\ikpkdkdpjekaglclmjjgaghjfnmbjegm.crx->manifest.json
2014-01-01T19:49:06.159Z DETECTION Adware:Win32/FastSaveApp file:C:\$Recycle.Bin\S-1-5-21-3895061128-266478412-1364876304-1000\$RJMGT3N\settings.ini
2014-01-01T20:00:33.809Z DETECTION Exploit:Java/CVE-2012-1723 file:C:\Users\Magda\AppData\Local\Temp\jar_cache9051801770020012867.tmp->Cfsdfs77.class
2014-01-01T20:00:38.149Z DETECTION Exploit:Java/CVE-2012-1723 file:C:\Users\Magda\AppData\Local\Temp\jar_cache9051801770020012867.tmp->XTTP.class
2014-01-01T20:37:46.367Z Service stopped with exit code 0x0
2014-01-01T20:38:38.449Z Service started - Microsoft Security Essentials (EDB4FA23-53B8-4AFA-8C5D-99752CCA7094)
2014-01-01T20:38:43.690Z Version: Product 4.4.304.0 Service 4.4.304.0 Engine 1.1.10201.0 AS 1.165.977.0 AV 1.165.977.0
2014-01-02T08:19:17.759Z Service started - Microsoft Security Essentials (EDB4FA23-53B8-4AFA-8C5D-99752CCA7094)
2014-01-02T08:19:25.631Z Version: Product 4.4.304.0 Service 4.4.304.0 Engine 1.1.10201.0 AS 1.165.977.0 AV 1.165.977.0

mbam-log-[...].txt (MBAM)

Code:

ATTFilter

 Malwarebytes Anti-Malware  (Trial) 1.75.0.1300
www.malwarebytes.org

Database version: v2014.01.01.05

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16750
Juschus :: JUSCHUS-VAIO [administrator]

Protection: Enabled

01/01/2014 20:46:47
mbam-log-2014-01-01 (20-46-47).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 418631
Time elapsed: 50 minute(s), 2 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 2
C:\Users\Juschus\AppData\Local\Temp\CT3203625 (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Juschus\AppData\Local\Temp\CT3297931 (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.

Files Detected: 9
C:\$Recycle.Bin\S-1-5-21-3895061128-266478412-1364876304-1000\$RJMGT3N\uninstall.exe (PUP.Optional.SilentInstall.A) -> Quarantined and deleted successfully.
C:\Users\Daniel\AppData\Local\Temp\JKfR6oor.exe.part (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Juschus\AppData\Local\Temp\OptimizerPro.exe (PUP.Optional.OptimizePro.A) -> Quarantined and deleted successfully.
C:\Users\Juschus\AppData\Local\Temp\CT3203625\statisticsStub.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Juschus\Local Settings\Temporary Internet Files\Content.IE5\OSO3323Z\tonebytes_4929[1].exe (PUP.Optional.InstallMonetizer.A) -> Quarantined and deleted successfully.
C:\Users\Juschus\Local Settings\Temporary Internet Files\Content.IE5\XINL9W75\statisticsstub[1].exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Magda\AppData\Local\Temp\1SKKKKKKK.exe (Exploit.Drop.GS) -> Quarantined and deleted successfully.
C:\Users\Juschus\AppData\Local\Temp\CT3203625\parameters.csf (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Juschus\AppData\Local\Temp\CT3297931\ddt.csf (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.

(end)

defogger_disable.log (Defogger) (es gab keine Fehlermeldung)

Code:

ATTFilter

defogger_disable by jpshortstuff (23.02.10.1)
Log created at 13:44 on 02/01/2014 (Juschus)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-

FRST.txt (FRST64)

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-01-2014 01
Ran by Daniel (ATTENTION: The logged in user is not administrator) on JUSCHUS-VAIO on 02-01-2014 13:45:27
Running from C:\Users\Daniel\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 5520 series\Bin\ScanToPCActivationApp.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe
(Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\Reader\Data\bin\launcher\Reader Library Launcher.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Sony Corporation) C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ReaderAppHelper.exe
() C:\Program Files (x86)\Bamboo Dock\BambooCore.exe
(KORG Inc.) C:\Program Files (x86)\KORG\KORG USB-MIDI Driver\EsHelper2.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Sony of America Corporation) C:\Program Files\Sony\VAIO Care\listener.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11895400 2011-07-20] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2226280 2011-07-20] (Realtek Semiconductor)
HKLM\...\Run: [AtherosBtStack] - C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [947360 2011-07-05] (Atheros Commnucations)
HKLM\...\Run: [AthBtTray] - C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [797344 2011-07-05] (Atheros Commnucations)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2531624 2011-06-22] (Synaptics Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [497648 2010-07-29] (Adobe Systems Incorporated)
HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [1266912 2013-10-23] (Microsoft Corporation)
HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe [1012000 2013-05-16] (NVIDIA Corporation)
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2011-01-12] (Intel Corporation)
HKLM-x32\...\Run: [Dolby Home Theater v4] - C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe [500736 2011-05-02] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [ISBMgr.exe] - C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [2801288 2011-05-31] (Sony Corporation)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [Reader Library Launcher] - C:\Program Files (x86)\Sony\Reader\Data\bin\launcher\Reader Library Launcher.exe [906648 2010-07-13] (Sony Corporation)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [421776 2012-06-07] (Apple Inc.)
HKLM-x32\...\Run: [Reader Application Helper] - C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ReaderAppHelper.exe [899400 2013-03-18] (Sony Corporation)
HKLM-x32\...\Run: [BambooCore] - C:\Program Files (x86)\Bamboo Dock\BambooCore.exe [646744 2012-10-16] ()
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [KORG USB-MIDI Driver] - C:\Program Files (x86)\KORG\KORG USB-MIDI Driver\EsHelper2.exe [394248 2013-01-08] (KORG Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKCU\...\Run: [LightScribe Control Panel] - C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2736128 2013-01-16] (Hewlett-Packard Company)
HKCU\...\Run: [Steam] - C:\Program Files (x86)\Steam\Steam.exe [1823656 2013-12-11] (Valve Corporation)
HKCU\...\Run: [HP Photosmart 5520 series (NET)] - C:\Program Files\HP\HP Photosmart 5520 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
MountPoints2: {c689b126-9c52-11e2-a115-f0bf97d8419f} - E:\AutoRun.exe
MountPoints2: {c689b163-9c52-11e2-a115-f0bf97d8419f} - E:\AutoRun.exe
MountPoints2: {c689b1ce-9c52-11e2-a115-f0bf97d8419f} - E:\AutoRun.exe

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://vaioportal.sony.eu
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://sony.msn.com
URLSearchHook: HKCU - (No Name) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - No File
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {E7914903-6BD3-46C4-9170-66424A6A5837} URL = hxxp://services.zinio.com/search?s={searchTerms}&rf=sonyslices
SearchScopes: HKCU - {F2183BDB-43CB-43F5-923E-65950E296EC5} URL = hxxp://rover.ebay.com/rover/1/710-42480-16445-33/4?mpre=hxxp://shop.ebay.co.uk/?oemInLn=ieSrch-Q311&_nkw={searchTerms}
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: SaveByclick - {F263F5E4-C485-C3E7-0A30-6E0664620DAF} - C:\ProgramData\SaveByclick\50dc5ae069268.dll No File
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\sc4e3n6i.default
FF Homepage: hxxp://de.msn.com/
FF NetworkProxy: "backup.ftp", "188.138.104.221 "
FF NetworkProxy: "backup.ftp_port", 3128
FF NetworkProxy: "backup.socks", "188.138.104.221 "
FF NetworkProxy: "backup.socks_port", 3128
FF NetworkProxy: "backup.ssl", "188.138.104.221 "
FF NetworkProxy: "backup.ssl_port", 3128
FF NetworkProxy: "ftp", "188.138.104.221"
FF NetworkProxy: "ftp_port", 3128
FF NetworkProxy: "http", "188.138.104.221"
FF NetworkProxy: "http_port", 3128
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "socks", "188.138.104.221"
FF NetworkProxy: "socks_port", 3128
FF NetworkProxy: "ssl", "188.138.104.221"
FF NetworkProxy: "ssl_port", 3128
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.2 - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1165635.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @sony.com/eBookLibrary - C:\Program Files (x86)\Sony\Reader\Data\bin\npebldetectmoz.dll (Sony Corporation)
FF Plugin-x32: @sony.com/ReaderDesktop - C:\Program Files (x86)\Sony\ReaderDesktop\npreaderdetectmoz.dll (Sony Corporation)
FF Plugin-x32: @SonyCreativeSoftware.com/Media Go,version=1.0 - C:\Program Files (x86)\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @wacom.com/wacom-plugin,version=1.1.0.10 - C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.0.0.1 - C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.2 - C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Daniel\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: WOT - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\sc4e3n6i.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
FF Extension: Ghostery - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\sc4e3n6i.default\Extensions\firefox@ghostery.com.xpi
FF Extension: Adblock Plus - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\sc4e3n6i.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF HKLM-x32\...\Firefox\Extensions: [fmconverter@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\
FF Extension: Freemake Video Converter Plugin - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\

Chrome: 
=======
CHR HomePage: hxxp://www.google.com/
CHR RestoreOnStartup: "hxxp://www.google.com/"
CHR Extension: (Docs) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.0.0.6_0
CHR Extension: (Google Drive) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0
CHR Extension: (YouTube) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0
CHR Extension: (Google Search) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0
CHR Extension: (Gmail) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR HKLM-x32\...\Chrome\Extension: [ikpkdkdpjekaglclmjjgaghjfnmbjegm] - C:\ProgramData\SaveByclick\ikpkdkdpjekaglclmjjgaghjfnmbjegm.crx

==================== Services (Whitelisted) =================

S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [138400 2011-07-05] (Atheros)
R2 CTDevice_Srv; C:\Program Files (x86)\Creative\Shared Files\CTDevSrv.exe [61440 2007-04-02] (Creative Technology Ltd)
S3 CTUPnPSv; C:\Program Files (x86)\Creative\Creative Centrale\CTUPnPSv.exe [64000 2008-05-21] (Creative Technology Ltd)
S3 DCDhcpService; C:\Program Files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe [104096 2011-07-19] (Atheros Communication Inc.)
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] ()
S2 Internet Manager. RunOuc; C:\Program Files (x86)\T-Mobile\InternetManager_H\UpdateDog\ouc.exe [224096 2011-06-17] ()
R2 lmhosts; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 MOBK649backup; C:\Program Files (x86)\McAfee Online Backup\MOBK649backup.exe [223544 2011-04-18] (McAfee, Inc.)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-10-23] (Microsoft Corporation)
R2 MSSQL$SQLEXPRESS; c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [40999448 2008-07-10] (Microsoft Corporation)
S4 msvsmon90; C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe [4737024 2008-07-29] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [348376 2013-10-23] (Microsoft Corporation)
R2 NlaSvc; C:\Windows\System32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 nsi; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 OfficeSvc; C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [1907896 2013-11-02] (Microsoft Corporation)
S2 pr2ah4nb; C:\Windows\system32\pr2ah4nb.exe [777576 2007-07-19] (CODEMASTERS)
S2 pr2ah4nc; C:\Windows\system32\pr2ah4nc.exe [754288 2007-05-18] (CODEMASTERS)
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [259512 2011-07-22] (Sony Corporation)
S4 SQLAgent$SQLEXPRESS; c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [369688 2008-07-10] (Microsoft Corporation)
R2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [105024 2011-02-23] (ArcSoft, Inc.)
S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [887000 2011-01-20] (Sony Corporation)
R2 WTabletServiceCon; C:\Program Files\Tablet\Pen\WTabletServiceCon.exe [619904 2012-12-11] (Wacom Technology, Corp.)

==================== Drivers (Whitelisted) ====================

R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)
S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [310984 2012-01-03] ()
R3 bomebus; C:\Windows\System32\DRIVERS\bomebus.sys [34376 2010-10-12] (Bome Software)
S3 bomemidi; C:\Windows\System32\drivers\bomemidi.sys [30792 2010-10-12] (Bome Software)
S2 CdaC15BA; C:\Windows\SysWow64\drivers\CdaC15BA.SYS [12464 2013-06-08] (Macrovision Europe Ltd)
S3 huawei_wwanecm; C:\Windows\System32\DRIVERS\ew_juwwanecm.sys [239104 2012-09-18] (Huawei Technologies Co., Ltd.)
S3 KORGUMDS; C:\Windows\System32\Drivers\KORGUM64.SYS [34288 2013-01-08] (KORG INC.)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [42696 2012-01-03] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R1 MOBK649Filter; C:\Windows\System32\DRIVERS\MOBK649.sys [66040 2011-04-18] (Mozy, Inc.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [248240 2013-09-27] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [134944 2013-09-27] (Microsoft Corporation)
R0 pe3ah4nb; C:\Windows\System32\drivers\pe3ah4nb.sys [72296 2007-07-19] (CODEMASTERS)
R0 pe3ah4nc; C:\Windows\System32\drivers\pe3ah4nc.sys [72560 2007-05-18] (CODEMASTERS)
R0 ps6ah4nb; C:\Windows\System32\drivers\ps6ah4nb.sys [102000 2007-07-19] (CODEMASTERS)
R0 ps6ah4nc; C:\Windows\System32\drivers\ps6ah4nc.sys [77176 2007-05-18] (CODEMASTERS)
R2 risdsnpe; C:\Windows\system32\drivers\risdsnxc64.sys [98816 2011-06-23] (REDC)
S3 USBTINSP; C:\Windows\System32\DRIVERS\tinspusb.sys [142848 2012-03-06] (Texas Instruments)
S3 wacommousefilter; system32\DRIVERS\wacommousefilter.sys [x]
S3 wacomvhid; system32\DRIVERS\wacomvhid.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-02 13:45 - 2014-01-02 13:45 - 00022783 _____ C:\Users\Daniel\Desktop\FRST.txt
2014-01-02 13:45 - 2014-01-02 13:45 - 00000000 ____D C:\Users\Daniel\Desktop\FRST-OlderVersion
2014-01-02 13:44 - 2014-01-02 13:44 - 00000476 _____ C:\Users\Daniel\Desktop\defogger_disable.log
2014-01-02 11:22 - 2014-01-02 11:22 - 00000000 ___RD C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2014-01-01 22:33 - 2014-01-01 22:33 - 00915368 _____ (Oracle Corporation) C:\Users\Daniel\Downloads\jxpiinstall.exe
2014-01-01 22:16 - 2014-01-02 13:45 - 00000000 ____D C:\FRST
2014-01-01 22:15 - 2014-01-01 22:15 - 00000000 _____ C:\Users\Juschus\defogger_reenable
2014-01-01 22:11 - 2014-01-02 13:45 - 01931426 _____ (Farbar) C:\Users\Daniel\Desktop\FRST64.exe
2014-01-01 22:11 - 2014-01-01 22:11 - 00377856 _____ C:\Users\Daniel\Desktop\gmer_2.1.19163.exe
2014-01-01 22:11 - 2014-01-01 22:11 - 00050477 _____ C:\Users\Daniel\Desktop\Defogger.exe
2014-01-01 22:08 - 2014-01-01 22:08 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Malwarebytes
2014-01-01 21:54 - 2014-01-01 21:54 - 00388608 _____ (Trend Micro Inc.) C:\Users\Daniel\Downloads\HiJackThis204.exe
2014-01-01 21:54 - 2014-01-01 21:54 - 00019333 _____ C:\Users\Daniel\Downloads\hijackthis.log
2014-01-01 20:48 - 2014-01-01 20:48 - 00000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2014-01-01 20:48 - 2014-01-01 20:48 - 00000000 ____D C:\Program Files\CCleaner
2014-01-01 20:46 - 2014-01-01 20:46 - 00001069 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-01 20:46 - 2014-01-01 20:46 - 00000000 ____D C:\Users\Juschus\AppData\Roaming\Malwarebytes
2014-01-01 20:45 - 2014-01-01 20:46 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-01 20:45 - 2014-01-01 20:45 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-01 20:45 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-01-01 14:50 - 2014-01-01 14:50 - 00002475 _____ C:\Users\Public\Desktop\AESHelp for FSX.lnk
2014-01-01 14:47 - 2014-01-01 14:47 - 00000000 ____D C:\Users\Daniel\Downloads\AS_Airport-Enhancement-Services_V234
2014-01-01 13:51 - 2014-01-01 13:53 - 33146870 _____ C:\Users\Daniel\Downloads\Ursus tractor and trailers v11.zip
2014-01-01 13:49 - 2014-01-01 13:51 - 20036311 _____ C:\Users\Daniel\Downloads\kamaz master v1.2 .zip
2014-01-01 13:49 - 2014-01-01 13:49 - 07091447 _____ C:\Users\Daniel\Downloads\landcruiserhdj80-v1-2.zip
2014-01-01 13:48 - 2014-01-01 13:49 - 10023942 _____ C:\Users\Daniel\Downloads\actros4141.zip
2014-01-01 13:48 - 2014-01-01 13:48 - 02218739 _____ C:\Users\Daniel\Downloads\SchoolBus.zip
2014-01-01 13:47 - 2014-01-01 13:48 - 10502887 _____ C:\Users\Daniel\Downloads\UAZ_2206.zip
2014-01-01 13:41 - 2014-01-01 13:42 - 05014217 _____ C:\Users\Daniel\Downloads\lancer_evo_v2.zip
2014-01-01 13:00 - 2014-01-01 13:00 - 00000000 ____D C:\Users\Daniel\Downloads\krazLog
2014-01-01 12:25 - 2014-01-01 14:43 - 00000000 ____D C:\Users\Daniel\Downloads\STBuild120713Dev
2013-12-31 12:36 - 2013-12-31 12:36 - 00000000 ____D C:\Users\Daniel\Documents\Visual Studio 2008
2013-12-30 16:26 - 2013-12-30 16:26 - 00002879 _____ C:\Users\Juschus\Desktop\Aviation Jargon Speech Trainer.lnk
2013-12-30 16:26 - 2013-12-30 16:26 - 00002865 _____ C:\Users\Juschus\Desktop\MCE Aerosoft A320-321.lnk
2013-12-30 16:25 - 2013-12-30 16:26 - 00000000 ____D C:\Program Files (x86)\Multi Crew Experience Aerosoft AXA
2013-12-30 16:15 - 2013-12-30 16:15 - 00001744 _____ C:\Users\Public\Desktop\RAAS Pro Aerosoft Info.lnk
2013-12-30 16:15 - 2013-12-30 16:15 - 00001664 _____ C:\Users\Public\Desktop\FS2Crew Airbus X Coupon Code.lnk
2013-12-30 16:15 - 2013-12-30 16:15 - 00001539 _____ C:\Users\Public\Desktop\RAAS Pro Manual.lnk
2013-12-30 16:15 - 2013-12-30 16:15 - 00001524 _____ C:\Users\Public\Desktop\RAAS SDK.lnk
2013-12-30 16:15 - 2013-12-30 16:15 - 00000000 ____D C:\Users\Juschus\AppData\Roaming\RAASPRO
2013-12-30 16:14 - 2013-12-30 16:14 - 00000000 ____D C:\Users\Juschus\Documents\Aerosoft
2013-12-28 10:23 - 2013-12-28 10:23 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-27 13:52 - 2013-12-27 13:54 - 77481330 _____ () C:\Users\Daniel\Downloads\vR_BR103_VRot_DE_EN_V1.exe
2013-12-23 18:22 - 2013-12-23 18:22 - 00000000 ____D C:\Program Files (x86)\QuickTime
2013-12-23 18:08 - 2013-12-23 18:08 - 00000222 _____ C:\Users\Daniel\Desktop\War Thunder.url
2013-12-23 17:24 - 2013-12-23 17:24 - 00000000 ____D C:\Users\Daniel\Documents\My Games
2013-12-23 13:42 - 2013-12-23 13:42 - 00000221 _____ C:\Users\Daniel\Desktop\Audiosurf.url
2013-12-22 14:37 - 2013-12-22 14:37 - 00000000 ____D C:\Users\Daniel\Documents\Flight Simulator X-Dateien
2013-12-21 12:33 - 2013-12-21 12:33 - 00000000 ____D C:\Users\Daniel\ItchySynths_Overdose_Suite
2013-12-21 11:39 - 2011-12-19 13:08 - 02239702 _____ C:\Users\Daniel\Desktop\Demolition Man - erb N dub Drop 2.wav
2013-12-20 12:08 - 2013-12-20 12:08 - 00013653 _____ C:\Users\Daniel\Downloads\file.php
2013-12-20 12:08 - 2013-12-20 12:08 - 00000000 ____D C:\Users\Daniel\Downloads\Projekt_Szczecin
2013-12-19 20:29 - 2013-12-19 20:29 - 00000000 ____D C:\Users\Daniel\Downloads\BVG324
2013-12-19 13:03 - 2013-12-19 13:03 - 00001087 _____ C:\Users\Public\Desktop\OMSI Addon Manager.lnk
2013-12-19 13:03 - 2013-12-19 13:03 - 00000000 ____D C:\Program Files (x86)\OMSI Addon Manager
2013-12-19 13:02 - 2013-12-19 13:02 - 00000000 ____D C:\Users\Daniel\Downloads\OMSI_AM_1.2.4_Setup
2013-12-19 12:54 - 2013-12-19 12:54 - 00000000 ____D C:\Users\Daniel\Downloads\MAN_NL202-Projekt_Szczecin
2013-12-19 12:52 - 2013-12-19 12:52 - 00000000 ____D C:\Users\Daniel\Downloads\Projekt_Szczecin_3.10_20130110
2013-12-18 14:40 - 2013-12-18 14:40 - 00000222 _____ C:\Users\Daniel\Desktop\OMSI 2.url
2013-12-18 09:45 - 2013-12-18 09:45 - 00001059 _____ C:\Users\Public\Desktop\Service Center.lnk
2013-12-18 09:45 - 2013-12-18 09:45 - 00000000 __HDC C:\ProgramData\{C6A355F5-168B-4EEC-AB7C-75594F783EDB}
2013-12-18 09:45 - 2013-12-18 09:45 - 00000000 __HDC C:\ProgramData\{9D18D848-CED5-4665-9D6C-AC997FC4BCDD}
2013-12-18 09:42 - 2013-12-18 09:42 - 00000000 ____D C:\Users\Daniel\Downloads\Supercharger_110_PC
2013-12-14 13:13 - 2013-12-14 13:14 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\HpUpdate
2013-12-13 17:36 - 2013-12-13 17:36 - 00006520 _____ C:\Users\Daniel\.recently-used.xbel
2013-12-11 20:13 - 2013-05-10 06:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2013-12-11 20:13 - 2013-05-10 06:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2013-12-11 20:13 - 2013-05-10 05:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2013-12-11 20:13 - 2013-05-10 05:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2013-12-11 20:12 - 2013-10-25 07:19 - 02241536 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-12-11 20:12 - 2013-10-25 07:19 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-12-11 20:12 - 2013-10-25 07:19 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-12-11 20:12 - 2013-10-25 07:18 - 19271168 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-12-11 20:12 - 2013-10-25 07:18 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-12-11 20:12 - 2013-10-25 07:17 - 15404032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-12-11 20:12 - 2013-10-25 07:17 - 03959808 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-12-11 20:12 - 2013-10-25 07:17 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-12-11 20:12 - 2013-10-25 07:17 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-12-11 20:12 - 2013-10-25 07:17 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-12-11 20:12 - 2013-10-25 07:17 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-12-11 20:12 - 2013-10-25 07:17 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-12-11 20:12 - 2013-10-25 07:17 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-12-11 20:12 - 2013-10-25 07:17 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-12-11 20:12 - 2013-10-25 05:45 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-12-11 20:12 - 2013-10-25 05:44 - 14356992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-12-11 20:12 - 2013-10-25 05:44 - 01140736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-12-11 20:12 - 2013-10-25 05:43 - 13761536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-12-11 20:12 - 2013-10-25 05:43 - 02877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-12-11 20:12 - 2013-10-25 05:43 - 02049024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-12-11 20:12 - 2013-10-25 05:43 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-12-11 20:12 - 2013-10-25 05:43 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-12-11 20:12 - 2013-10-25 05:43 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-12-11 20:12 - 2013-10-25 05:43 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-12-11 20:12 - 2013-10-25 05:43 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-12-11 20:12 - 2013-10-25 05:43 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-12-11 20:12 - 2013-10-25 05:43 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-12-11 20:12 - 2013-10-25 05:07 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-12-11 20:12 - 2013-10-25 04:41 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-12-11 20:12 - 2013-10-25 04:17 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-12-11 20:12 - 2013-10-25 03:49 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-12-11 14:58 - 2013-11-23 19:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-12-11 14:58 - 2013-11-23 18:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-12-11 14:58 - 2013-11-12 03:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-12-11 14:58 - 2013-11-12 03:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-12-11 14:58 - 2013-10-30 03:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2013-12-11 14:58 - 2013-10-30 03:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2013-12-11 14:58 - 2013-10-30 02:24 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-12-11 14:58 - 2013-10-19 03:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2013-12-11 14:58 - 2013-10-19 02:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2013-12-11 14:57 - 2013-10-12 03:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2013-12-11 14:57 - 2013-10-12 03:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2013-12-11 14:57 - 2013-10-12 03:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2013-12-11 14:57 - 2013-10-12 03:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2013-12-11 14:57 - 2013-10-12 02:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2013-12-11 14:57 - 2013-10-12 02:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2013-12-11 14:57 - 2013-10-12 02:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2013-12-11 14:57 - 2013-10-12 02:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2013-12-11 14:57 - 2013-10-04 03:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2013-12-11 14:57 - 2013-10-04 02:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2013-12-07 12:04 - 2013-12-07 12:08 - 00000000 ____D C:\Users\Daniel\AppData\Local\HP
2013-12-07 12:03 - 2013-12-07 12:03 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard
2013-12-07 12:02 - 2013-12-07 12:02 - 00000000 ____D C:\ProgramData\Visan
2013-12-07 12:02 - 2013-12-07 12:02 - 00000000 ____D C:\ProgramData\HP Photo Creations
2013-12-07 12:02 - 2013-12-07 12:02 - 00000000 ____D C:\Program Files (x86)\HP Photo Creations
2013-12-07 12:01 - 2013-12-07 12:01 - 00000000 ____D C:\Users\Juschus\AppData\Roaming\HpUpdate
2013-12-07 12:01 - 2012-10-17 04:31 - 00741480 ____N (Hewlett-Packard Co.) C:\Windows\system32\HPDiscoPMB111.dll
2013-12-07 11:59 - 2013-12-07 12:01 - 00000000 ____D C:\Program Files (x86)\HP
2013-12-07 11:59 - 2013-12-07 11:59 - 00000000 ____D C:\ProgramData\HP
2013-12-07 11:57 - 2013-12-07 11:57 - 00000057 _____ C:\ProgramData\Ament.ini
2013-12-07 11:57 - 2013-12-07 11:57 - 00000000 ____D C:\Program Files\HP
2013-12-05 19:26 - 2013-12-05 19:26 - 08923288 _____ C:\Users\Juschus\Desktop\vuex6493.exe
2013-12-03 08:26 - 2013-12-03 08:26 - 00000000 ____D C:\ProgramData\Qualcomm Atheros

==================== One Month Modified Files and Folders =======

2014-01-02 13:45 - 2014-01-02 13:45 - 00022783 _____ C:\Users\Daniel\Desktop\FRST.txt
2014-01-02 13:45 - 2014-01-02 13:45 - 00000000 ____D C:\Users\Daniel\Desktop\FRST-OlderVersion
2014-01-02 13:45 - 2014-01-01 22:16 - 00000000 ____D C:\FRST
2014-01-02 13:45 - 2014-01-01 22:11 - 01931426 _____ (Farbar) C:\Users\Daniel\Desktop\FRST64.exe
2014-01-02 13:44 - 2014-01-02 13:44 - 00000476 _____ C:\Users\Daniel\Desktop\defogger_disable.log
2014-01-02 13:41 - 2011-12-24 13:16 - 00000000 ____D C:\Users\Daniel\AppData\Local\CrashDumps
2014-01-02 13:32 - 2013-10-28 18:22 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-02 13:25 - 2012-03-21 17:33 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Skype
2014-01-02 13:21 - 2011-12-23 15:42 - 01472247 _____ C:\Windows\WindowsUpdate.log
2014-01-02 13:20 - 2012-08-23 13:13 - 00000900 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-02 12:27 - 2009-07-14 05:51 - 00287406 _____ C:\Windows\setupact.log
2014-01-02 11:22 - 2014-01-02 11:22 - 00000000 ___RD C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2014-01-02 11:22 - 2013-07-30 17:11 - 00000000 ____D C:\Program Files (x86)\Steam
2014-01-02 11:22 - 2012-08-23 13:13 - 00000896 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-02 09:27 - 2009-07-14 05:45 - 00020928 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-02 09:27 - 2009-07-14 05:45 - 00020928 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-02 09:19 - 2011-08-25 04:52 - 00000000 ____D C:\ProgramData\NVIDIA
2014-01-02 09:19 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-01 22:33 - 2014-01-01 22:33 - 00915368 _____ (Oracle Corporation) C:\Users\Daniel\Downloads\jxpiinstall.exe
2014-01-01 22:15 - 2014-01-01 22:15 - 00000000 _____ C:\Users\Juschus\defogger_reenable
2014-01-01 22:15 - 2011-12-23 15:42 - 00000000 ____D C:\Users\Juschus
2014-01-01 22:11 - 2014-01-01 22:11 - 00377856 _____ C:\Users\Daniel\Desktop\gmer_2.1.19163.exe
2014-01-01 22:11 - 2014-01-01 22:11 - 00050477 _____ C:\Users\Daniel\Desktop\Defogger.exe
2014-01-01 22:08 - 2014-01-01 22:08 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Malwarebytes
2014-01-01 21:54 - 2014-01-01 21:54 - 00388608 _____ (Trend Micro Inc.) C:\Users\Daniel\Downloads\HiJackThis204.exe
2014-01-01 21:54 - 2014-01-01 21:54 - 00019333 _____ C:\Users\Daniel\Downloads\hijackthis.log
2014-01-01 21:44 - 2009-07-14 06:13 - 00876932 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-01 21:38 - 2010-11-21 04:47 - 00325236 _____ C:\Windows\PFRO.log
2014-01-01 20:48 - 2014-01-01 20:48 - 00000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2014-01-01 20:48 - 2014-01-01 20:48 - 00000000 ____D C:\Program Files\CCleaner
2014-01-01 20:46 - 2014-01-01 20:46 - 00001069 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-01 20:46 - 2014-01-01 20:46 - 00000000 ____D C:\Users\Juschus\AppData\Roaming\Malwarebytes
2014-01-01 20:46 - 2014-01-01 20:45 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-01 20:45 - 2014-01-01 20:45 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-01 20:25 - 2011-12-23 15:43 - 00000000 ____D C:\Windows\pss
2014-01-01 20:14 - 2011-12-23 15:45 - 00000000 ____D C:\Users\Juschus\Documents\Bluetooth Folder
2014-01-01 20:13 - 2013-11-11 19:28 - 00000000 ____D C:\Users\Daniel\Documents\Bluetooth Folder
2014-01-01 18:46 - 2009-07-14 06:08 - 00032620 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2014-01-01 14:50 - 2014-01-01 14:50 - 00002475 _____ C:\Users\Public\Desktop\AESHelp for FSX.lnk
2014-01-01 14:47 - 2014-01-01 14:47 - 00000000 ____D C:\Users\Daniel\Downloads\AS_Airport-Enhancement-Services_V234
2014-01-01 14:43 - 2014-01-01 12:25 - 00000000 ____D C:\Users\Daniel\Downloads\STBuild120713Dev
2014-01-01 14:43 - 2012-01-14 13:15 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\SpinTires
2014-01-01 13:53 - 2014-01-01 13:51 - 33146870 _____ C:\Users\Daniel\Downloads\Ursus tractor and trailers v11.zip
2014-01-01 13:51 - 2014-01-01 13:49 - 20036311 _____ C:\Users\Daniel\Downloads\kamaz master v1.2 .zip
2014-01-01 13:49 - 2014-01-01 13:49 - 07091447 _____ C:\Users\Daniel\Downloads\landcruiserhdj80-v1-2.zip
2014-01-01 13:49 - 2014-01-01 13:48 - 10023942 _____ C:\Users\Daniel\Downloads\actros4141.zip
2014-01-01 13:48 - 2014-01-01 13:48 - 02218739 _____ C:\Users\Daniel\Downloads\SchoolBus.zip
2014-01-01 13:48 - 2014-01-01 13:47 - 10502887 _____ C:\Users\Daniel\Downloads\UAZ_2206.zip
2014-01-01 13:42 - 2014-01-01 13:41 - 05014217 _____ C:\Users\Daniel\Downloads\lancer_evo_v2.zip
2014-01-01 13:00 - 2014-01-01 13:00 - 00000000 ____D C:\Users\Daniel\Downloads\krazLog
2013-12-31 17:12 - 2013-09-29 18:55 - 00000000 ____D C:\Users\Juschus\Documents\Flight Simulator X-Dateien
2013-12-31 12:36 - 2013-12-31 12:36 - 00000000 ____D C:\Users\Daniel\Documents\Visual Studio 2008
2013-12-30 18:20 - 2011-12-23 15:52 - 00151152 _____ C:\Users\Daniel\AppData\Local\GDIPFONTCACHEV1.DAT
2013-12-30 18:17 - 2009-07-14 05:45 - 00638504 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-30 16:26 - 2013-12-30 16:26 - 00002879 _____ C:\Users\Juschus\Desktop\Aviation Jargon Speech Trainer.lnk
2013-12-30 16:26 - 2013-12-30 16:26 - 00002865 _____ C:\Users\Juschus\Desktop\MCE Aerosoft A320-321.lnk
2013-12-30 16:26 - 2013-12-30 16:25 - 00000000 ____D C:\Program Files (x86)\Multi Crew Experience Aerosoft AXA
2013-12-30 16:17 - 2011-08-25 05:48 - 00325427 _____ C:\Windows\DirectX.log
2013-12-30 16:15 - 2013-12-30 16:15 - 00001744 _____ C:\Users\Public\Desktop\RAAS Pro Aerosoft Info.lnk
2013-12-30 16:15 - 2013-12-30 16:15 - 00001664 _____ C:\Users\Public\Desktop\FS2Crew Airbus X Coupon Code.lnk
2013-12-30 16:15 - 2013-12-30 16:15 - 00001539 _____ C:\Users\Public\Desktop\RAAS Pro Manual.lnk
2013-12-30 16:15 - 2013-12-30 16:15 - 00001524 _____ C:\Users\Public\Desktop\RAAS SDK.lnk
2013-12-30 16:15 - 2013-12-30 16:15 - 00000000 ____D C:\Users\Juschus\AppData\Roaming\RAASPRO
2013-12-30 16:14 - 2013-12-30 16:14 - 00000000 ____D C:\Users\Juschus\Documents\Aerosoft
2013-12-30 15:21 - 2011-12-23 15:52 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Atheros
2013-12-29 10:37 - 2012-04-18 14:14 - 00000000 ____D C:\Users\Daniel\Documents\FFOutput
2013-12-28 12:38 - 2012-09-12 15:45 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-12-28 10:23 - 2013-12-28 10:23 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-27 13:54 - 2013-12-27 13:52 - 77481330 _____ () C:\Users\Daniel\Downloads\vR_BR103_VRot_DE_EN_V1.exe
2013-12-23 18:34 - 2013-03-25 13:39 - 00000000 ____D C:\ProgramData\WarThunder
2013-12-23 18:22 - 2013-12-23 18:22 - 00000000 ____D C:\Program Files (x86)\QuickTime
2013-12-23 18:08 - 2013-12-23 18:08 - 00000222 _____ C:\Users\Daniel\Desktop\War Thunder.url
2013-12-23 18:07 - 2013-03-25 11:50 - 00000000 ____D C:\Users\Daniel\AppData\Local\War Thunder
2013-12-23 17:24 - 2013-12-23 17:24 - 00000000 ____D C:\Users\Daniel\Documents\My Games
2013-12-23 13:42 - 2013-12-23 13:42 - 00000221 _____ C:\Users\Daniel\Desktop\Audiosurf.url
2013-12-22 14:37 - 2013-12-22 14:37 - 00000000 ____D C:\Users\Daniel\Documents\Flight Simulator X-Dateien
2013-12-21 17:43 - 2013-06-19 13:21 - 00000000 ____D C:\Users\Daniel\Documents\Fl Studio Collection
2013-12-21 16:07 - 2013-06-24 16:44 - 00000000 ____D C:\Program Files (x86)\VstPlugins
2013-12-21 12:34 - 2011-12-23 15:51 - 00000000 ____D C:\Users\Daniel
2013-12-21 12:33 - 2013-12-21 12:33 - 00000000 ____D C:\Users\Daniel\ItchySynths_Overdose_Suite
2013-12-20 12:08 - 2013-12-20 12:08 - 00013653 _____ C:\Users\Daniel\Downloads\file.php
2013-12-20 12:08 - 2013-12-20 12:08 - 00000000 ____D C:\Users\Daniel\Downloads\Projekt_Szczecin
2013-12-19 20:29 - 2013-12-19 20:29 - 00000000 ____D C:\Users\Daniel\Downloads\BVG324
2013-12-19 13:03 - 2013-12-19 13:03 - 00001087 _____ C:\Users\Public\Desktop\OMSI Addon Manager.lnk
2013-12-19 13:03 - 2013-12-19 13:03 - 00000000 ____D C:\Program Files (x86)\OMSI Addon Manager
2013-12-19 13:02 - 2013-12-19 13:02 - 00000000 ____D C:\Users\Daniel\Downloads\OMSI_AM_1.2.4_Setup
2013-12-19 12:54 - 2013-12-19 12:54 - 00000000 ____D C:\Users\Daniel\Downloads\MAN_NL202-Projekt_Szczecin
2013-12-19 12:52 - 2013-12-19 12:52 - 00000000 ____D C:\Users\Daniel\Downloads\Projekt_Szczecin_3.10_20130110
2013-12-18 14:40 - 2013-12-18 14:40 - 00000222 _____ C:\Users\Daniel\Desktop\OMSI 2.url
2013-12-18 10:34 - 2012-01-25 15:47 - 00224335 _____ C:\test.xml
2013-12-18 09:50 - 2013-11-09 12:03 - 00000000 ____D C:\Users\Daniel\Documents\Native Instruments
2013-12-18 09:45 - 2013-12-18 09:45 - 00001059 _____ C:\Users\Public\Desktop\Service Center.lnk
2013-12-18 09:45 - 2013-12-18 09:45 - 00000000 __HDC C:\ProgramData\{C6A355F5-168B-4EEC-AB7C-75594F783EDB}
2013-12-18 09:45 - 2013-12-18 09:45 - 00000000 __HDC C:\ProgramData\{9D18D848-CED5-4665-9D6C-AC997FC4BCDD}
2013-12-18 09:45 - 2013-06-25 15:26 - 00000000 ____D C:\Program Files\Common Files\Native Instruments
2013-12-18 09:45 - 2013-06-25 15:21 - 00000000 ____D C:\Program Files\Native Instruments
2013-12-18 09:42 - 2013-12-18 09:42 - 00000000 ____D C:\Users\Daniel\Downloads\Supercharger_110_PC
2013-12-16 15:37 - 2012-11-11 15:36 - 00000000 ____D C:\Users\Daniel\Documents\Kindergarten
2013-12-15 19:02 - 2012-04-18 14:04 - 00000000 ____D C:\Program Files (x86)\Google
2013-12-15 14:03 - 2013-07-29 19:19 - 00000000 ____D C:\Windows\system32\MRT
2013-12-15 14:00 - 2012-05-31 17:35 - 90708896 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-12-14 13:14 - 2013-12-14 13:13 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\HpUpdate
2013-12-13 17:36 - 2013-12-13 17:36 - 00006520 _____ C:\Users\Daniel\.recently-used.xbel
2013-12-12 16:18 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2013-12-11 17:32 - 2012-03-30 19:12 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-12-11 17:32 - 2011-08-25 05:05 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-12-11 15:08 - 2013-04-29 20:03 - 00000000 ____D C:\Program Files\Microsoft Office 15
2013-12-07 15:14 - 2013-10-03 18:32 - 00052736 ___SH C:\Users\Daniel\Documents\Thumbs.db
2013-12-07 12:08 - 2013-12-07 12:04 - 00000000 ____D C:\Users\Daniel\AppData\Local\HP
2013-12-07 12:03 - 2013-12-07 12:03 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard
2013-12-07 12:02 - 2013-12-07 12:02 - 00000000 ____D C:\ProgramData\Visan
2013-12-07 12:02 - 2013-12-07 12:02 - 00000000 ____D C:\ProgramData\HP Photo Creations
2013-12-07 12:02 - 2013-12-07 12:02 - 00000000 ____D C:\Program Files (x86)\HP Photo Creations
2013-12-07 12:01 - 2013-12-07 12:01 - 00000000 ____D C:\Users\Juschus\AppData\Roaming\HpUpdate
2013-12-07 12:01 - 2013-12-07 11:59 - 00000000 ____D C:\Program Files (x86)\HP
2013-12-07 11:59 - 2013-12-07 11:59 - 00000000 ____D C:\ProgramData\HP
2013-12-07 11:57 - 2013-12-07 11:57 - 00000057 _____ C:\ProgramData\Ament.ini
2013-12-07 11:57 - 2013-12-07 11:57 - 00000000 ____D C:\Program Files\HP
2013-12-05 19:33 - 2011-08-25 04:50 - 00037132 _____ C:\Windows\DPINST.LOG
2013-12-05 19:26 - 2013-12-05 19:26 - 08923288 _____ C:\Users\Juschus\Desktop\vuex6493.exe
2013-12-03 08:27 - 2011-08-25 04:46 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-12-03 08:26 - 2013-12-03 08:26 - 00000000 ____D C:\ProgramData\Qualcomm Atheros
2013-12-03 08:26 - 2011-12-23 15:46 - 00000000 ____D C:\Update

Some content of TEMP:
====================
C:\Users\Daniel\AppData\Local\Temp\CmdLineExt02.dll
C:\Users\Daniel\AppData\Local\Temp\HOST10852.exe
C:\Users\Daniel\AppData\Local\Temp\HOST5228.exe
C:\Users\Daniel\AppData\Local\Temp\LauncherYRFreeskiIISetup.exe
C:\Users\Daniel\AppData\Local\Temp\nokiabahn1.exe
C:\Users\Daniel\AppData\Local\Temp\SIntf16.dll
C:\Users\Daniel\AppData\Local\Temp\SIntf32.dll
C:\Users\Daniel\AppData\Local\Temp\SIntfNT.dll
C:\Users\Daniel\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Daniel\AppData\Local\Temp\TINspireStudent-3.1.0.392.exe
C:\Users\Daniel\AppData\Local\Temp\ubi276F.tmp.exe
C:\Users\Daniel\AppData\Local\Temp\ubi3322.tmp.exe
C:\Users\Daniel\AppData\Local\Temp\ubi785B.tmp.exe
C:\Users\Daniel\AppData\Local\Temp\ubi91FB.tmp.exe
C:\Users\Daniel\AppData\Local\Temp\ubi9EF1.tmp.exe
C:\Users\Daniel\AppData\Local\Temp\ubiB9DE.tmp.exe
C:\Users\Daniel\AppData\Local\Temp\ubiD78.tmp.exe
C:\Users\Daniel\AppData\Local\Temp\ubiEC05.tmp.exe
C:\Users\Daniel\AppData\Local\Temp\ubiFB02.tmp.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== End Of Log ============================

-------------------------Die maximale Länge des Posts wurde überschritten, ich hänge die restlichen Logfiles (Addition.txt und gmer.txt) laut Anleitung als "Anhang" an diesen Post dran.---------------

Google Redirect Virus lässt sich nicht aus dem Netzwerk entfernen und plötzlicher Bluescreen

Log-Analyse und Auswertung: Google Redirect Virus lässt sich nicht aus dem Netzwerk entfernen und plötzlicher Bluescreen

Google Redirect Virus lässt sich nicht aus dem Netzwerk entfernen und plötzlicher Bluescreen

Ähnliche Themen: Google Redirect Virus lässt sich nicht aus dem Netzwerk entfernen und plötzlicher Bluescreen