Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Win7:Trojaner, Spione oder ähnliches drauf?

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 23.01.2014, 10:13   #1
Nexu07
 
Win7:Trojaner, Spione oder ähnliches drauf? - Standard

Win7:Trojaner, Spione oder ähnliches drauf?



Hallo!
Ich hoffe es kann jemand helfen.
Ich hatte kurz nach Installation von Cyberghost VPN 5 das Problem, das Firefox die Meldung brachte "Etwas hindert Firefox daran, sicher zu aktualisieren". Im Firefoxforum wurde mir geraten mit Malwarebytes und AdwCleaner zu suchen. Malwarebytes hat nichts gefunden, AdwCleaner hat ein Paar Reste von Toolbars oder sowas entfernt. Malwarebytes beist sich aber mit meinem Bitdefender, der spinnt völlig wenn es installiert ist. Die Logdateien habe ich leider nicht mehr, wurde aber bereits gepostet:
hxxp://www.camp-firefox.de/forum/viewtopic.php?f=1&t=106602
Housecall sowie der installierte Bitdefender haben zu diesem Zeitpunkt nichts gefunden.
Da nach dem AdwCleaner das Problem weiter bestand und nach einem Cyberghost-Update der Rechner langsam wurde und der Systemproxy nicht mehr ging, habe ich ein älteres Backup wieder hergestellt wo die Probleme nicht bestanden haben.
Nachdem jetzt jedoch bei dem BSI-Sicherheitstest zwei meiner email-Adressen betroffen sind habe ich nochmal alle möglichen Scanner laufen lassen:
ESET onlinescan findet nichts.
Spybot findet nichts.
F-Secure Onlinescan findet nichts.
AdwCleaner findet nichts mehr.
EU-Cleaner von Avira findet in einer Datei ADWARE/adware.gen, da es keine Systemdatei war sondern wohl in meiner Musiksammlung eine .xm zur .exe umbenannt wurde habe ich das löschen lassen.
Eine Logdatei vom EU-Clenaer zum posten kann ich nirgends finden.

Sollte ich jetzt noch etwas anderes laufen lassen und hier posten? Mach mir etwas sorgen, dass noch was auf dem System ist, bzw. wenn ich jetzt meine Passwörter ändere die gleich wieder geklaut werden. Ich denke zwar eher, die haben die Adressen aus irgendwelchen Seiten oder Shops ausgelesen, die meine email als Benutzername verwenden, aber sicher ist sicher...

Alt 23.01.2014, 10:23   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Win7:Trojaner, Spione oder ähnliches drauf? - Standard

Win7:Trojaner, Spione oder ähnliches drauf?



hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________

Alt 23.01.2014, 13:48   #3
Nexu07
 
Win7:Trojaner, Spione oder ähnliches drauf? - Standard

Win7:Trojaner, Spione oder ähnliches drauf?



Hallo und Danke fürs schnelle Antworten!
Hier mal FRST:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 23-01-2014
Ran by Julian (administrator) on PC on 23-01-2014 13:40:38
Running from C:\Users\Julian\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\vsserv.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Softwareentwicklung Remus - ArchiCrypt) C:\Windows\SysWOW64\STGRAMDiskHandler64.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\bdagent.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe
(Alexander Miehlke Softwareentwicklung) C:\Program Files (x86)\Browser-Anonymisierer\BrowserMaulkorb.exe
(Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\TimounterMonitor.exe
(Zemana Ltd.) C:\Program Files (x86)\Zemana AntiLogger Free\AntiLogger Free.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(Condusiv Technologies) C:\Program Files\Condusiv Technologies\Diskeeper\DkService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Steganos Software GmbH) C:\Program Files (x86)\Steganos Privacy Suite 12\PasswordManager.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6629480 2011-04-15] (Realtek Semiconductor)
HKLM\...\Run: [Apoint] - C:\Program Files\DellTPad\Apoint.exe [609144 2011-04-13] (Alps Electric Co., Ltd.)
HKLM\...\Run: [QuickSet] - c:\Program Files\Dell\QuickSet\QuickSet.exe [4500640 2011-03-11] (Dell Inc.)
HKLM\...\Run: [IntelTBRunOnce] - C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs [4526 2010-11-29] ()
HKLM\...\Run: [Acronis Scheduler2 Service] - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [403688 2012-06-29] (Acronis)
HKLM\...\Run: [Bdagent] - C:\Program Files\Bitdefender\Bitdefender\bdagent.exe [1735872 2014-01-18] (Bitdefender)
HKLM-x32\...\Run: [AcronisTimounterMonitor] - C:\Program Files (x86)\Acronis\TrueImageHome\TimounterMonitor.exe [1173712 2012-06-29] (Acronis)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Dell Webcam Central] - C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [503942 2011-04-13] (Creative Technology Ltd)
HKLM-x32\...\Run: [ZALFree] - C:\Program Files (x86)\Zemana AntiLogger Free\AntiLogger Free.exe [12999472 2013-07-22] (Zemana Ltd.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [Bitdefender-Geldbörse-Agent] - C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe [561672 2014-01-18] (Bitdefender)
HKCU\...\Run: [Bitdefender-Geldbörse-Anwendungs-Agent] - C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe [612696 2014-01-18] (Bitdefender)
HKCU\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKCU\...\Policies\Explorer: [NoRecentDocsHistory] 1
HKCU\...\Policies\Explorer: [NoRecentDocsMenu] 1
HKCU\...\Policies\Explorer: [NoStartMenuMFUprogramsList] 1
MountPoints2: {e6edea3a-1190-11e1-83c6-806e6f6e6963} - D:\autostart.exe
AppInit_DLLs: C:\PROGRA~2\KEYCRY~1\KEYCRY~4.DLL,C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [168616 2013-12-18] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\PROGRA~2\KEYCRY~1\KEYCRY~3.DLL,C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [141336 2013-12-18] (NVIDIA Corporation)
Startup: C:\Users\Julian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Browser-Anonymisierer.lnk
ShortcutTarget: Browser-Anonymisierer.lnk -> C:\Program Files (x86)\Browser-Anonymisierer\BrowserMaulkorb.exe (Alexander Miehlke Softwareentwicklung)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/USCON/8
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {1D7C86BD-BDE4-4E06-8B5B-6B7726EFA337} URL = 
BHO: Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender\pmbxie.dll (Bitdefender)
BHO: No Name - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -  No File
BHO: No Name - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -  No File
BHO: No Name - {DBC80044-A445-435b-BC74-9C25C1C588A9} -  No File
BHO-x32: Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender\Antispam32\pmbxie.dll (Bitdefender)
BHO-x32: CBAbzockschutz.InitToolbarBHO - {2e250b90-0e7a-42a3-9d65-e39f9f227fa4} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: No Name - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -  No File
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - Steganos Password Manager Toolbar - {9C65D12D-CF9D-454D-8049-61965D8C6FFF} - C:\Program Files (x86)\Steganos Privacy Suite 12\SPMIEToolbar.dll (Steganos Software GmbH)
Toolbar: HKLM-x32 - COMPUTERBILD-Abzockschutz - {353e2a48-6254-4bd3-88f4-3b51a0ca7870} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} -  No File
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} -  No File
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} -  No File
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} -  No File
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} -  No File
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} -  No File
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\kw6okr3m.default
FF SelectedSearchEngine: benefind
FF Homepage: about:mozilla
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll ()
FF Plugin: @java.com/DTPlugin,version=1.6.0_33 - C:\Windows\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin: @mcafee.com/MSC,version=10 - c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL No File
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll ()
FF Plugin-x32: @Bitdefender.com/PasswordManager;version=17.8 - C:\Program Files\Bitdefender\Bitdefender\Antispam32\pmbxnp.dll (Bitdefender)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 - c:\progra~2\mcafee\msc\npmcsn~1.dll No File
FF Plugin-x32: @mcafee.com/SAFFPlugin - C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll No File
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.0 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.0.1 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.0.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Adblock Plus Pop-up Addon - C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\kw6okr3m.default\Extensions\adblockpopups@jessehakanen.net.xpi [2014-01-18]
FF Extension: gui:config - C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\kw6okr3m.default\Extensions\guiconfig@slosd.net.xpi [2012-01-27]
FF Extension: NO Google Analytics - C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\kw6okr3m.default\Extensions\jid1-JcGokIiQyjoBAQ@jetpack.xpi [2014-01-18]
FF Extension: TrackMeNot - C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\kw6okr3m.default\Extensions\trackmenot@mrl.nyu.edu.xpi [2011-11-22]
FF Extension: عارض PDF - C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\kw6okr3m.default\Extensions\uriloader@pdf.js.xpi [2012-11-09]
FF Extension: HTTPS Finder - C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\kw6okr3m.default\Extensions\{6bdc61ae-7b80-44a3-9476-e1d121ec2238}.xpi [2012-02-15]
FF Extension: NoScript - C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\kw6okr3m.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2011-11-22]
FF Extension: Adblock Plus - C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\kw6okr3m.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2011-11-22]
FF Extension: BetterPrivacy - C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\kw6okr3m.default\Extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi [2011-11-22]
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender\bdtbext
FF Extension: bdToolbar - C:\Program Files\Bitdefender\Bitdefender\bdtbext [2014-01-18]
FF HKLM-x32\...\Firefox\Extensions: [{09F060FA-566D-42D7-BF79-97AB30863433}] - C:\Program Files (x86)\Steganos Privacy Suite 12\pfplugin
FF Extension: Steganos Private Favorites - C:\Program Files (x86)\Steganos Privacy Suite 12\pfplugin [2012-01-01]
FF HKLM-x32\...\Firefox\Extensions: [{00F0643E-B367-4779-B45D-7046EBA37A88}] - C:\Program Files (x86)\Steganos Privacy Suite 12\spmplugin3
FF Extension: Steganos Password Manager - C:\Program Files (x86)\Steganos Privacy Suite 12\spmplugin3 [2012-01-01]
FF HKLM-x32\...\Firefox\Extensions: [ffpwdman@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender\Antispam32\ffpwdman\
FF Extension: Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender\Antispam32\ffpwdman\ []
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender\bdtbext
FF Extension: bdToolbar - C:\Program Files\Bitdefender\Bitdefender\bdtbext [2014-01-18]

==================== Services (Whitelisted) =================

S4 BdDesktopParental; C:\Program Files\Bitdefender\Bitdefender\bdparentalservice.exe [77632 2013-11-21] (Bitdefender)
R2 Diskeeper; C:\Program Files\Condusiv Technologies\Diskeeper\DkService.exe [2721656 2012-06-29] (Condusiv Technologies)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-07-28] ()
S3 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [993848 2011-04-19] (Secunia)
S3 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [399416 2011-04-19] (Secunia)
R2 Steganos Volatile Disk; C:\Windows\SysWOW64\STGRAMDiskHandler64.exe [450560 2011-09-12] (Softwareentwicklung Remus - ArchiCrypt)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe [67320 2013-10-07] (Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender\vsserv.exe [1507248 2013-11-15] (Bitdefender)

==================== Drivers (Whitelisted) ====================

R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [727592 2013-07-19] (BitDefender)
R3 avchv; C:\Windows\System32\DRIVERS\avchv.sys [261056 2012-11-02] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [601360 2013-07-19] (BitDefender)
R1 BdfNdisf; c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys [93600 2013-02-22] (BitDefender LLC)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [103504 2011-11-14] (BitDefender LLC)
S3 bdfwfpf_pc; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys [121928 2013-07-02] (Bitdefender SRL)
S3 BDSandBox; C:\Windows\system32\drivers\bdsandbox.sys [82824 2013-11-04] (BitDefender SRL)
R0 DKDFM; C:\Windows\System32\drivers\DKDFM.sys [40752 2012-04-05] (Condusiv Technologies)
R3 DKRtWrt; C:\Windows\System32\DRIVERS\DKRtWrt.sys [52048 2012-06-18] (Condusiv Technologies)
R0 DKTLFSMF; C:\Windows\System32\drivers\DKTLFSMF.sys [106832 2012-06-07] (Condusiv Technologies)
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [150256 2013-08-23] (BitDefender LLC)
R3 keycrypt; C:\Windows\System32\DRIVERS\KeyCrypt64.sys [25568 2013-07-22] (Zemana Ltd.)
R1 nvkflt; C:\Windows\System32\DRIVERS\nvkflt.sys [300320 2013-12-18] (NVIDIA Corporation)
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R1 SLEE_17_DRIVER; C:\Windows\Sleen1764.sys [108256 2011-09-12] (Softwareentwicklung Remus - ArchiCrypt - )
R1 STGMFEngine64; C:\Windows\system32\drivers\STGMFEngine64.sys [28576 2011-09-12] (Softwareentwicklung Remus - ArchiCrypt.com)
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [389240 2013-08-07] (BitDefender S.R.L.)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-23 13:40 - 2014-01-23 13:40 - 00017481 _____ C:\Users\Julian\Desktop\FRST.txt
2014-01-23 13:32 - 2014-01-23 13:32 - 00000000 ____D C:\FRST
2014-01-23 13:30 - 2014-01-23 13:30 - 02077184 _____ (Farbar) C:\Users\Julian\Desktop\FRST64.exe
2014-01-19 16:36 - 2014-01-19 16:36 - 00084040 _____ C:\Users\Julian\AppData\Local\GDIPFONTCACHEV1.DAT
2014-01-19 16:34 - 2014-01-19 16:34 - 00000000 _____ C:\Windows\setuperr.log
2014-01-19 16:34 - 2014-01-19 16:34 - 00000000 _____ C:\Windows\setupact.log
2014-01-18 14:28 - 2014-01-18 14:29 - 00000000 ____D C:\AdwCleaner
2014-01-18 13:51 - 2014-01-22 08:59 - 00009216 _____ C:\Users\Julian\Desktop\JulianAusgaben .xls
2014-01-18 12:06 - 2014-01-18 15:05 - 00000000 ____D C:\Users\Julian\AppData\Local\CrashDumps
2014-01-18 11:55 - 2014-01-18 11:54 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-01-18 11:54 - 2014-01-18 11:54 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-01-18 11:54 - 2014-01-18 11:54 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-01-18 11:54 - 2014-01-18 11:54 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-01-18 11:54 - 2014-01-18 11:54 - 00000000 ____D C:\Program Files (x86)\Java
2014-01-18 10:35 - 2014-01-23 08:54 - 00071890 _____ C:\Windows\WindowsUpdate.log
2014-01-18 10:26 - 2014-01-18 10:26 - 00000000 ____D C:\Windows\SysWOW64\NV
2014-01-18 10:26 - 2014-01-18 10:26 - 00000000 ____D C:\Windows\system32\NV
2014-01-18 10:12 - 2014-01-18 10:12 - 00003062 _____ C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe
2014-01-18 10:12 - 2014-01-18 10:12 - 00003060 _____ C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe
2014-01-18 10:11 - 2014-01-18 10:11 - 00000000 ____D C:\Program Files\Microsoft Mouse and Keyboard Center
2014-01-18 10:05 - 2013-11-26 12:54 - 23183360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-01-18 10:05 - 2013-11-26 11:19 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-01-18 10:05 - 2013-11-26 11:18 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-01-18 10:05 - 2013-11-26 11:11 - 17112576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-01-18 10:05 - 2013-11-26 10:48 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-01-18 10:05 - 2013-11-26 10:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-01-18 10:05 - 2013-11-26 10:41 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-01-18 10:05 - 2013-11-26 10:29 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-01-18 10:05 - 2013-11-26 10:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-01-18 10:05 - 2013-11-26 10:23 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-01-18 10:05 - 2013-11-26 10:21 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-01-18 10:05 - 2013-11-26 10:18 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-01-18 10:05 - 2013-11-26 10:18 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-01-18 10:05 - 2013-11-26 10:16 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-01-18 10:05 - 2013-11-26 09:57 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-01-18 10:05 - 2013-11-26 09:38 - 02166784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-01-18 10:05 - 2013-11-26 09:38 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-01-18 10:05 - 2013-11-26 09:32 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-01-18 10:05 - 2013-11-26 09:28 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-01-18 10:05 - 2013-11-26 09:16 - 04243968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-01-18 10:05 - 2013-11-26 09:02 - 01995264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-01-18 10:05 - 2013-11-26 08:48 - 12996608 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-01-18 10:05 - 2013-11-26 08:32 - 01928192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-01-18 10:05 - 2013-11-26 08:26 - 11221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-01-18 10:05 - 2013-11-26 08:07 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-01-18 10:05 - 2013-11-26 07:40 - 01395200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-01-18 10:05 - 2013-11-26 07:34 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-01-18 10:05 - 2013-11-26 07:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-01-18 10:05 - 2013-11-26 07:33 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-01-18 10:05 - 2013-11-26 07:27 - 01157632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-01-18 10:04 - 2014-01-18 10:04 - 00000000 ____D C:\14c39edb0dc61245ac8bd50f89
2014-01-18 10:04 - 2013-11-26 09:35 - 05769216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-01-18 02:06 - 2013-05-10 06:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2014-01-18 02:06 - 2013-05-10 06:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2014-01-18 02:06 - 2013-05-10 05:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2014-01-18 02:06 - 2013-05-10 05:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2014-01-18 02:02 - 2014-01-23 13:39 - 00000000 ___RD C:\Users\Julian\Desktop\Wartung
2014-01-18 01:57 - 2014-01-18 02:05 - 00000000 ____D C:\80b5166afda31d2d92
2014-01-18 01:57 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2014-01-18 01:50 - 2014-01-18 01:50 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-01-18 01:50 - 2014-01-18 01:50 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-01-18 01:50 - 2014-01-18 01:50 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-01-18 01:50 - 2014-01-18 01:50 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-01-18 01:50 - 2014-01-18 01:50 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-01-18 01:50 - 2014-01-18 01:50 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2014-01-18 01:50 - 2014-01-18 01:50 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-01-18 01:50 - 2014-01-18 01:50 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-01-18 01:50 - 2014-01-18 01:50 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-01-18 01:50 - 2014-01-18 01:50 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-01-18 01:50 - 2014-01-18 01:50 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-01-18 01:50 - 2014-01-18 01:50 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-01-18 01:50 - 2014-01-18 01:50 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-01-18 01:50 - 2014-01-18 01:50 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-01-18 01:50 - 2014-01-18 01:50 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-01-18 01:50 - 2014-01-18 01:50 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-01-18 01:50 - 2014-01-18 01:50 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-01-18 01:50 - 2014-01-18 01:50 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-01-18 01:50 - 2014-01-18 01:50 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-01-18 01:50 - 2014-01-18 01:50 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-01-18 01:50 - 2014-01-18 01:50 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-01-18 01:50 - 2014-01-18 01:50 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-01-18 01:50 - 2014-01-18 01:50 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-01-18 01:50 - 2014-01-18 01:50 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-01-18 01:50 - 2014-01-18 01:50 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-01-18 01:50 - 2014-01-18 01:50 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-01-18 01:50 - 2014-01-18 01:50 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-01-18 01:50 - 2014-01-18 01:50 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-01-18 01:50 - 2014-01-18 01:50 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2014-01-18 01:50 - 2014-01-18 01:50 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-01-18 01:50 - 2014-01-18 01:50 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-01-18 01:50 - 2014-01-18 01:50 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-01-18 01:50 - 2014-01-18 01:50 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-01-18 01:50 - 2014-01-18 01:50 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-01-18 01:50 - 2014-01-18 01:50 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-01-18 01:50 - 2014-01-18 01:50 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-01-18 01:50 - 2014-01-18 01:50 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-01-18 01:50 - 2014-01-18 01:50 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-01-18 01:50 - 2014-01-18 01:50 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-01-18 01:50 - 2014-01-18 01:50 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-01-18 01:50 - 2014-01-18 01:50 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-01-18 01:50 - 2014-01-18 01:50 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-01-18 01:50 - 2014-01-18 01:50 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-01-18 01:50 - 2014-01-18 01:50 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-01-18 01:50 - 2014-01-18 01:50 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-01-18 01:50 - 2014-01-18 01:50 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-01-18 01:50 - 2014-01-18 01:50 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-01-18 01:50 - 2014-01-18 01:50 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-01-18 01:50 - 2014-01-18 01:50 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-01-18 01:50 - 2014-01-18 01:50 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-01-18 01:50 - 2014-01-18 01:50 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-01-18 01:50 - 2014-01-18 01:50 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-01-18 01:50 - 2014-01-18 01:50 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-01-18 01:50 - 2014-01-18 01:50 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-01-18 01:50 - 2014-01-18 01:50 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-01-18 01:50 - 2014-01-18 01:50 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-01-18 01:50 - 2014-01-18 01:50 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-01-18 01:50 - 2014-01-18 01:50 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-01-18 01:50 - 2014-01-18 01:50 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-01-18 01:50 - 2014-01-18 01:50 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-01-18 01:50 - 2014-01-18 01:50 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-01-18 01:50 - 2014-01-18 01:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-01-18 01:50 - 2014-01-18 01:50 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-01-18 01:50 - 2014-01-18 01:50 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-01-18 01:50 - 2014-01-18 01:50 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-01-18 01:50 - 2014-01-18 01:50 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-01-18 01:50 - 2014-01-18 01:50 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-01-18 01:50 - 2014-01-18 01:50 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-01-18 01:50 - 2014-01-18 01:50 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-01-18 01:50 - 2014-01-18 01:50 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-01-18 01:50 - 2014-01-18 01:50 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-01-18 01:50 - 2014-01-18 01:50 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-01-18 01:50 - 2014-01-18 01:50 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-01-18 01:50 - 2014-01-18 01:50 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-01-18 01:50 - 2014-01-18 01:50 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-01-18 01:50 - 2014-01-18 01:50 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-01-18 01:50 - 2014-01-18 01:50 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-01-18 00:57 - 2014-01-18 00:57 - 00076944 _____ (BitDefender) C:\Windows\system32\Drivers\bdvedisk.sys
2014-01-18 00:57 - 2014-01-18 00:57 - 00074512 _____ (BitDefender SRL) C:\Windows\system32\bdsandboxuiskin32.dll
2014-01-18 00:56 - 2014-01-18 00:56 - 00117464 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-01-18 00:49 - 2014-01-18 00:49 - 00089304 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-01-18 00:15 - 2014-01-18 00:15 - 00509670 _____ C:\ProgramData\1390000157.bdinstall.bin
2014-01-18 00:14 - 2014-01-18 00:14 - 00000684 ____H C:\bdr-cf01
2014-01-18 00:14 - 2013-11-04 15:47 - 00082824 _____ (BitDefender SRL) C:\Windows\system32\Drivers\bdsandbox.sys
2014-01-18 00:14 - 2013-07-19 17:08 - 00601360 _____ (BitDefender) C:\Windows\system32\Drivers\avckf.sys
2014-01-18 00:14 - 2013-07-19 17:04 - 00727592 _____ (BitDefender) C:\Windows\system32\Drivers\avc3.sys
2014-01-18 00:14 - 2013-02-22 18:46 - 00093600 _____ (BitDefender LLC) C:\Windows\system32\Drivers\BdfNdisf6.sys
2014-01-18 00:13 - 2014-01-18 00:14 - 00253404 ____H C:\bdr-ld01
2014-01-18 00:13 - 2014-01-18 00:14 - 00009216 ____H C:\bdr-ld01.mbr
2014-01-18 00:13 - 2014-01-18 00:13 - 00000000 ____D C:\Users\Julian\AppData\Roaming\Bitdefender
2014-01-18 00:13 - 2013-09-24 15:38 - 46879860 ____H C:\bdr-im01.gz
2014-01-18 00:13 - 2013-08-13 12:38 - 03271472 ____H C:\bdr-bz01
2014-01-18 00:09 - 2014-01-18 00:57 - 00000000 ____D C:\ProgramData\Bitdefender
2014-01-18 00:09 - 2013-08-23 12:48 - 00150256 _____ (BitDefender LLC) C:\Windows\system32\Drivers\gzflt.sys
2014-01-18 00:09 - 2013-08-07 12:46 - 00389240 _____ (BitDefender S.R.L.) C:\Windows\system32\Drivers\trufos.sys
2014-01-18 00:06 - 2014-01-18 00:06 - 00249497 _____ C:\ProgramData\1389999917.bdinstall.bin
2014-01-17 23:44 - 2014-01-17 23:44 - 00588042 _____ C:\ProgramData\1389998116.bdinstall.bin
2014-01-17 23:41 - 2014-01-18 00:57 - 00074512 _____ (BitDefender SRL) C:\Windows\SysWOW64\bdsandboxuiskin32.dll
2014-01-17 23:41 - 2012-11-02 13:17 - 00261056 _____ (BitDefender) C:\Windows\system32\Drivers\avchv.sys
2014-01-17 23:36 - 2013-11-04 15:47 - 00084848 _____ (BitDefender SRL) C:\Windows\system32\BDSandBoxUISkin.dll
2014-01-17 23:36 - 2013-11-04 15:46 - 00034384 _____ (BitDefender SRL) C:\Windows\system32\BDSandBoxUH.dll
2014-01-17 23:28 - 2014-01-17 23:28 - 00213973 _____ C:\ProgramData\1389997567.bdinstall.bin
2014-01-17 23:08 - 2014-01-17 23:08 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2014-01-17 14:08 - 2013-11-23 19:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2014-01-17 14:08 - 2013-11-23 18:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2014-01-17 14:08 - 2013-11-12 03:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-01-17 14:08 - 2013-11-12 03:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-01-17 14:08 - 2013-10-30 03:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2014-01-17 14:08 - 2013-10-30 03:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2014-01-17 14:08 - 2013-10-19 03:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2014-01-17 14:08 - 2013-10-19 02:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2014-01-17 14:08 - 2013-10-05 21:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-01-17 14:08 - 2013-10-05 20:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2014-01-17 14:08 - 2013-07-04 13:50 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2014-01-17 14:08 - 2013-07-04 12:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2014-01-17 14:07 - 2013-11-27 02:42 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-17 14:07 - 2013-11-27 02:42 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-17 14:07 - 2013-11-27 02:42 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-17 14:07 - 2013-11-27 02:42 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-17 14:07 - 2013-11-27 02:42 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-17 14:07 - 2013-11-27 02:42 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-17 14:07 - 2013-11-27 02:42 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-17 14:07 - 2013-10-04 03:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2014-01-17 14:07 - 2013-10-04 03:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2014-01-17 14:07 - 2013-10-04 03:24 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-01-17 14:07 - 2013-10-04 03:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2014-01-17 14:07 - 2013-10-04 02:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2014-01-17 14:07 - 2013-10-04 02:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-01-17 14:07 - 2013-10-04 02:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2014-01-17 14:07 - 2013-10-04 02:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2014-01-17 14:07 - 2013-09-28 02:09 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-01-17 14:07 - 2013-09-25 03:26 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-01-17 14:07 - 2013-09-25 03:26 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-01-17 14:07 - 2013-09-25 03:23 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-01-17 14:07 - 2013-09-25 03:23 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-01-17 14:07 - 2013-09-25 03:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-01-17 14:07 - 2013-09-25 03:22 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-01-17 14:07 - 2013-09-25 03:21 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-01-17 14:07 - 2013-09-25 03:21 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-01-17 14:07 - 2013-09-25 02:58 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-01-17 14:07 - 2013-09-25 02:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-01-17 14:07 - 2013-09-25 02:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-01-17 14:07 - 2013-09-25 02:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-01-17 14:07 - 2013-09-25 02:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-01-17 14:07 - 2013-07-04 13:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2014-01-17 14:07 - 2013-06-06 06:50 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2014-01-17 14:07 - 2013-06-06 06:49 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2014-01-17 14:07 - 2013-06-06 06:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2014-01-17 14:07 - 2013-06-06 06:47 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2014-01-17 14:07 - 2013-06-06 05:57 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2014-01-17 14:07 - 2013-06-06 05:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2014-01-17 14:07 - 2013-06-06 05:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2014-01-17 14:07 - 2013-06-06 04:30 - 00368128 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2014-01-17 14:07 - 2013-06-06 04:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2014-01-17 14:07 - 2013-06-06 04:01 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2014-01-17 14:06 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-17 14:06 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-17 14:06 - 2013-10-12 03:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2014-01-17 14:06 - 2013-10-12 03:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2014-01-17 14:06 - 2013-10-12 03:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2014-01-17 14:06 - 2013-10-12 03:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2014-01-17 14:06 - 2013-10-12 03:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2014-01-17 14:06 - 2013-10-12 03:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2014-01-17 14:06 - 2013-10-12 03:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2014-01-17 14:06 - 2013-10-12 03:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2014-01-17 14:06 - 2013-10-12 03:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2014-01-17 14:06 - 2013-10-12 02:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2014-01-17 14:06 - 2013-10-12 02:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2014-01-17 14:06 - 2013-10-12 02:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2014-01-17 14:06 - 2013-10-12 02:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2014-01-17 14:06 - 2013-10-03 03:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-01-17 14:06 - 2013-10-03 03:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-01-17 14:06 - 2013-09-08 03:30 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-01-17 14:06 - 2013-09-08 03:27 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2014-01-17 14:06 - 2013-09-08 03:03 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2014-01-17 14:06 - 2013-08-29 03:17 - 05549504 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-01-17 14:06 - 2013-08-29 03:16 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-01-17 14:06 - 2013-08-29 03:16 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2014-01-17 14:06 - 2013-08-29 03:16 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-01-17 14:06 - 2013-08-29 03:13 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2014-01-17 14:06 - 2013-08-29 02:51 - 03969472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-01-17 14:06 - 2013-08-29 02:51 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-01-17 14:06 - 2013-08-29 02:50 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2014-01-17 14:06 - 2013-08-29 02:50 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2014-01-17 14:06 - 2013-08-29 02:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-01-17 14:06 - 2013-08-29 02:48 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2014-01-17 14:06 - 2013-08-29 01:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-01-17 14:06 - 2013-08-29 01:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-01-17 14:06 - 2013-08-29 01:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-01-17 14:06 - 2013-08-29 01:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-01-17 14:06 - 2013-08-28 02:12 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2014-01-17 14:06 - 2013-08-01 13:09 - 00983488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-01-17 14:06 - 2013-07-20 11:33 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2014-01-17 14:06 - 2013-07-20 11:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2014-01-17 14:06 - 2013-07-12 11:41 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys
2014-01-17 14:06 - 2013-07-12 11:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2014-01-17 14:06 - 2013-07-12 11:40 - 00109824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBAUDIO.sys
2014-01-17 14:06 - 2013-07-04 13:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2014-01-17 14:06 - 2013-07-04 13:50 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2014-01-17 14:06 - 2013-07-04 12:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2014-01-17 14:06 - 2013-07-04 12:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2014-01-17 14:06 - 2013-07-04 11:11 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2014-01-17 14:06 - 2013-07-03 05:40 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbscan.sys
2014-01-17 14:06 - 2013-07-03 05:05 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2014-01-17 14:06 - 2013-07-03 05:05 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2014-01-17 14:06 - 2013-06-25 23:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys

==================== One Month Modified Files and Folders =======

2014-01-23 13:40 - 2014-01-23 13:40 - 00017481 _____ C:\Users\Julian\Desktop\FRST.txt
2014-01-23 13:39 - 2014-01-18 02:02 - 00000000 ___RD C:\Users\Julian\Desktop\Wartung
2014-01-23 13:32 - 2014-01-23 13:32 - 00000000 ____D C:\FRST
2014-01-23 13:30 - 2014-01-23 13:30 - 02077184 _____ (Farbar) C:\Users\Julian\Desktop\FRST64.exe
2014-01-23 13:25 - 2012-04-06 16:29 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-23 12:03 - 2013-05-22 07:09 - 00003440 _____ C:\Windows\System32\Tasks\PCDEventLauncherTask
2014-01-23 08:58 - 2010-11-21 07:50 - 00700118 _____ C:\Windows\system32\perfh007.dat
2014-01-23 08:58 - 2010-11-21 07:50 - 00149968 _____ C:\Windows\system32\perfc007.dat
2014-01-23 08:58 - 2009-07-14 06:13 - 01622228 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-23 08:54 - 2014-01-18 10:35 - 00071890 _____ C:\Windows\WindowsUpdate.log
2014-01-22 08:59 - 2014-01-18 13:51 - 00009216 _____ C:\Users\Julian\Desktop\JulianAusgaben .xls
2014-01-20 11:44 - 2011-11-26 12:29 - 00000143 _____ C:\Users\Julian\Desktop\Termine.txt
2014-01-19 16:36 - 2014-01-19 16:36 - 00084040 _____ C:\Users\Julian\AppData\Local\GDIPFONTCACHEV1.DAT
2014-01-19 16:34 - 2014-01-19 16:34 - 00000000 _____ C:\Windows\setuperr.log
2014-01-19 16:34 - 2014-01-19 16:34 - 00000000 _____ C:\Windows\setupact.log
2014-01-19 10:02 - 2009-07-14 05:45 - 00021296 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-19 10:02 - 2009-07-14 05:45 - 00021296 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-19 09:54 - 2011-11-25 09:20 - 00065536 _____ C:\Windows\system32\Ikeext.etl
2014-01-19 09:54 - 2011-11-18 04:00 - 00000000 ____D C:\ProgramData\NVIDIA
2014-01-19 09:54 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-18 17:24 - 2012-09-28 03:19 - 00000000 ____D C:\ProgramData\Dumps
2014-01-18 15:05 - 2014-01-18 12:06 - 00000000 ____D C:\Users\Julian\AppData\Local\CrashDumps
2014-01-18 15:05 - 2011-11-25 18:44 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2014-01-18 14:41 - 2011-11-25 18:44 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy
2014-01-18 14:29 - 2014-01-18 14:28 - 00000000 ____D C:\AdwCleaner
2014-01-18 12:53 - 2012-01-01 15:40 - 00000000 ____D C:\Users\Julian\AppData\Roaming\Steganos
2014-01-18 12:08 - 2012-02-17 04:05 - 00000000 ____D C:\Program Files (x86)\Browser-Anonymisierer
2014-01-18 12:08 - 2011-11-21 18:11 - 00000000 ___RD C:\Users\Julian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-18 12:07 - 2013-08-10 08:32 - 00000000 ____D C:\Program Files (x86)\Opera
2014-01-18 11:54 - 2014-01-18 11:55 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-01-18 11:54 - 2014-01-18 11:54 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-01-18 11:54 - 2014-01-18 11:54 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-01-18 11:54 - 2014-01-18 11:54 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-01-18 11:54 - 2014-01-18 11:54 - 00000000 ____D C:\Program Files (x86)\Java
2014-01-18 11:52 - 2013-09-15 11:41 - 00001068 _____ C:\Users\Public\Desktop\VLC media player.lnk
2014-01-18 11:48 - 2012-04-06 16:29 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-01-18 11:48 - 2012-04-06 16:29 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-01-18 11:48 - 2011-11-18 11:09 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-01-18 10:39 - 2011-12-10 00:32 - 00000000 ____D C:\Program Files\CCleaner
2014-01-18 10:33 - 2011-02-11 18:13 - 00000000 ____D C:\Windows\panther
2014-01-18 10:26 - 2014-01-18 10:26 - 00000000 ____D C:\Windows\SysWOW64\NV
2014-01-18 10:26 - 2014-01-18 10:26 - 00000000 ____D C:\Windows\system32\NV
2014-01-18 10:12 - 2014-01-18 10:12 - 00003062 _____ C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe
2014-01-18 10:12 - 2014-01-18 10:12 - 00003060 _____ C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe
2014-01-18 10:12 - 2012-11-17 10:29 - 00003118 _____ C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe
2014-01-18 10:12 - 2012-09-02 02:51 - 00003090 _____ C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_itype_exe
2014-01-18 10:12 - 2012-05-10 04:06 - 00003092 _____ C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe
2014-01-18 10:11 - 2014-01-18 10:11 - 00000000 ____D C:\Program Files\Microsoft Mouse and Keyboard Center
2014-01-18 10:10 - 2011-11-18 03:59 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2014-01-18 10:07 - 2011-11-18 03:59 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2014-01-18 10:04 - 2014-01-18 10:04 - 00000000 ____D C:\14c39edb0dc61245ac8bd50f89
2014-01-18 10:04 - 2011-02-11 11:22 - 01596508 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2014-01-18 03:33 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2014-01-18 02:18 - 2011-11-21 18:11 - 00001383 _____ C:\Users\Julian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-01-18 02:15 - 2012-05-11 11:51 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2014-01-18 02:15 - 2012-05-11 11:51 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2014-01-18 02:11 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2014-01-18 02:05 - 2014-01-18 01:57 - 00000000 ____D C:\80b5166afda31d2d92
2014-01-18 01:50 - 2014-01-18 01:50 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-01-18 01:50 - 2014-01-18 01:50 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-01-18 01:50 - 2014-01-18 01:50 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-01-18 01:50 - 2014-01-18 01:50 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-01-18 01:50 - 2014-01-18 01:50 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-01-18 01:50 - 2014-01-18 01:50 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2014-01-18 01:50 - 2014-01-18 01:50 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-01-18 01:50 - 2014-01-18 01:50 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-01-18 01:50 - 2014-01-18 01:50 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-01-18 01:50 - 2014-01-18 01:50 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-01-18 01:50 - 2014-01-18 01:50 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-01-18 01:50 - 2014-01-18 01:50 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-01-18 01:50 - 2014-01-18 01:50 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-01-18 01:50 - 2014-01-18 01:50 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-01-18 01:50 - 2014-01-18 01:50 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-01-18 01:50 - 2014-01-18 01:50 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-01-18 01:50 - 2014-01-18 01:50 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-01-18 01:50 - 2014-01-18 01:50 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-01-18 01:50 - 2014-01-18 01:50 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-01-18 01:50 - 2014-01-18 01:50 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-01-18 01:50 - 2014-01-18 01:50 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-01-18 01:50 - 2014-01-18 01:50 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-01-18 01:50 - 2014-01-18 01:50 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-01-18 01:50 - 2014-01-18 01:50 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-01-18 01:50 - 2014-01-18 01:50 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-01-18 01:50 - 2014-01-18 01:50 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-01-18 01:50 - 2014-01-18 01:50 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-01-18 01:50 - 2014-01-18 01:50 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-01-18 01:50 - 2014-01-18 01:50 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2014-01-18 01:50 - 2014-01-18 01:50 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-01-18 01:50 - 2014-01-18 01:50 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-01-18 01:50 - 2014-01-18 01:50 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-01-18 01:50 - 2014-01-18 01:50 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-01-18 01:50 - 2014-01-18 01:50 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-01-18 01:50 - 2014-01-18 01:50 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-01-18 01:50 - 2014-01-18 01:50 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-01-18 01:50 - 2014-01-18 01:50 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-01-18 01:50 - 2014-01-18 01:50 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-01-18 01:50 - 2014-01-18 01:50 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-01-18 01:50 - 2014-01-18 01:50 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-01-18 01:50 - 2014-01-18 01:50 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-01-18 01:50 - 2014-01-18 01:50 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-01-18 01:50 - 2014-01-18 01:50 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-01-18 01:50 - 2014-01-18 01:50 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-01-18 01:50 - 2014-01-18 01:50 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-01-18 01:50 - 2014-01-18 01:50 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-01-18 01:50 - 2014-01-18 01:50 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-01-18 01:50 - 2014-01-18 01:50 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-01-18 01:50 - 2014-01-18 01:50 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-01-18 01:50 - 2014-01-18 01:50 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-01-18 01:50 - 2014-01-18 01:50 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-01-18 01:50 - 2014-01-18 01:50 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-01-18 01:50 - 2014-01-18 01:50 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-01-18 01:50 - 2014-01-18 01:50 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-01-18 01:50 - 2014-01-18 01:50 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-01-18 01:50 - 2014-01-18 01:50 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-01-18 01:50 - 2014-01-18 01:50 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-01-18 01:50 - 2014-01-18 01:50 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-01-18 01:50 - 2014-01-18 01:50 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-01-18 01:50 - 2014-01-18 01:50 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-01-18 01:50 - 2014-01-18 01:50 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-01-18 01:50 - 2014-01-18 01:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-01-18 01:50 - 2014-01-18 01:50 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-01-18 01:50 - 2014-01-18 01:50 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-01-18 01:50 - 2014-01-18 01:50 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-01-18 01:50 - 2014-01-18 01:50 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-01-18 01:50 - 2014-01-18 01:50 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-01-18 01:50 - 2014-01-18 01:50 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-01-18 01:50 - 2014-01-18 01:50 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-01-18 01:50 - 2014-01-18 01:50 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-01-18 01:50 - 2014-01-18 01:50 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-01-18 01:50 - 2014-01-18 01:50 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-01-18 01:50 - 2014-01-18 01:50 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-01-18 01:50 - 2014-01-18 01:50 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-01-18 01:50 - 2014-01-18 01:50 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-01-18 01:50 - 2014-01-18 01:50 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-01-18 01:50 - 2014-01-18 01:50 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-01-18 01:30 - 2013-07-14 20:19 - 00000000 ____D C:\Windows\system32\MRT
2014-01-18 01:24 - 2012-01-19 04:24 - 00000000 ____D C:\Program Files (x86)\AntiBrowserSpy
2014-01-18 01:19 - 2013-08-06 19:02 - 00000000 ____D C:\Users\Julian\AppData\Roaming\inkscape
2014-01-18 00:57 - 2014-01-18 00:57 - 00076944 _____ (BitDefender) C:\Windows\system32\Drivers\bdvedisk.sys
2014-01-18 00:57 - 2014-01-18 00:57 - 00074512 _____ (BitDefender SRL) C:\Windows\system32\bdsandboxuiskin32.dll
2014-01-18 00:57 - 2014-01-18 00:09 - 00000000 ____D C:\ProgramData\Bitdefender
2014-01-18 00:57 - 2014-01-17 23:41 - 00074512 _____ (BitDefender SRL) C:\Windows\SysWOW64\bdsandboxuiskin32.dll
2014-01-18 00:56 - 2014-01-18 00:56 - 00117464 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-01-18 00:49 - 2014-01-18 00:49 - 00089304 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-01-18 00:15 - 2014-01-18 00:15 - 00509670 _____ C:\ProgramData\1390000157.bdinstall.bin
2014-01-18 00:14 - 2014-01-18 00:14 - 00000684 ____H C:\bdr-cf01
2014-01-18 00:14 - 2014-01-18 00:13 - 00253404 ____H C:\bdr-ld01
2014-01-18 00:14 - 2014-01-18 00:13 - 00009216 ____H C:\bdr-ld01.mbr
2014-01-18 00:13 - 2014-01-18 00:13 - 00000000 ____D C:\Users\Julian\AppData\Roaming\Bitdefender
2014-01-18 00:09 - 2011-12-09 22:38 - 00000000 ____D C:\Program Files\Bitdefender
2014-01-18 00:09 - 2011-12-09 22:36 - 00000000 ____D C:\Program Files\Common Files\Bitdefender
2014-01-18 00:06 - 2014-01-18 00:06 - 00249497 _____ C:\ProgramData\1389999917.bdinstall.bin
2014-01-17 23:44 - 2014-01-17 23:44 - 00588042 _____ C:\ProgramData\1389998116.bdinstall.bin
2014-01-17 23:30 - 2012-05-05 03:50 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2014-01-17 23:28 - 2014-01-17 23:28 - 00213973 _____ C:\ProgramData\1389997567.bdinstall.bin
2014-01-17 23:09 - 2011-11-21 20:00 - 00000000 ____D C:\Users\Julian\AppData\Local\Mozilla
2014-01-17 23:08 - 2014-01-17 23:08 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2014-01-17 14:14 - 2013-05-22 07:09 - 00000000 ____D C:\Program Files\My Dell
2014-01-17 14:14 - 2011-11-23 13:00 - 00000000 ____D C:\ProgramData\PCDr
2014-01-06 16:20 - 2011-11-21 19:44 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-01 19:18 - 2011-11-26 12:29 - 00000373 _____ C:\Users\Julian\Desktop\todo.txt

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-01-19 02:05

==================== End Of Log ============================
         
--- --- ---

--- --- ---


Und hier ADDITION
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23-01-2014
Ran by Julian at 2014-01-23 13:41:04
Running from C:\Users\Julian\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Bitdefender Antivirus (Enabled - Up to date) {9B5F5313-CAF9-DD97-C460-E778420237B4}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Bitdefender Spyware-Schutz (Enabled - Up to date) {203EB2F7-ECC3-D219-FED0-DC0A39857D09}
FW: Bitdefender Firewall (Enabled) {A364D236-8096-DCCF-EF3F-4E4DBCD170CF}

==================== Installed Programs ======================

7-Zip 9.20 (x32 Version:  - )
Acronis*True*Image*Home 2012 (x32 Version: 15.0.7133 - Acronis) Hidden
Adobe AIR (x32 Version: 4.0.0.1390 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 4.0.0.1390 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 12 ActiveX (x32 Version: 12.0.0.38 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (x32 Version: 12.0.0.43 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) - Deutsch (x32 Version: 11.0.06 - Adobe Systems Incorporated)
Advanced Audio FX Engine (x32 Version: 1.12.05 - Creative Technology Ltd)
AntiLogger Free version 1.6.2.245 (x32 Version: 1.6.2.245 - Zemana Ltd.)
Bitdefender Internet Security (Version: 17.23.0.996 - Bitdefender)
Brother MFL-Pro Suite DCP-J125 (x32 Version: 1.0.3.0 - Brother Industries, Ltd.)
Browser-Anonymisierer 1.0 (x32 Version: 1.0.0.0 - Alexander Miehlke Softwareentwicklung)
CCleaner (Version: 4.09 - Piriform)
COMPUTERBILD-Abzockschutz (x32 Version: 1.0.35 - J3S)
Dell Edoc Viewer (Version: 1.0.0 - Dell Inc)
Dell Touchpad (Version: 7.1209.101.204 - ALPS ELECTRIC CO., LTD.)
Dell Webcam Central (x32 Version: 2.00.44 - Creative Technology Ltd)
DirectX 9 Runtime (x32 Version: 1.00.0000 - Sonic Solutions) Hidden
Diskeeper 12 Home (Version: 16.0.1016.64 - Condusiv Technologies)
ElsterFormular (x32 Version: 14.1.11318 - Landesfinanzdirektion Thüringen)
Intel PROSet Wireless (Version:  - ) Hidden
Intel PROSet Wireless (x32 Version:  - ) Hidden
Intel(R) Control Center (x32 Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (x32 Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (x32 Version: 8.15.10.2455 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (Version: 1.2.0.0587 - Intel Corporation)
Intel(R) PROSet/Wireless WiFi-Software (Version: 14.2.0000 - Intel Corporation)
Intel(R) WiDi (x32 Version: 2.1.39.0 - Intel Corporation)
Intel(R) Wireless Display (Version:  - )
Java 7 Update 51 (x32 Version: 7.0.510 - Oracle)
MFC RunTime files (x32 Version: 1.0.0 - Extensoft) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Klick-und-Los 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - Deutsch (x32 Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (x32 Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (x32 Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (Version: 2.2.173.0 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (Version: 2.2.173.0 - Microsoft Corporation) Hidden
Mozilla Firefox 26.0 (x86 de) (x32 Version: 26.0 - Mozilla)
Mozilla Maintenance Service (x32 Version: 26.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (x32 Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (x32 Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (x32 Version: 4.30.2100.0 - Microsoft Corporation)
My Dell (Version: 3.4.6422.14 - PC-Doctor, Inc.)
NVIDIA 3D Vision Treiber 331.65 (Version: 331.65 - NVIDIA Corporation)
NVIDIA Grafiktreiber 331.65 (Version: 331.65 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.133.889 - NVIDIA Corporation) Hidden
NVIDIA Optimus 1.15.2 (Version: 1.15.2 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3165 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 331.65 (Version: 331.65 - NVIDIA Corporation) Hidden
NVIDIA Update 1.15.2 (Version: 1.15.2 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.15.2 - NVIDIA Corporation) Hidden
OpenOffice 4.0.0 (x32 Version: 4.00.9702 - Apache Software Foundation)
Opera Stable 18.0.1284.68 (x32 Version: 18.0.1284.68 - Opera Software ASA)
PhotoShowExpress (x32 Version: 2.0.063 - Sonic Solutions) Hidden
Quickset64 (Version: 11.0.15 - Dell Inc.)
RBVirtualFolder64Inst (Version: 1.00.0000 - Roxio, Inc.) Hidden
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6353 - Realtek Semiconductor Corp.)
Roxio Activation Module (x32 Version: 1.0 - Roxio) Hidden
Roxio BackOnTrack (x32 Version: 1.3.3 - Roxio) Hidden
Roxio Burn (x32 Version: 1.8 - Roxio) Hidden
Roxio Creator Starter (x32 Version: 1.0.439 - Roxio) Hidden
Roxio Creator Starter (x32 Version: 12.1.77.0 - Roxio)
Roxio Creator Starter (x32 Version: 5.0.0 - Roxio) Hidden
Roxio Express Labeler 3 (x32 Version: 3.2.2 - Roxio) Hidden
Roxio File Backup (Version: 1.3.2 - Roxio) Hidden
Secunia PSI (2.0.0.3003) (x32 Version:  - )
Sonic CinePlayer Decoder Pack (x32 Version: 4.3.0 - Sonic Solutions) Hidden
Spybot - Search & Destroy (x32 Version: 1.6.2 - Safer Networking Limited)
Steganos Privacy Suite 12 (x32 Version: 12.1.1 - Steganos Software GmbH)
Timerle 1.04 (x32 Version: 1.04 - JFSoftware)
Überwachungstool für die Intel® Turbo-Boost-Technik 2.0 (Version: 2.1.23.0 - Intel)
VLC media player 2.1.1 (x32 Version: 2.1.1 - VideoLAN)
Windows Live Mesh ActiveX control for remote connections (x32 Version: 15.4.5722.2 - Microsoft Corporation)

==================== Restore Points  =========================

18-01-2014 09:01:26 Windows Update
18-01-2014 10:54:06 Installed Java 7 Update 51
22-01-2014 22:43:34 Avira EU-Cleaner - 22.01.2014 23:43
23-01-2014 08:01:32 Removed Zinio Reader 4

==================== Hosts content: ==========================

2009-07-14 03:34 - 2014-01-18 14:48 - 00450731 ____R C:\Windows\system32\Drivers\etc\hosts
127.0.0.1	www.007guard.com
127.0.0.1	007guard.com
127.0.0.1	008i.com
127.0.0.1	www.008k.com
127.0.0.1	008k.com
127.0.0.1	www.00hq.com
127.0.0.1	00hq.com
127.0.0.1	010402.com
127.0.0.1	www.032439.com
127.0.0.1	032439.com
127.0.0.1	www.0scan.com
127.0.0.1	0scan.com
127.0.0.1	1000gratisproben.com
127.0.0.1	www.1000gratisproben.com
127.0.0.1	1001namen.com
127.0.0.1	www.1001namen.com
127.0.0.1	100888290cs.com
127.0.0.1	www.100888290cs.com
127.0.0.1	www.100sexlinks.com
127.0.0.1	100sexlinks.com
127.0.0.1	10sek.com
127.0.0.1	www.10sek.com
127.0.0.1	www.1-2005-search.com
127.0.0.1	1-2005-search.com
127.0.0.1	123fporn.info
127.0.0.1	www.123fporn.info
127.0.0.1	123haustiereundmehr.com
127.0.0.1	www.123haustiereundmehr.com
127.0.0.1	123moviedownload.com

There are 1000 more lines.


==================== Scheduled Tasks (whitelisted) =============

Task: {0740B237-C227-4DD3-8D44-65465597BF6F} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {393DD0B4-E067-4255-A549-CAD8ECB89EE7} - System32\Tasks\Microsoft_Hardware_Launch_devicecenter_exe => c:\Program Files\Microsoft Device Center\devicecenter.exe
Task: {3F6A1F6A-D82A-4310-B4EF-5C3F89E025B5} - System32\Tasks\Wise Registry Cleaner Schedule Task => C:\Program Files (x86)\Wise Registry Cleaner\WiseRegCleaner.exe
Task: {453A0FEA-62D7-45EB-B3C9-9CDF493BA1E3} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\My Dell\sessionchecker.exe [2013-12-19] (PC-Doctor, Inc.)
Task: {7424451A-0804-41B7-8A7A-6A2F938BF9B9} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-01-18] (Adobe Systems Incorporated)
Task: {743BFC4A-1BC1-4362-A352-2FE9901889A9} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {7860A16B-88F3-4DA8-8797-C30A71419F7B} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\My Dell\uaclauncher.exe [2013-09-06] (PC-Doctor, Inc.)
Task: {790F67C3-28CA-424D-8EC1-D0381B780FD7} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2013-05-13] (Microsoft)
Task: {916C7ABC-9EF0-48A6-B001-61302216041F} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {9708641B-82E3-46AC-9B3C-13E3132BF3CF} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-12-17] (Piriform Ltd)
Task: {9EB4F67D-0A83-486F-912B-C008E1854E61} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: {ECCDBEE1-4A5C-4F82-8ACB-C01EC16835AA} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Wise Registry Cleaner Schedule Task.job => C:\Program Files (x86)\Wise Registry Cleaner\WiseRegCleaner.exe

==================== Loaded Modules (whitelisted) =============

2011-09-12 14:29 - 2011-09-12 14:29 - 00220672 _____ () C:\Program Files (x86)\Steganos Privacy Suite 12\ShellExtension.dll
2011-11-18 12:27 - 2011-07-20 14:04 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-01-18 00:14 - 2013-06-19 11:45 - 00265080 _____ () C:\Program Files\Bitdefender\Bitdefender\txmlutil.dll
2012-06-28 21:58 - 2012-06-28 21:58 - 00435584 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\Common\ulxmlrpcpp.dll
2014-01-18 00:14 - 2013-06-19 11:44 - 00204280 _____ () C:\Program Files\Bitdefender\Bitdefender\antispam32\txmlutil.dll
2014-01-18 12:08 - 2008-03-17 14:48 - 00432504 _____ () C:\Program Files (x86)\Browser-Anonymisierer\sqlite3.dll
2012-06-29 01:46 - 2012-06-29 01:46 - 13005184 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\Common\ti_managers.dll
2012-06-28 22:34 - 2012-06-28 22:34 - 00018816 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\ti_managers_proxy_stub.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Users\Julian\Desktop\FRST64.exe:BDU

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== Faulty Device Manager Devices =============

Name: Intel(R) Centrino(R) Wireless-N 1030
Description: Intel(R) Centrino(R) Wireless-N 1030
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel Corporation
Service: NETwNs64
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed - Virtueller Adapter
Description: Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed - Virtueller Adapter
Class Guid: {b0755d59-9657-467d-b89d-74c1f645aeb3}
Manufacturer: Intel Corporation
Service: AMPPAL
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============
Error: (01/23/2014 08:54:40 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst lmhosts erreicht.

Error: (01/22/2014 08:22:41 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR2 gefunden.

Error: (01/20/2014 09:25:04 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR2 gefunden.

Error: (01/20/2014 08:14:29 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR2 gefunden.

Error: (01/20/2014 11:33:36 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst lmhosts erreicht.

Error: (01/20/2014 09:18:30 AM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR2 gefunden.

Error: (01/19/2014 04:32:51 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR2 gefunden.

Error: (01/19/2014 04:32:50 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR2 gefunden.

Error: (01/19/2014 01:42:26 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR2 gefunden.

Error: (01/19/2014 11:13:22 AM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR2 gefunden.


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2012-10-02 03:57:53.212
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender 2013\active virus control\Avc3_00160_002\avcuf64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-10-02 03:51:52.314
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender 2013\active virus control\Avc3_00160_002\avcuf64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-10-02 03:19:22.643
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender 2013\active virus control\Avc3_00160_002\avcuf64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-10-02 03:02:33.260
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender 2013\active virus control\Avc3_00160_002\avcuf64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-10-02 01:51:50.483
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender 2013\active virus control\Avc3_00160_002\avcuf64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-10-01 15:48:32.305
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender 2013\active virus control\Avc3_00160_002\avcuf64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-10-01 15:39:18.595
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender 2013\active virus control\Avc3_00160_002\avcuf64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-10-01 13:38:09.687
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender 2013\active virus control\Avc3_00160_002\avcuf64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-10-01 13:21:24.754
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender 2013\active virus control\Avc3_00160_002\avcuf64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-10-01 02:59:07.953
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender 2013\active virus control\Avc3_00160_002\avcuf64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Percentage of memory in use: 51%
Total physical RAM: 3990.17 MB
Available physical RAM: 1952.36 MB
Total Pagefile: 10132.35 MB
Available Pagefile: 7295.17 MB
Total Virtual: 8192 MB
Available Virtual: 8191.79 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:576.54 GB) (Free:421.32 GB) NTFS
Drive f: (Daten) (Fixed) (Total:931.51 GB) (Free:183.98 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 596 GB) (Disk ID: 07F2837E)
Partition 1: (Not Active) - (Size=102 MB) - (Type=DE)
Partition 2: (Active) - (Size=20 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=577 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows XP) (Size: 932 GB) (Disk ID: A10A563D)
Partition 1: (Not Active) - (Size=932 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         
Was sind hier eigentlich diese Festplattencontrollerfehler? Auch wenn das vermutlich nichts mit der eigentlichen Fragestellung zu tun hat.
LG
Julian
__________________

Alt 24.01.2014, 09:20   #4
schrauber
/// the machine
/// TB-Ausbilder
 

Win7:Trojaner, Spione oder ähnliches drauf? - Standard

Win7:Trojaner, Spione oder ähnliches drauf?



Logs sidn sauber. Wenn deine Mail wirklich betroffen sein sollte, wurde der Account online gehackt.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 24.01.2014, 09:27   #5
Nexu07
 
Win7:Trojaner, Spione oder ähnliches drauf? - Standard

Win7:Trojaner, Spione oder ähnliches drauf?



Vielen, vielen Dank!
Hat mir sehr geholfen!


Alt 25.01.2014, 11:07   #6
schrauber
/// the machine
/// TB-Ausbilder
 

Win7:Trojaner, Spione oder ähnliches drauf? - Standard

Win7:Trojaner, Spione oder ähnliches drauf?



Gern Geschehen
__________________
--> Win7:Trojaner, Spione oder ähnliches drauf?

Antwort

Themen zu Win7:Trojaner, Spione oder ähnliches drauf?
adware/adware.gen, avira, bitdefender, cyberghost, defender, email gestohlen, escan, firefox, installation, langsam, löschen, malwarebytes, meldung, nicht mehr, passwörter, problem, probleme, rechner, rechner langsam, scan, seite, seiten, spinnt, suche, trojaner, vpn, win, win7, windows 7




Ähnliche Themen: Win7:Trojaner, Spione oder ähnliches drauf?


  1. Unsicher ob GVU-Trojaner (oder ähnliches) noch auf dem Rechner ist oder ob dieser entfernt wurde.
    Mülltonne - 29.01.2015 (0)
  2. Ein Trojaner oder ähnliches
    Plagegeister aller Art und deren Bekämpfung - 25.12.2014 (7)
  3. Trojaner? Virus oder ähnliches?
    Mülltonne - 20.11.2013 (1)
  4. Wurm,trojaner oder ähnliches auf meinem System
    Log-Analyse und Auswertung - 15.07.2013 (9)
  5. Bios Trojaner oder was Ähnliches?
    Plagegeister aller Art und deren Bekämpfung - 09.10.2012 (20)
  6. Verdacht auf Malware/Trojaner/Keylogger oder ähnliches
    Log-Analyse und Auswertung - 14.06.2012 (3)
  7. Habe ich einen Trojaner , Spyware oder ähnliches?
    Log-Analyse und Auswertung - 08.06.2012 (1)
  8. PC ist sehr langsam im Internet? Evtl Trojaner oder ähnliches?
    Plagegeister aller Art und deren Bekämpfung - 15.09.2011 (6)
  9. Trojaner oder so was ähnliches?
    Plagegeister aller Art und deren Bekämpfung - 21.10.2010 (3)
  10. Virus,Trojaner oder ähnliches im MSN
    Plagegeister aller Art und deren Bekämpfung - 28.12.2009 (10)
  11. Habe ich einen Trojaner, Virus oder ähnliches?
    Log-Analyse und Auswertung - 03.10.2009 (5)
  12. Zlob-Trojaner oder ähnliches?
    Plagegeister aller Art und deren Bekämpfung - 02.11.2008 (1)
  13. Trojaner oder ähnliches legt mein system flach!
    Log-Analyse und Auswertung - 02.10.2008 (1)
  14. Virus, Trojaner oder ähnliches von VirusTotal entdeckt, was nun?
    Plagegeister aller Art und deren Bekämpfung - 21.08.2008 (15)
  15. Trojaner, Virus oder ähnliches erkannt von VirusTotal
    Mülltonne - 16.08.2008 (0)
  16. Trojaner oder ähnliches Ungeziefer
    Plagegeister aller Art und deren Bekämpfung - 28.03.2006 (14)
  17. Virus, Trojaner oder ähnliches auf meinem PC
    Plagegeister aller Art und deren Bekämpfung - 21.05.2005 (14)

Zum Thema Win7:Trojaner, Spione oder ähnliches drauf? - Hallo! Ich hoffe es kann jemand helfen. Ich hatte kurz nach Installation von Cyberghost VPN 5 das Problem, das Firefox die Meldung brachte "Etwas hindert Firefox daran, sicher zu aktualisieren". - Win7:Trojaner, Spione oder ähnliches drauf?...
Archiv
Du betrachtest: Win7:Trojaner, Spione oder ähnliches drauf? auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.