Windows 8: Hilfeseiten von Windows, Thunderbirg, Firefox etc. öffnen sich dauernd von selbst.

jugajuga · 19.02.2014, 18:51

Hallo,

seit ein paar Tagen öffnen sich sehr häufig - ohne ersichtlichen Grund - Hilfeseite von Windows, Thunderbird, Firexfox etc. Oft öffnet sich sehr oft die gleiche Hilfeseite, sodass das Arbeiten mit dem Rechner schwierig ist.

Ich habe standardmässig Bitfender Total Security 2013 im Hintergrund laufen und habe Malewarebytes Anti-Malware Pro drüberlaufen lassen - es wurden auch einige infizierte Dateien gefunden, die ich mit dem letzten Programm gelöscht habe, aber es hat das Problem leider nicht gelöst.

Bitte freundlich um Hinweise, was ich noch tun kann um den "Plagegeist" loszuwerden.

Im Voraus herzlichen Dank!

JugaJuga

FRST.txt

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 18-02-2014
Ran by Juga (administrator) on LAPTOP on 19-02-2014 18:18:52
Running from C:\Users\Juga\Desktop
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ 
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2013\vsserv.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe
(REINER SCT) C:\Windows\SysWOW64\cjpcsc.exe
() C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe
(Microsoft Corporation) C:\Windows\system32\dashost.exe
() C:\Windows\system32\DptfParticipantProcessorService.exe
() C:\Windows\system32\DptfPolicyConfigTDPService.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
() C:\ProgramData\DatacardService\HWDeviceService64.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
() C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\HelperService.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Star Finanz-Software Entwicklung und Vertriebs GmbH) C:\Program Files (x86)\StarMoney 9.0\ouservice\StarMoneyOnlineUpdate.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2013\updatesrv.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1114.318_x64__8wekyb3d8bbwe\LiveComm.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2013\bdagent.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Sony Corporation) C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ReaderAppHelper.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\system32\msiexec.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
() C:\Users\Juga\Desktop\Defogger.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13192848 2012-08-30] (Realtek Semiconductor)
HKLM\...\Run: [ASUSQuickGesture(x86)] - C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe [20352 2012-09-11] (ASUSTeK Computer Inc.)
HKLM\...\Run: [ASUSTPLoader(x64)] - C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe [169856 2012-09-11] (AsusTek)
HKLM\...\Run: [ASUSQuickGesture(x64)] - C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe [22400 2012-09-11] (ASUSTeK Computer Inc.)
HKLM\...\Run: [DptfPolicyLpmServiceHelper] - C:\Windows\system32\DptfPolicyLpmServiceHelper.exe [21888 2012-07-30] ()
HKLM\...\Run: [ACMON] - C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [107192 2012-08-24] (ASUS)
HKLM\...\Run: [Bdagent] - C:\Program Files\Bitdefender\Bitdefender 2013\bdagent.exe [1575192 2013-10-25] (Bitdefender)
HKLM\...\Run: [BTMTrayAgent] - C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll [7818040 2013-09-19] (Motorola Solutions, Inc.)
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [285240 2012-09-01] (Intel Corporation)
HKLM-x32\...\Run: [ASUSWebStorage] - C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\AsusWSPanel.exe [3417984 2012-08-28] (ASUS Cloud Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Reader Application Helper] - C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ReaderAppHelper.exe [899400 2013-11-27] (Sony Corporation)
HKLM-x32\...\Run: [BingDesktop] - C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe [2258056 2013-09-22] (Microsoft Corp.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [] - [X]
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [168616 2013-12-10] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [141336 2013-12-10] (NVIDIA Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.bing.com
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.giga.de/foto/
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&amp;form=IE10TR&amp;src=IE10TR&amp;pc=ASU2JS
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&amp;form=IE10TR&amp;src=IE10TR&amp;pc=ASU2JS
SearchScopes: HKLM - {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = 
SearchScopes: HKLM-x32 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&amp;form=IE10TR&amp;src=IE10TR&amp;pc=ASU2JS
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&amp;form=IE10TR&amp;src=IE10TR&amp;pc=ASU2JS
SearchScopes: HKCU - DefaultScope {A8687284-3697-4655-BE2B-AA9ECF2FE73E} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dsites0103&cd=2XzuyEtN2Y1L1Qzu0CyEzzyDtDzzyE0D0AtByBzz0CyD0C0DtN0D0Tzu0SyBzztDtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R&cr=732592644&ir=
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=4241C485084DA275&affID=120008&tsp=5024
SearchScopes: HKCU - {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = hxxp://search.softonic.com/MOY00621/tb_v1?q={searchTerms}&SearchSource=4&cc=&mi=4241c5cd000000000000c485084da275&r=953
SearchScopes: HKCU - {A8687284-3697-4655-BE2B-AA9ECF2FE73E} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dsites0103&cd=2XzuyEtN2Y1L1Qzu0CyEzzyDtDzzyE0D0AtByBzz0CyD0C0DtN0D0Tzu0SyBzztDtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R&cr=732592644&ir=
SearchScopes: HKCU - {E77F2311-3431-4099-BACD-C4E2DD35C235} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=kw&q={searchTerms}&locale=de_DE&apn_ptnrs=^U3&apn_dtid=^OSJ000^YY^DE&apn_uid=847AF034-5453-4ABB-85F8-1DDFEE1375A3&apn_sauid=CC3463C2-6F6A-4E54-A5E5-F50EE66883CA
BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: ASUS Browser Extension x64 - {78234974-0C4B-4111-BDEB-D9A104418772} - C:\Program Files (x86)\ASUS\ASUS Smart Gesture\install\x64\BrowserExtension64.dll (ASUSTeK Computer Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_64.dll (IvoSoft)
BHO-x32: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GmbH)
BHO-x32: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: ASUS Browser Extension x86 - {78234974-0C4B-4111-BDEB-D9A104418771} - C:\Program Files (x86)\ASUS\ASUS Smart Gesture\install\x86\BrowserExtension.dll (ASUSTeK Computer Inc.)
BHO-x32: ividi Helper Object - {8B8B2E80-1444-451D-AC8E-EB9A847F3887} - C:\Program Files (x86)\Unitech LLC\ividi\1.8.23.0\bh\ividi.dll No File
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Softonic Helper Object - {E87806B5-E908-45FD-AF5E-957D83E58E68} - C:\Program Files (x86)\Softonic\Softonic\1.8.21.14\bh\Softonic.dll (Softonic.com)
BHO-x32: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
Toolbar: HKLM-x32 - Softonic Toolbar - {5018CFD2-804D-4C99-9F81-25EAEA2769DE} - C:\Program Files (x86)\Softonic\Softonic\1.8.21.14\SoftonicTlbr.dll (Softonic.com)
Toolbar: HKLM-x32 - PDF Architect Toolbar - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files (x86)\PDF Architect\PDFIEPlugin.dll (pdfforge GmbH)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  No File
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{AEFBB86E-3140-48A0-A253-9D902613CC85}: [NameServer]139.7.30.126 139.7.30.125

FireFox:
========
FF ProfilePath: C:\Users\Juga\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox
FF user.js: detected! => C:\Users\Juga\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\user.js
FF DefaultSearchEngine: Mysearchdial
FF NetworkProxy: "ftp", "127.0.0.1"
FF NetworkProxy: "ftp_port", 4001
FF NetworkProxy: "gopher", "127.0.0.1"
FF NetworkProxy: "gopher_port", 4001
FF NetworkProxy: "http", "127.0.0.1"
FF NetworkProxy: "http_port", 4001
FF NetworkProxy: "socks_remote_dns", true
FF NetworkProxy: "ssl", "127.0.0.1"
FF NetworkProxy: "ssl_port", 4001
FF NetworkProxy: "type", 1
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @ei.FromDocToPDF_65.com/Plugin - C:\Program Files (x86)\FromDocToPDF_65EI\Installr\1.bin\NP65EISB.dll (FromDocToPDF)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @sony.com/ReaderDesktop - C:\Program Files (x86)\Sony\ReaderDesktop\npreaderdetectmoz.dll (Sony Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Juga\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\duckduckgo-ssl-javascript-free.xml
FF SearchPlugin: C:\Users\Juga\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\google-de-ssl.xml
FF SearchPlugin: C:\Users\Juga\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\google-encrypted-no-personalization.xml
FF SearchPlugin: C:\Users\Juga\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\ixquick---deutsch.xml
FF SearchPlugin: C:\Users\Juga\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\ixquick-ssl-pictures---deutsch.xml
FF SearchPlugin: C:\Users\Juga\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\ixquick-ssl-pictures---english.xml
FF SearchPlugin: C:\Users\Juga\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\ixquick.xml
FF SearchPlugin: C:\Users\Juga\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\leo-eng-ger.xml
FF SearchPlugin: C:\Users\Juga\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\leo-esp-ale.xml
FF SearchPlugin: C:\Users\Juga\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\leo-fra-all.xml
FF SearchPlugin: C:\Users\Juga\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\metager2.xml
FF SearchPlugin: C:\Users\Juga\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\Mysearchdial.xml
FF SearchPlugin: C:\Users\Juga\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\softonic.xml
FF SearchPlugin: C:\Users\Juga\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\ssl-wikipedia-deutsch.xml
FF SearchPlugin: C:\Users\Juga\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\ssl-wikipedia-english.xml
FF SearchPlugin: C:\Users\Juga\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\startpage-https---deutsch.xml
FF SearchPlugin: C:\Users\Juga\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\startpage-https.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Amazon-Icon - C:\Users\Juga\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\Extensions\amazon-icon@giga.de [2014-02-13]
FF Extension: HTTPS-Everywhere - C:\Users\Juga\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\Extensions\https-everywhere@eff.org [2013-10-20]
FF Extension: Spartipps von SparPilot.com - C:\Users\Juga\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\Extensions\sparpilot@sparpilot.com [2014-02-13]
FF Extension: No Name - C:\Users\Juga\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\Extensions\staged [2014-02-19]
FF Extension: Cookie Monster - C:\Users\Juga\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\Extensions\{45d8ff86-d909-11db-9705-005056c00008} [2013-10-20]
FF Extension: UnPlug - C:\Users\Juga\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\Extensions\unplug@compunach.xpi [2013-08-06]
FF Extension: JonDoFox - C:\Users\Juga\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\Extensions\{437be45a-4114-11dd-b9ab-71d256d89593}.xpi [2013-09-18]
FF Extension: NoScript - C:\Users\Juga\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2013-09-17]
FF Extension: Adblock Plus - C:\Users\Juga\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-08-06]
FF Extension: ProfileSwitcher - C:\Users\Juga\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\Extensions\{fa8476cf-a98c-4e08-99b4-65a69cb4b7d4}.xpi [2013-08-06]
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2013\bdtbext
FF Extension: bdToolbar - C:\Program Files\Bitdefender\Bitdefender 2013\bdtbext [2013-06-30]
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2013-10-21]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2013\bdtbext
FF Extension: bdToolbar - C:\Program Files\Bitdefender\Bitdefender 2013\bdtbext [2013-06-30]

Chrome: 
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR Extension: (Softonic Chrome Toolbar) - C:\Users\Juga\AppData\Local\Google\Chrome\User Data\Default\Extensions\elchiiiejkobdbblfejjkbphbddgmljf [2013-10-21]
CHR HKLM-x32\...\Chrome\Extension: [aaaaojmikegpiepcfdkkjaplodkpfmlo] - C:\Users\Juga\AppData\Local\APN\GoogleCRXs\apnorjtoolbar.crx [2013-10-21]
CHR HKLM-x32\...\Chrome\Extension: [elchiiiejkobdbblfejjkbphbddgmljf] - C:\Program Files (x86)\Softonic\Softonic\1.8.21.14\Softonic.crx [2013-06-11]
CHR HKLM-x32\...\Chrome\Extension: [mkcedibhemacmilmkpndpkoidlnmgngg] - C:\Users\Juga\ChromeExtensions\mkcedibhemacmilmkpndpkoidlnmgngg\amazon.crx [2014-02-13]

==================== Services (Whitelisted) =================

R2 ASUS InstantOn; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [277120 2012-04-13] (ASUS)
S4 BdDesktopParental; C:\Program Files\Bitdefender\Bitdefender 2013\bdparentalservice.exe [69392 2013-10-25] (Bitdefender)
R2 BingDesktopUpdate; C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [173192 2013-09-22] (Microsoft Corp.)
R2 cjpcsc; C:\Windows\SysWOW64\cjpcsc.exe [515632 2013-05-21] (REINER SCT)
R2 DirMngr; C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe [218112 2013-05-28] ()
R2 DptfParticipantProcessorService; C:\Windows\system32\DptfParticipantProcessorService.exe [29056 2012-07-30] ()
R2 DptfPolicyConfigTDPService; C:\Windows\system32\DptfPolicyConfigTDPService.exe [30592 2012-07-30] ()
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [339456 2010-11-16] ()
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
R2 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [157128 2013-09-18] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S2 Mobile Partner. RunOuc; c:\program files (x86)\mobile partner\updatedog\ouc.exe [218624 2013-05-09] ()
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-08-28] ()
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
S2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
R2 SafeBox; C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe [95184 2012-06-25] (Bitdefender)
R2 StarMoney 9.0 OnlineUpdate; C:\Program Files (x86)\StarMoney 9.0\ouservice\StarMoneyOnlineUpdate.exe [663184 2014-01-27] (Star Finanz-Software Entwicklung und Vertriebs GmbH)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2013\updatesrv.exe [67320 2013-10-25] (Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2013\vsserv.exe [1645256 2013-10-25] (Bitdefender)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-02] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3378416 2013-08-28] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [56704 2012-09-11] (ASUS Corporation)
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [727592 2013-10-25] (BitDefender)
R3 avchv; C:\Windows\system32\DRIVERS\avchv.sys [261056 2012-11-02] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [601360 2013-10-25] (BitDefender)
S0 bdelam; C:\Windows\System32\drivers\bdelam.sys [23456 2012-07-11] (Bitdefender)
R1 BdfNdisf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfndisf6.sys [98768 2013-10-25] (BitDefender LLC)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [107008 2013-10-25] (BitDefender LLC)
S3 BDSandBox; C:\Windows\system32\drivers\bdsandbox.sys [82824 2013-10-25] (BitDefender SRL)
R1 BDVEDISK; C:\Windows\system32\DRIVERS\bdvedisk.sys [79192 2013-10-25] (BitDefender)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [140600 2013-07-22] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1390904 2013-09-05] (Motorola Solutions, Inc.)
S3 cjusb; C:\Windows\system32\DRIVERS\cjusb.sys [35192 2012-09-04] (REINER SCT)
R3 DptfDevDram; C:\Windows\system32\DRIVERS\DptfDevDram.sys [107328 2012-07-13] (Intel Corporation)
R3 DptfDevFan; C:\Windows\system32\DRIVERS\DptfDevFan.sys [42816 2012-07-13] (Intel Corporation)
R3 DptfDevGen; C:\Windows\system32\DRIVERS\DptfDevGen.sys [64832 2012-07-13] (Intel Corporation)
R3 DptfDevPch; C:\Windows\system32\DRIVERS\DptfDevPch.sys [96064 2012-07-13] (Intel Corporation)
R3 DptfDevProc; C:\Windows\system32\DRIVERS\DptfDevProc.sys [228672 2012-07-13] (Intel Corporation)
R3 DptfManager; C:\Windows\system32\DRIVERS\DptfManager.sys [361792 2012-07-13] (Intel Corporation)
S3 ewusbnet; C:\Windows\system32\DRIVERS\ewusbnet.sys [256000 2013-05-09] (Huawei Technologies Co., Ltd.)
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [150256 2013-10-25] (BitDefender LLC)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( )
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3345376 2013-10-08] (Intel Corporation)
R3 SensorsAlsDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [198656 2012-07-26] (Microsoft Corporation)
R2 trufos; C:\Windows\System32\DRIVERS\trufos.sys [389240 2013-10-25] (BitDefender S.R.L.)
S3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [48096 2012-08-09] (Windows (R) Win 7 DDK provider)
S3 XHCIPort; C:\Windows\System32\drivers\XHCIPort.sys [188384 2012-08-09] (Windows (R) Win 7 DDK provider)
U0 msahci; 

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-02-19 18:18 - 2014-02-19 18:18 - 00027249 _____ () C:\Users\Juga\Desktop\FRST.txt
2014-02-19 18:18 - 2014-02-19 18:18 - 00000470 _____ () C:\Users\Juga\Desktop\defogger_disable.log
2014-02-19 18:04 - 2014-02-19 18:04 - 00000022 _____ () C:\Windows\S.dirmngr
2014-02-19 17:09 - 2014-02-19 17:09 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Juga\Downloads\mbam-consumer.exe
2014-02-19 16:48 - 2014-02-19 16:48 - 00000172 _____ () C:\Windows\AsCDProc.log
2014-02-19 16:30 - 2014-02-19 16:30 - 00001071 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-02-19 16:30 - 2014-02-19 16:30 - 00000000 ____D () C:\Users\Juga\AppData\Roaming\Malwarebytes
2014-02-19 16:30 - 2014-02-19 16:30 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-02-19 16:30 - 2014-02-19 16:30 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-19 16:30 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-02-19 16:29 - 2014-02-19 16:29 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Juga\Downloads\mbam-setup-1.75.0.1300.exe
2014-02-19 16:19 - 2014-02-19 15:42 - 00029451 _____ () C:\Users\Juga\Desktop\Addition.txt
2014-02-19 16:03 - 2014-02-19 16:03 - 00000470 _____ () C:\Windows\SysWOW64\defogger_disable.log
2014-02-19 15:51 - 2014-02-19 15:51 - 00296784 _____ () C:\Windows\Minidump\021914-7562-01.dmp
2014-02-19 15:44 - 2014-02-19 15:44 - 00299816 _____ () C:\Windows\Minidump\021914-7718-01.dmp
2014-02-19 15:43 - 2014-02-19 15:43 - 00380416 _____ () C:\Users\Juga\Desktop\Gmer-19357.exe
2014-02-19 15:41 - 2014-02-19 18:18 - 00000000 ____D () C:\FRST
2014-02-19 12:49 - 2014-02-19 12:49 - 02153472 _____ (Farbar) C:\Users\Juga\Desktop\FRST64.exe
2014-02-19 12:46 - 2014-02-19 12:46 - 01141248 _____ (Farbar) C:\Users\Juga\Downloads\FRST.exe
2014-02-19 12:46 - 2014-02-19 12:46 - 00000470 _____ () C:\Users\Juga\Downloads\defogger_disable.log
2014-02-19 12:46 - 2014-02-19 12:46 - 00000000 _____ () C:\Users\Juga\defogger_reenable
2014-02-19 12:45 - 2014-02-19 12:45 - 00050477 _____ () C:\Users\Juga\Desktop\Defogger.exe
2014-02-19 12:43 - 2014-02-19 12:57 - 00000000 ____D () C:\Users\Juga\AppData\Roaming\systweak
2014-02-19 12:43 - 2014-02-19 12:43 - 00003012 _____ () C:\Windows\System32\Tasks\RegClean Pro_UPDATES
2014-02-19 12:43 - 2014-02-19 12:43 - 00002856 _____ () C:\Windows\System32\Tasks\RegClean Pro_DEFAULT
2014-02-19 12:43 - 2014-02-19 12:43 - 00002640 _____ () C:\Windows\System32\Tasks\MySearchDial
2014-02-19 12:43 - 2014-02-19 12:43 - 00002640 _____ () C:\Windows\System32\Tasks\Digital Sites
2014-02-19 12:43 - 2014-02-19 12:43 - 00000302 _____ () C:\Windows\Tasks\MySearchDial.job
2014-02-19 12:43 - 2014-02-19 12:43 - 00000302 _____ () C:\Windows\Tasks\Digital Sites.job
2014-02-19 12:43 - 2014-02-19 12:43 - 00000000 ____D () C:\Users\Juga\AppData\Roaming\DigitalSites
2014-02-19 12:43 - 2014-01-21 17:28 - 00020312 _____ (Systweak Inc., (www.systweak.com)) C:\Windows\system32\roboot64.exe
2014-02-19 10:15 - 2014-02-19 17:58 - 00003586 _____ () C:\Windows\System32\Tasks\Bitdefender Auto-Scan
2014-02-18 08:48 - 2014-02-18 08:48 - 00003142 _____ () C:\Windows\System32\Tasks\{CEEC242F-CB31-4B7C-BA41-759D23FC22A4}
2014-02-18 08:48 - 2014-02-18 08:48 - 00000000 ____D () C:\Users\Juga\AppData\Local\Skype
2014-02-18 08:47 - 2014-02-18 08:47 - 01659552 _____ (Skype Technologies S.A.) C:\Users\Juga\Downloads\SkypeSetup(1).exe
2014-02-18 08:42 - 2014-02-19 17:46 - 00017418 _____ () C:\Windows\PFRO.log
2014-02-17 20:40 - 2014-02-17 20:40 - 01816433 _____ () C:\Users\Juga\Downloads\tools_v6.0.8.zip
2014-02-17 20:29 - 2014-02-17 20:29 - 09954793 _____ () C:\Users\Juga\Downloads\Ultimate-DRM-Removal-last.zip
2014-02-17 09:23 - 2014-02-17 09:25 - 88898427 _____ () C:\Users\Juga\Desktop\Tumblr_Video.mp4
2014-02-17 09:03 - 2014-02-17 09:03 - 00000852 _____ () C:\Windows\setupact.log
2014-02-17 09:03 - 2014-02-17 09:03 - 00000000 _____ () C:\Windows\setuperr.log
2014-02-16 22:29 - 2014-02-16 22:29 - 00323576 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-02-16 22:06 - 2014-02-16 22:06 - 00002770 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-02-16 22:06 - 2014-02-16 22:06 - 00000824 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-02-16 22:06 - 2014-02-16 22:06 - 00000000 ____D () C:\Program Files\CCleaner
2014-02-16 22:05 - 2014-02-16 22:06 - 03645064 _____ (Piriform Ltd) C:\Users\Juga\Downloads\ccsetup410_slim.exe
2014-02-16 17:50 - 2014-02-16 17:50 - 00000000 ____D () C:\Windows\SysWOW64\NV
2014-02-16 17:50 - 2014-02-16 17:50 - 00000000 ____D () C:\Windows\system32\NV
2014-02-16 12:58 - 2014-02-16 12:59 - 54537728 _____ () C:\Users\Juga\Downloads\calibre-1.24.0.msi
2014-02-16 06:31 - 2013-12-07 07:36 - 19751936 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-02-16 06:31 - 2013-12-07 06:15 - 17560576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-02-15 20:17 - 2014-02-15 20:17 - 24490112 _____ (Mozilla) C:\Users\Juga\Downloads\Firefox Setup 27.0.1.exe
2014-02-15 00:23 - 2014-02-15 00:49 - 130171322 _____ () C:\Users\Juga\Desktop\1103195_white_ass_slut_fucked_twice_bare_creamed_huge_black_.flv
2014-02-14 10:11 - 2014-02-15 20:19 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-13 22:28 - 2013-12-05 00:43 - 00583680 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-02-13 22:28 - 2013-12-05 00:37 - 00451072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-02-13 22:04 - 2013-11-01 06:53 - 02232664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-02-13 22:03 - 2014-02-01 10:20 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-13 22:03 - 2014-02-01 10:19 - 02241536 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-13 22:03 - 2014-02-01 10:19 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-13 22:03 - 2014-02-01 10:19 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2014-02-13 22:03 - 2014-02-01 10:19 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2014-02-13 22:03 - 2014-02-01 10:18 - 19274240 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-13 22:03 - 2014-02-01 10:18 - 15403520 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-13 22:03 - 2014-02-01 10:18 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-02-13 22:03 - 2014-02-01 10:18 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-13 22:03 - 2014-02-01 10:18 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-13 22:03 - 2014-02-01 10:18 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-02-13 22:03 - 2014-02-01 10:18 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-13 22:03 - 2014-02-01 10:18 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-13 22:03 - 2014-02-01 10:18 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-13 22:03 - 2014-02-01 08:58 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-13 22:03 - 2014-02-01 08:58 - 01140736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-13 22:03 - 2014-02-01 08:58 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2014-02-13 22:03 - 2014-02-01 08:57 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-13 22:03 - 2014-02-01 08:57 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-13 22:03 - 2014-02-01 08:57 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-13 22:03 - 2014-02-01 08:57 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-02-13 22:03 - 2014-02-01 08:57 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-13 22:03 - 2014-02-01 08:57 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-13 22:03 - 2014-02-01 08:57 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-13 22:03 - 2014-02-01 08:40 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-13 22:03 - 2014-02-01 08:34 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-13 22:03 - 2014-02-01 06:08 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2014-02-13 22:03 - 2013-12-09 01:45 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-02-13 22:03 - 2013-12-09 00:59 - 00600064 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-13 22:03 - 2013-12-05 00:43 - 01845248 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-13 22:03 - 2013-12-05 00:37 - 01419264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-02-13 22:03 - 2013-11-27 01:19 - 00385614 _____ () C:\Windows\system32\ApnDatabase.xml
2014-02-13 22:03 - 2013-11-26 00:17 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2014-02-13 22:02 - 2014-02-01 10:18 - 03960320 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-13 22:02 - 2014-02-01 10:18 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-13 22:02 - 2014-02-01 08:57 - 14359040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-13 22:02 - 2014-02-01 08:57 - 02877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-13 22:02 - 2014-02-01 08:57 - 02049024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-13 22:02 - 2014-02-01 08:57 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-02-13 09:58 - 2014-02-13 09:58 - 00000000 ____D () C:\Users\Juga\AppData\Local\Tempfeb52be43e051bfaf4839a6935e00e42
2014-02-13 09:58 - 2014-02-13 09:58 - 00000000 ____D () C:\Users\Juga\AppData\Local\Temp12e72473eede95c369de200ff0f01ceb
2014-02-13 09:57 - 2014-02-13 09:57 - 00000000 ____D () C:\Users\Juga\Downloads\Steganos-SpurenVernichter
2014-02-13 09:57 - 2014-02-13 09:57 - 00000000 ____D () C:\Users\Juga\ChromeExtensions
2014-02-13 09:57 - 2014-02-13 09:57 - 00000000 ____D () C:\Users\Juga\AppData\Roaming\NVIDIA
2014-02-13 09:57 - 2014-02-13 09:57 - 00000000 ____D () C:\Users\Juga\AppData\Local\Temp14b5077f6956a3517aafd12a4b0ddc8f
2014-02-13 09:56 - 2014-02-13 09:56 - 01059584 _____ () C:\Users\Juga\Downloads\Steganos-SpurenVernichter-Setup.exe
2014-02-13 06:43 - 2014-02-13 06:43 - 00001237 _____ () C:\Users\Juga\Downloads\URLLink(6).acsm
2014-02-12 11:28 - 2014-01-13 00:30 - 02238976 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-02-12 11:28 - 2014-01-13 00:30 - 02032640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-02-12 11:28 - 2013-11-20 01:15 - 03842560 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-02-12 11:28 - 2013-11-20 00:57 - 03288576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-02-08 11:19 - 2014-02-08 11:19 - 00003576 _____ () C:\Users\Juga\Desktop\anschreibenMBWK.tex
2014-02-05 13:45 - 2014-02-07 08:14 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-02-02 12:22 - 2014-02-02 12:22 - 00007374 _____ () C:\Users\Juga\Desktop\Preisinformation zum 1. März 2014.eml
2014-01-26 10:21 - 2013-12-18 21:09 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-01-26 10:21 - 2013-12-18 21:04 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-01-26 10:21 - 2013-12-18 21:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-01-26 10:21 - 2013-12-18 21:03 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-01-26 10:15 - 2014-01-26 10:15 - 00921000 _____ (Oracle Corporation) C:\Users\Juga\Downloads\jxpiinstall.exe
2014-01-23 15:04 - 2014-01-23 15:04 - 00010723 _____ () C:\Users\Juga\Documents\Kopie von abrechnung-1-14.xlsx

==================== One Month Modified Files and Folders =======

2014-02-19 18:19 - 2014-02-19 18:18 - 00027249 _____ () C:\Users\Juga\Desktop\FRST.txt
2014-02-19 18:18 - 2014-02-19 18:18 - 00000470 _____ () C:\Users\Juga\Desktop\defogger_disable.log
2014-02-19 18:18 - 2014-02-19 15:41 - 00000000 ____D () C:\FRST
2014-02-19 18:13 - 2012-08-03 00:02 - 00761598 _____ () C:\Windows\system32\perfh007.dat
2014-02-19 18:13 - 2012-08-03 00:02 - 00159306 _____ () C:\Windows\system32\perfc007.dat
2014-02-19 18:13 - 2012-07-26 08:28 - 01748838 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-19 18:10 - 2013-05-07 18:30 - 00003596 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3203196741-1805427045-687499267-1002
2014-02-19 18:05 - 2013-05-06 18:53 - 00000500 _____ () C:\Users\Juga\AppData\Roaming\sp_data.sys
2014-02-19 18:04 - 2014-02-19 18:04 - 00000022 _____ () C:\Windows\S.dirmngr
2014-02-19 18:04 - 2012-07-26 08:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-19 18:03 - 2012-11-15 19:50 - 01801426 _____ () C:\Windows\WindowsUpdate.log
2014-02-19 18:00 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\system32\sru
2014-02-19 17:59 - 2012-07-26 06:26 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-02-19 17:58 - 2014-02-19 10:15 - 00003586 _____ () C:\Windows\System32\Tasks\Bitdefender Auto-Scan
2014-02-19 17:53 - 2014-01-08 10:52 - 00000000 ____D () C:\Users\Juga\AppData\Roaming\ClassicShell
2014-02-19 17:46 - 2014-02-18 08:42 - 00017418 _____ () C:\Windows\PFRO.log
2014-02-19 17:12 - 2013-05-09 10:31 - 00000121 _____ () C:\Users\Public\LMDebug.log
2014-02-19 17:09 - 2014-02-19 17:09 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Juga\Downloads\mbam-consumer.exe
2014-02-19 17:06 - 2012-07-26 06:26 - 00524288 ___SH () C:\Windows\system32\config\BBI
2014-02-19 17:05 - 2013-10-03 13:28 - 00000000 ____D () C:\ProgramData\DSearchLink
2014-02-19 17:05 - 2013-10-03 12:01 - 00000000 ____D () C:\Program Files (x86)\Unitech LLC
2014-02-19 16:48 - 2014-02-19 16:48 - 00000172 _____ () C:\Windows\AsCDProc.log
2014-02-19 16:30 - 2014-02-19 16:30 - 00001071 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-02-19 16:30 - 2014-02-19 16:30 - 00000000 ____D () C:\Users\Juga\AppData\Roaming\Malwarebytes
2014-02-19 16:30 - 2014-02-19 16:30 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-02-19 16:30 - 2014-02-19 16:30 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-19 16:29 - 2014-02-19 16:29 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Juga\Downloads\mbam-setup-1.75.0.1300.exe
2014-02-19 16:26 - 2013-04-02 14:25 - 00000000 ____D () C:\Users\Juga\AppData\Local\Packages
2014-02-19 16:03 - 2014-02-19 16:03 - 00000470 _____ () C:\Windows\SysWOW64\defogger_disable.log
2014-02-19 15:51 - 2014-02-19 15:51 - 00296784 _____ () C:\Windows\Minidump\021914-7562-01.dmp
2014-02-19 15:51 - 2013-05-24 05:45 - 00000000 ____D () C:\Windows\Minidump
2014-02-19 15:44 - 2014-02-19 15:44 - 00299816 _____ () C:\Windows\Minidump\021914-7718-01.dmp
2014-02-19 15:43 - 2014-02-19 15:43 - 00380416 _____ () C:\Users\Juga\Desktop\Gmer-19357.exe
2014-02-19 15:42 - 2014-02-19 16:19 - 00029451 _____ () C:\Users\Juga\Desktop\Addition.txt
2014-02-19 13:04 - 2013-05-09 10:21 - 00000000 ____D () C:\ProgramData\Skype
2014-02-19 12:57 - 2014-02-19 12:43 - 00000000 ____D () C:\Users\Juga\AppData\Roaming\systweak
2014-02-19 12:49 - 2014-02-19 12:49 - 02153472 _____ (Farbar) C:\Users\Juga\Desktop\FRST64.exe
2014-02-19 12:46 - 2014-02-19 12:46 - 01141248 _____ (Farbar) C:\Users\Juga\Downloads\FRST.exe
2014-02-19 12:46 - 2014-02-19 12:46 - 00000470 _____ () C:\Users\Juga\Downloads\defogger_disable.log
2014-02-19 12:46 - 2014-02-19 12:46 - 00000000 _____ () C:\Users\Juga\defogger_reenable
2014-02-19 12:46 - 2013-05-06 18:50 - 00000000 ____D () C:\Users\Juga
2014-02-19 12:45 - 2014-02-19 12:45 - 00050477 _____ () C:\Users\Juga\Desktop\Defogger.exe
2014-02-19 12:43 - 2014-02-19 12:43 - 00003012 _____ () C:\Windows\System32\Tasks\RegClean Pro_UPDATES
2014-02-19 12:43 - 2014-02-19 12:43 - 00002856 _____ () C:\Windows\System32\Tasks\RegClean Pro_DEFAULT
2014-02-19 12:43 - 2014-02-19 12:43 - 00002640 _____ () C:\Windows\System32\Tasks\MySearchDial
2014-02-19 12:43 - 2014-02-19 12:43 - 00002640 _____ () C:\Windows\System32\Tasks\Digital Sites
2014-02-19 12:43 - 2014-02-19 12:43 - 00000302 _____ () C:\Windows\Tasks\MySearchDial.job
2014-02-19 12:43 - 2014-02-19 12:43 - 00000302 _____ () C:\Windows\Tasks\Digital Sites.job
2014-02-19 12:43 - 2014-02-19 12:43 - 00000000 ____D () C:\Users\Juga\AppData\Roaming\DigitalSites
2014-02-19 12:43 - 2013-07-26 23:49 - 00000101 _____ () C:\Users\Juga\AppData\Roaming\WB.CFG
2014-02-19 12:20 - 2013-08-09 17:51 - 00000000 ____D () C:\Program Files (x86)\StarMoney 9.0
2014-02-19 12:06 - 2013-06-30 21:58 - 524288512 _____ () C:\Users\Juga\Desktop\Datentresor - Ruppert.bvd
2014-02-19 12:02 - 2013-05-09 10:21 - 00000000 ____D () C:\Users\Juga\AppData\Roaming\Skype
2014-02-19 11:47 - 2013-05-06 21:41 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-19 10:15 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\AUInstallAgent
2014-02-18 23:21 - 2013-05-11 16:41 - 00000000 ____D () C:\Users\Juga\AppData\Roaming\vlc
2014-02-18 08:48 - 2014-02-18 08:48 - 00003142 _____ () C:\Windows\System32\Tasks\{CEEC242F-CB31-4B7C-BA41-759D23FC22A4}
2014-02-18 08:48 - 2014-02-18 08:48 - 00000000 ____D () C:\Users\Juga\AppData\Local\Skype
2014-02-18 08:47 - 2014-02-18 08:47 - 01659552 _____ (Skype Technologies S.A.) C:\Users\Juga\Downloads\SkypeSetup(1).exe
2014-02-17 20:42 - 2013-09-14 22:45 - 00000000 ____D () C:\Users\Juga\Documents\Calibre-Bibliothek
2014-02-17 20:40 - 2014-02-17 20:40 - 01816433 _____ () C:\Users\Juga\Downloads\tools_v6.0.8.zip
2014-02-17 20:29 - 2014-02-17 20:29 - 09954793 _____ () C:\Users\Juga\Downloads\Ultimate-DRM-Removal-last.zip
2014-02-17 09:59 - 2012-11-15 19:35 - 00000000 ____D () C:\Intel
2014-02-17 09:25 - 2014-02-17 09:23 - 88898427 _____ () C:\Users\Juga\Desktop\Tumblr_Video.mp4
2014-02-17 09:03 - 2014-02-17 09:03 - 00000852 _____ () C:\Windows\setupact.log
2014-02-17 09:03 - 2014-02-17 09:03 - 00000000 _____ () C:\Windows\setuperr.log
2014-02-17 09:03 - 2013-11-02 21:16 - 00000000 ____D () C:\ProgramData\Package Cache
2014-02-17 09:03 - 2013-08-18 10:30 - 00008129 _____ () C:\Windows\system32\lvcoinst.log
2014-02-17 09:03 - 2012-11-15 19:35 - 00000000 ____D () C:\Program Files (x86)\Intel
2014-02-16 22:29 - 2014-02-16 22:29 - 00323576 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-02-16 22:20 - 2013-05-06 18:51 - 00000000 ____D () C:\Users\Juga\AppData\Local\VirtualStore
2014-02-16 22:08 - 2013-05-16 23:12 - 00000000 ____D () C:\Program Files (x86)\PDFCreator
2014-02-16 22:08 - 2012-08-02 23:24 - 00000000 ____D () C:\Windows\Panther
2014-02-16 22:06 - 2014-02-16 22:06 - 00002770 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-02-16 22:06 - 2014-02-16 22:06 - 00000824 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-02-16 22:06 - 2014-02-16 22:06 - 00000000 ____D () C:\Program Files\CCleaner
2014-02-16 22:06 - 2014-02-16 22:05 - 03645064 _____ (Piriform Ltd) C:\Users\Juga\Downloads\ccsetup410_slim.exe
2014-02-16 20:42 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\rescache
2014-02-16 17:50 - 2014-02-16 17:50 - 00000000 ____D () C:\Windows\SysWOW64\NV
2014-02-16 17:50 - 2014-02-16 17:50 - 00000000 ____D () C:\Windows\system32\NV
2014-02-16 17:50 - 2013-05-06 18:55 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-16 17:50 - 2012-11-15 19:39 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-02-16 17:49 - 2012-07-26 09:12 - 00000000 ___RD () C:\Windows\ToastData
2014-02-16 12:59 - 2014-02-16 12:58 - 54537728 _____ () C:\Users\Juga\Downloads\calibre-1.24.0.msi
2014-02-16 07:33 - 2013-06-22 06:43 - 00000000 ____D () C:\Users\Juga\AppData\Roaming\gnupg
2014-02-16 06:34 - 2012-11-15 19:39 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-02-15 20:19 - 2014-02-14 10:11 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-15 20:19 - 2013-11-02 21:49 - 00001109 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-02-15 20:17 - 2014-02-15 20:17 - 24490112 _____ (Mozilla) C:\Users\Juga\Downloads\Firefox Setup 27.0.1.exe
2014-02-15 20:14 - 2013-05-06 18:52 - 00000000 ___RD () C:\Users\Juga\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-02-15 15:28 - 2013-07-11 10:30 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-15 15:27 - 2013-05-06 19:57 - 88567024 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-02-15 00:49 - 2014-02-15 00:23 - 130171322 _____ () C:\Users\Juga\Desktop\1103195_white_ass_slut_fucked_twice_bare_creamed_huge_black_.flv
2014-02-14 20:26 - 2014-01-03 16:19 - 00000000 ____D () C:\Users\Juga\Desktop\pics
2014-02-13 09:58 - 2014-02-13 09:58 - 00000000 ____D () C:\Users\Juga\AppData\Local\Tempfeb52be43e051bfaf4839a6935e00e42
2014-02-13 09:58 - 2014-02-13 09:58 - 00000000 ____D () C:\Users\Juga\AppData\Local\Temp12e72473eede95c369de200ff0f01ceb
2014-02-13 09:57 - 2014-02-13 09:57 - 00000000 ____D () C:\Users\Juga\Downloads\Steganos-SpurenVernichter
2014-02-13 09:57 - 2014-02-13 09:57 - 00000000 ____D () C:\Users\Juga\ChromeExtensions
2014-02-13 09:57 - 2014-02-13 09:57 - 00000000 ____D () C:\Users\Juga\AppData\Roaming\NVIDIA
2014-02-13 09:57 - 2014-02-13 09:57 - 00000000 ____D () C:\Users\Juga\AppData\Local\Temp14b5077f6956a3517aafd12a4b0ddc8f
2014-02-13 09:56 - 2014-02-13 09:56 - 01059584 _____ () C:\Users\Juga\Downloads\Steganos-SpurenVernichter-Setup.exe
2014-02-13 06:43 - 2014-02-13 06:43 - 00001237 _____ () C:\Users\Juga\Downloads\URLLink(6).acsm
2014-02-09 15:20 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\system32\NDF
2014-02-08 11:19 - 2014-02-08 11:19 - 00003576 _____ () C:\Users\Juga\Desktop\anschreibenMBWK.tex
2014-02-07 08:14 - 2014-02-05 13:45 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-02-04 21:48 - 2013-05-06 21:41 - 00003772 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-02-02 12:22 - 2014-02-02 12:22 - 00007374 _____ () C:\Users\Juga\Desktop\Preisinformation zum 1. März 2014.eml
2014-02-01 10:20 - 2014-02-13 22:03 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-01 10:19 - 2014-02-13 22:03 - 02241536 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-01 10:19 - 2014-02-13 22:03 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-01 10:19 - 2014-02-13 22:03 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2014-02-01 10:19 - 2014-02-13 22:03 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2014-02-01 10:18 - 2014-02-13 22:03 - 19274240 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-01 10:18 - 2014-02-13 22:03 - 15403520 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-01 10:18 - 2014-02-13 22:03 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-02-01 10:18 - 2014-02-13 22:03 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-01 10:18 - 2014-02-13 22:03 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-01 10:18 - 2014-02-13 22:03 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-02-01 10:18 - 2014-02-13 22:03 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-01 10:18 - 2014-02-13 22:03 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-01 10:18 - 2014-02-13 22:03 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-01 10:18 - 2014-02-13 22:02 - 03960320 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-01 10:18 - 2014-02-13 22:02 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-01 08:58 - 2014-02-13 22:03 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-01 08:58 - 2014-02-13 22:03 - 01140736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-01 08:58 - 2014-02-13 22:03 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2014-02-01 08:57 - 2014-02-13 22:03 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-01 08:57 - 2014-02-13 22:03 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-01 08:57 - 2014-02-13 22:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-01 08:57 - 2014-02-13 22:03 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-02-01 08:57 - 2014-02-13 22:03 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-01 08:57 - 2014-02-13 22:03 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-01 08:57 - 2014-02-13 22:03 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-01 08:57 - 2014-02-13 22:02 - 14359040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-01 08:57 - 2014-02-13 22:02 - 02877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-01 08:57 - 2014-02-13 22:02 - 02049024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-01 08:57 - 2014-02-13 22:02 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-02-01 08:40 - 2014-02-13 22:03 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-01 08:34 - 2014-02-13 22:03 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-01 06:08 - 2014-02-13 22:03 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2014-01-30 22:10 - 2012-07-26 09:14 - 00694240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-01-30 22:10 - 2012-07-26 09:14 - 00078296 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-01-26 10:21 - 2013-11-02 21:48 - 00000000 ____D () C:\ProgramData\Oracle
2014-01-26 10:21 - 2013-05-10 20:39 - 00000000 ____D () C:\Program Files (x86)\Java
2014-01-26 10:15 - 2014-01-26 10:15 - 00921000 _____ (Oracle Corporation) C:\Users\Juga\Downloads\jxpiinstall.exe
2014-01-23 15:04 - 2014-01-23 15:04 - 00010723 _____ () C:\Users\Juga\Documents\Kopie von abrechnung-1-14.xlsx
2014-01-21 17:28 - 2014-02-19 12:43 - 00020312 _____ (Systweak Inc., (www.systweak.com)) C:\Windows\system32\roboot64.exe

Files to move or delete:
====================
C:\Users\Juga\AppData\Roaming\Camdata.ini
C:\Users\Juga\AppData\Roaming\CamLayout.ini
C:\Users\Juga\AppData\Roaming\CamShapes.ini
C:\Users\Juga\AppData\Roaming\CamStudio.Producer.Data.ini
C:\ProgramData\SetStretch.exe


Some content of TEMP:
====================
C:\Users\Juga\AppData\Local\Temp\321.8936981092533_Update.exe
C:\Users\Juga\AppData\Local\Temp\3976uninstall.exe
C:\Users\Juga\AppData\Local\Temp\Sqlite3.dll


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-02-17 09:01

==================== End Of Log ============================

Addition.txt

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-02-2014
Ran by Juga at 2014-02-19 15:42:14
Running from C:\Users\Juga\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Bitdefender Virenschutz (Enabled - Up to date) {9B5F5313-CAF9-DD97-C460-E778420237B4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Bitdefender Spyware-Schutz (Enabled - Up to date) {203EB2F7-ECC3-D219-FED0-DC0A39857D09}
FW: Bitdefender Firewall (Enabled) {A364D236-8096-DCCF-EF3F-4E4DBCD170CF}

==================== Installed Programs ======================

2007 Microsoft Office Suite Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
7-Zip 9.20 (x32 Version:  - )
Adobe Reader XI (11.0.06) - Deutsch (x32 Version: 11.0.06 - Adobe Systems Incorporated)
ASUS Instant Connect (x32 Version: 1.2.8 - ASUS)
ASUS InstantOn (x32 Version: 3.0.2 - ASUS)
ASUS LifeFrame3 (x32 Version: 3.1.5 - ASUS)
ASUS Live Update (x32 Version: 3.1.9 - ASUS)
ASUS Power4Gear Hybrid (Version: 2.0.4 - ASUS)
ASUS Smart Gesture (x32 Version: 1.0.32 - ASUS)
ASUS Splendid Video Enhancement Technology (x32 Version: 1.03.0004 - ASUS)
ASUS Tutor (x32 Version: 1.0.7 - ASUS)
ASUS USB Charger Plus (x32 Version: 2.1.4 - ASUS)
ASUS WebStorage Sync Agent (x32 Version: 1.1.9.120 - ASUS Cloud Corporation)
AsusVibe2.0 (x32 Version: 2.0.10.168 - ASUSTEK)
ATK Package (x32 Version: 1.0.0022 - ASUS)
AudibleManager (x32 Version: 1963274756.1637916.1637768.1963183295 - Audible, Inc.)
Audiograbber 1.83 SE  (x32 Version: 1.83 SE  - Audiograbber)
Bing-Desktop (x32 Version: 1.3.322.0 - Microsoft Corporation)
Bitdefender Total Security 2013 (Version: 16.29.0.1830 - Bitdefender)
calibre (x32 Version: 1.12.0 - Kovid Goyal)
CamStudio Lossless Codec v1.5 (x32 Version: 1.5 - CamStudio)
CCleaner (Version: 4.10 - Piriform)
Classic Shell (Version: 4.0.2 - IvoSoft)
cyberJack Base Components (x32 Version: 6.10.7 - REINER SCT)
Delta Chrome Toolbar (x32 Version:  - Visual Tools) <==== ATTENTION
Deutsche Post E-Porto (x32 Version: 2.3.0 - Deutsche Post AG)
FLV Player 2.0 (build 25) (x32 Version: 2.0 (build 25) - Martijn de Visser)
GIMP 2.8.6 (Version: 2.8.6 - The GIMP Team)
GnuWin32: sed-4.2.1 (x32 Version: 4.2.1 - GnuWin)
Google Update Helper (x32 Version: 1.3.23.0 - DealPly Technologies Ltd) Hidden <==== ATTENTION
Gpg4win (2.1.1) (x32 Version: 2.1.1 - The Gpg4win Project)
GPL Ghostscript (Version: 9.07 - Artifex Software Inc.)
GSview 5.0 (Version: 5.0 - Ghostgum Software Pty Ltd)
Intel(R) Control Center (x32 Version: 1.2.1.1008 - Intel Corporation)
Intel(R) Dynamic Platform and Thermal Framework (x32 Version: 6.0.5.1080 - Intel Corporation)
Intel(R) Management Engine Components (x32 Version: 8.1.0.1252 - Intel Corporation)
Intel(R) PRO/Wireless Driver (Version: 16.01.5000.0577 - Intel Corporation) Hidden
Intel(R) Processor Graphics (x32 Version: 9.17.10.2843 - Intel Corporation)
Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (Version: 15.5.0.0344 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (Version: 3.1.1309.0390 - Intel Corporation)
Intel(R) Rapid Storage Technology (x32 Version: 11.6.0.1030 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (x32 Version: 2.0.0.37149 - Intel Corporation)
Intel(R) WiDi (Version: 3.5.34.0 - Intel Corporation)
Intel® PROSet/Wireless Software (x32 Version: 16.1.5 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (Version: 16.01.5000.0269 - Intel Corporation) Hidden
Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden
Java 7 Update 45 (64-bit) (Version: 7.0.450 - Oracle)
Java 7 Update 51 (x32 Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
JonDo (x32 Version:  - )
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (x32 Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (x32 Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
MiKTeX 2.9 (x32 Version: 2.9 - MiKTeX.org)
Mobile Partner (x32 Version: 21.005.11.01.858 - Huawei Technologies Co.,Ltd)
Mozilla Firefox 27.0.1 (x86 de) (x32 Version: 27.0.1 - Mozilla)
Mozilla Maintenance Service (x32 Version: 27.0.1 - Mozilla)
Mozilla Thunderbird 24.3.0 (x86 de) (x32 Version: 24.3.0 - Mozilla)
MyFreeCodec (HKCU Version:  - )
NVIDIA Install Application (Version: 2.1002.133.889 - NVIDIA Corporation) Hidden
NVIDIA Optimus 1.11.3 (Version: 1.11.3 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.12.0613 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.12.0613 (Version: 9.12.0613 - NVIDIA Corporation)
NVIDIA Systemsteuerung 331.65 (Version: 331.65 - NVIDIA Corporation) Hidden
NVIDIA Update 1.11.3 (Version: 1.11.3 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.11.3 - NVIDIA Corporation) Hidden
Open It! (x32 Version: 1.1.1 - OpenIt)
PDF Architect (x32 Version: 1.1.83.9982 - pdfforge GmbH)
PDFCreator (x32 Version: 1.7.1 - pdfforge)
pdfforge Images2PDF 0.9.6.930 (Version: 0.9.6.930 - pdfforge GbR)
Reader for PC (x32 Version: 2.2.00.11270 - Sony Corporation)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6722 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (x32 Version: 6.1.8400.39030 - Realtek Semiconductor Corp.)
SAMSUNG USB Driver for Mobile Phones (Version: 1.5.23.0 - SAMSUNG Electronics Co., Ltd.)
Scan2PDF 1.6 (x32 Version:  - Koma-Code)
Shared C Run-time for x64 (Version: 10.0.0 - McAfee)
Softonic toolbar  on IE and Chrome (x32 Version: 1.8.21.14 - Softonic) <==== ATTENTION
StarMoney (x32 Version: 4.0.1.51 - StarFinanz) Hidden
StarMoney 9.0  (x32 Version: 9.0 - Star Finanz GmbH)
StreamTransport version: 1.0.2.2171 (x32 Version:  - )
Texmaker (x32 Version:  - )
Tor 0.2.3.25 (x32 Version:  - )
Total Commander 64-bit (Remove or Repair) (Version: 8.50 beta 4 - Ghisler Software GmbH)
Unitech LLC toolbar   (x32 Version: 1.8.23.0 - Unitech LLC)
Update for 2007 Microsoft Office System (KB967642) (x32 Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (x32 Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (x32 Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (x32 Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (x32 Version:  - Microsoft)
Vidalia 0.2.21 (x32 Version:  - )
VLC media player 2.1.2 (x32 Version: 2.1.2 - VideoLAN)
wGet 1.11.4 (Installer 1.3) (x32 Version: 1.11.0004 - )
WinDjView 2.0.2 (Version: 2.0.2 - Andrew Zhezherun)
Windows Driver Package - ASUS (ATP) Mouse  (08/27/2012 1.0.0.125) (Version: 08/27/2012 1.0.0.125 - ASUS)
WinFlash (x32 Version: 2.41.1 - ASUS)
Zip Opener Packages (HKCU Version:  - ) <==== ATTENTION

==================== Restore Points  =========================

26-01-2014 09:20:20 Installed Java 7 Update 51
05-02-2014 12:22:53 Windows Update
12-02-2014 10:49:08 Windows Update
15-02-2014 14:26:47 Windows Update
17-02-2014 08:03:15 Intel® PROSet/Wireless Software
19-02-2014 11:44:45 RegClean Pro Mi, Feb 19, 14  12:44

==================== Hosts content: ==========================

2012-07-26 06:26 - 2012-07-26 06:26 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {080D78EB-969A-46DB-BBA7-82CC16534CFF} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2012-08-24] (ASUS)
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {29BDECA1-8667-4968-ACF3-F01321C48124} - System32\Tasks\RegClean Pro_UPDATES => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe <==== ATTENTION
Task: {3A6A4771-AC83-496C-B358-A0CE5EF755D2} - System32\Tasks\YourFile DownloaderUpdate => C:\Program Files (x86)\YourFileDownloader\YourFileUpdater.exe <==== ATTENTION
Task: {526F8EC5-1FDC-45B2-A4E9-97A0DD815878} - System32\Tasks\RegClean Pro_DEFAULT => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe <==== ATTENTION
Task: {5637C8AE-B863-4A40-AC49-2F13E021EDA2} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2012-07-24] (ASUSTek Computer Inc.)
Task: {5DBC8207-58D2-4A13-86C3-283F08D8061E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: {6EE883C0-5EDB-46E3-B3E7-DE5263FE0834} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\system32\NotificationUI.exe [2013-08-16] (Microsoft Corporation)
Task: {7474E9DA-9A67-4148-A89C-1B7388CF769B} - System32\Tasks\{CEEC242F-CB31-4B7C-BA41-759D23FC22A4} => Firefox.exe hxxp://ui.skype.com/ui/0/6.13.0.104/de/abandoninstall?source=lightinstaller&amp;page=tsInstall
Task: {748F09CF-A0BB-4471-B1A4-4FF092FA452E} - System32\Tasks\{F36EC44A-5CED-4E9F-9496-C8FC49C7B30C} => Firefox.exe hxxp://ui.skype.com/ui/0/6.10.0.104/de/abandoninstall?source=lightinstaller&amp;page=tsInstall
Task: {871D39AB-DE84-4C1D-9C7B-4C3D2A3E8524} - System32\Tasks\{A294FC20-BEC6-4BBE-8B7A-6BB590A396C0} => Firefox.exe hxxp://ui.skype.com/ui/0/6.3.0.105/de/abandoninstall?source=lightinstaller&amp;page=tsProgressBar
Task: {96FE9537-E2FC-49B4-8B7E-A2646A9B32CE} - System32\Tasks\MySearchDial => C:\Users\Juga\AppData\Roaming\MYSEAR~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {A443FA76-908A-44E3-ADBD-C72CEED15761} - System32\Tasks\Microsoft\Windows\Setup\Windows Upgrade Notification Task => C:\Windows\system32\NotificationUI.exe [2013-08-16] (Microsoft Corporation)
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {AE793DA3-1FA0-4135-9EFC-057DD50F2FA3} - System32\Tasks\Bitdefender Auto-Scan => C:\Program Files\Bitdefender\Bitdefender 2013\mtasklaunch.exe [2013-10-25] (Bitdefender)
Task: {B725CF68-ECC4-4AF0-B71E-5FAE8A4EB23F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-01-21] (Piriform Ltd)
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {CD7127DD-1ECF-451E-8F76-ADC0F4331D6F} - System32\Tasks\Digital Sites => C:\Users\Juga\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {E4B23B20-9C3F-42CA-9D8C-8AB452D9620E} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2012-08-22] (ASUSTeK Computer Inc.)
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {F70AA432-AED4-45EF-8B3A-CBE41754484F} - System32\Tasks\ASUS InstantOn Config => C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnCfg.exe [2012-08-06] (ASUS)
Task: {FB4612AF-3E7B-4C0C-B710-07484DA334F8} - \DSite No Task File
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => ?
Task: C:\Windows\Tasks\Digital Sites.job => ?
Task: C:\Windows\Tasks\MySearchDial.job => ? <==== ATTENTION
Task: C:\Windows\Tasks\RegClean Pro_DEFAULT.job => ?
Task: C:\Windows\Tasks\RegClean Pro_UPDATES.job => ?

==================== Loaded Modules (whitelisted) =============

2013-06-30 18:20 - 2013-10-25 17:31 - 00265080 _____ () C:\Program Files\Bitdefender\Bitdefender 2013\txmlutil.dll
2013-06-30 18:20 - 2013-10-25 17:32 - 00003072 _____ () C:\Program Files\Bitdefender\Bitdefender 2013\UI\accessl.ui
2013-06-30 18:20 - 2011-11-14 19:17 - 00153680 _____ () C:\Program Files\Bitdefender\Bitdefender 2013\bdfwcore.dll
2013-06-30 18:20 - 2013-10-25 17:31 - 00005120 _____ () C:\Program Files\Bitdefender\Bitdefender 2013\UI\IMSecurityAL.ui
2014-02-07 23:34 - 2014-02-07 23:34 - 00769256 _____ () C:\Program Files\Bitdefender\Bitdefender 2013\otengines_00035_011\ashttpbr.mdl
2014-02-07 23:34 - 2014-02-07 23:34 - 00567352 _____ () C:\Program Files\Bitdefender\Bitdefender 2013\otengines_00035_011\ashttpdsp.mdl
2014-02-07 23:34 - 2014-02-07 23:34 - 02585688 _____ () C:\Program Files\Bitdefender\Bitdefender 2013\otengines_00035_011\ashttpph.mdl
2014-02-07 23:34 - 2014-02-07 23:34 - 01313096 _____ () C:\Program Files\Bitdefender\Bitdefender 2013\otengines_00035_011\ashttprbl.mdl
2013-12-10 08:13 - 2013-12-10 08:13 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2012-11-15 19:39 - 2013-10-23 09:20 - 00102176 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2008-08-25 05:02 - 2008-08-25 05:02 - 00027648 _____ () C:\Windows\System32\DELG1L6.DLL
2013-05-28 17:50 - 2013-05-28 17:50 - 00218112 _____ () C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe
2012-09-17 07:53 - 2012-07-30 12:26 - 00029056 _____ () C:\Windows\system32\DptfParticipantProcessorService.exe
2012-09-17 07:53 - 2012-07-30 12:27 - 00030592 _____ () C:\Windows\system32\DptfPolicyConfigTDPService.exe
2010-11-16 14:38 - 2010-11-16 14:38 - 00339456 _____ () C:\ProgramData\DatacardService\HWDeviceService64.exe
2013-05-09 17:55 - 2013-05-09 17:55 - 00218624 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe
2008-08-22 06:32 - 2008-08-22 06:32 - 00253440 _____ () C:\Windows\system32\ssminidriver.dll
2013-05-08 06:24 - 2012-06-21 13:01 - 01117480 ____N () C:\Program Files\Bitdefender\Bitdefender SafeBox\System.Data.SQLite.dll
2012-08-24 18:26 - 2012-08-24 18:26 - 00031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll
2013-04-02 17:44 - 2013-04-02 17:45 - 00176024 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1114.318_x64__8wekyb3d8bbwe\ModernShared\ErrorReporting\ErrorReporting.dll
2013-05-28 17:44 - 2013-05-28 17:44 - 00221184 _____ () C:\Program Files (x86)\GNU\GnuPG\libksba-8.dll
2013-05-28 17:41 - 2013-05-28 17:41 - 00050176 _____ () C:\Program Files (x86)\GNU\GnuPG\libw32pth-0.dll
2013-05-28 17:44 - 2013-05-28 17:44 - 00069632 _____ () C:\Program Files (x86)\GNU\GnuPG\libassuan-0.dll
2013-05-28 17:45 - 2013-05-28 17:45 - 00627712 _____ () C:\Program Files (x86)\GNU\GnuPG\libgcrypt-11.dll
2013-05-28 17:42 - 2013-05-28 17:42 - 00037888 _____ () C:\Program Files (x86)\GNU\GnuPG\libgpg-error-0.dll
2013-05-09 17:55 - 2013-05-09 17:55 - 00011362 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\mingwm10.dll
2013-05-09 17:55 - 2013-05-09 17:55 - 00043008 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\libgcc_s_dw2-1.dll
2013-05-09 17:55 - 2013-05-09 17:55 - 02415104 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QtCore4.dll
2013-05-09 17:55 - 2013-05-09 17:55 - 01148416 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QtNetwork4.dll
2014-02-06 18:47 - 2011-01-13 10:44 - 00232800 _____ () C:\Program Files (x86)\StarMoney 9.0\ouservice\PATCHW32.dll
2012-08-24 18:17 - 2012-08-24 18:17 - 00009216 _____ () C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll
2013-12-10 08:13 - 2013-12-10 08:13 - 00013088 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2013-11-27 20:48 - 2013-11-27 20:48 - 00880640 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\fsk.dll
2013-11-27 20:49 - 2013-11-27 20:49 - 00040264 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskMediaPlayers.dll
2013-11-27 20:49 - 2013-11-27 20:49 - 00239944 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\Fskin.dll
2013-11-27 20:49 - 2013-11-27 20:49 - 00026952 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskinLocalize.dll
2013-11-26 11:34 - 2013-11-26 11:34 - 00798720 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskSecurity.dll
2013-11-27 20:49 - 2013-11-27 20:49 - 00125256 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskDocumentViewer.dll
2013-11-27 20:49 - 2013-11-27 20:49 - 00016200 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskPower.dll
2013-11-27 20:49 - 2013-11-27 20:49 - 00024904 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskNetInterface.dll
2013-11-27 20:49 - 2013-11-27 20:49 - 00017224 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskMobileMediaDevice.dll
2013-11-27 20:49 - 2013-11-27 20:49 - 00015176 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskTimeHardware.dll
2013-11-27 20:49 - 2013-11-27 20:49 - 00034632 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ticket.dll
2013-11-27 20:49 - 2013-11-27 20:49 - 00018760 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ebookDeviceNotifier.dll
2013-11-27 20:49 - 2013-11-27 20:49 - 00092488 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ebookUsb.dll
2013-11-27 20:49 - 2013-11-27 20:49 - 00149832 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\readerAppHelper.dll
2013-11-27 20:49 - 2013-11-27 20:49 - 00178504 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\USBDetector.dll
2014-02-15 13:03 - 2014-02-15 13:03 - 00017920 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\PSIClient\b7497ee745bead9869f53a314470edeb\PSIClient.ni.dll
2012-11-15 19:41 - 2012-06-25 11:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2014-02-05 13:45 - 2014-02-05 13:45 - 03019376 _____ () C:\Program Files (x86)\Mozilla Thunderbird\mozjs.dll
2014-02-05 13:45 - 2014-02-05 13:45 - 00158832 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll
2014-02-05 13:45 - 2014-02-05 13:45 - 00023152 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll
2014-02-14 10:11 - 2014-02-13 01:36 - 03578992 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Users\Juga\Desktop\Asstel Ihre Nachricht zur Sachversicherung.eml:OECustomProperty
AlternateDataStreams: C:\Users\Juga\Desktop\Asstel Unser Vorschlag für eine Unfallversicherung .eml:OECustomProperty
AlternateDataStreams: C:\Users\Juga\Desktop\DER SPIEGEL digital-Ihr Abonnement.eml:OECustomProperty
AlternateDataStreams: C:\Users\Juga\Desktop\Dienstrecht - Info.eml:OECustomProperty
AlternateDataStreams: C:\Users\Juga\Desktop\Dr. Thomas Wurm.eml:OECustomProperty
AlternateDataStreams: C:\Users\Juga\Desktop\Ihre Bestellung bei found4you.eml:OECustomProperty
AlternateDataStreams: C:\Users\Juga\Desktop\Preise-Dreikönigshof1.jpeg:3or4kl4x13tuuug3Byamue2s4b
AlternateDataStreams: C:\Users\Juga\Desktop\Preise-Dreikönigshof1.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
AlternateDataStreams: C:\Users\Juga\Desktop\Preisinformation zum 1. März 2014.eml:OECustomProperty
AlternateDataStreams: C:\Users\Juga\Desktop\RAe Ehlers und Feldmeier.eml:OECustomProperty
AlternateDataStreams: C:\Users\Juga\Desktop\Sie haben eine Zahlung an cadooz GmbH autorisiert.eml:OECustomProperty
AlternateDataStreams: C:\Users\Juga\Desktop\Versand Ihrer Bestellung 157857195567771_0.eml:OECustomProperty
AlternateDataStreams: C:\Users\Juga\Downloads\ActiveSetupN.exe:BDU
AlternateDataStreams: C:\Users\Juga\Downloads\basic-miktex-2.9.4813.exe:BDU
AlternateDataStreams: C:\Users\Juga\Downloads\ccsetup410_slim.exe:BDU
AlternateDataStreams: C:\Users\Juga\Downloads\ClassicShellSetup_4_0_2.exe:BDU
AlternateDataStreams: C:\Users\Juga\Downloads\Defogger.exe:BDU
AlternateDataStreams: C:\Users\Juga\Downloads\ep_ms_word_2007_addin_v2_3.exe:BDU
AlternateDataStreams: C:\Users\Juga\Downloads\Firefox Setup 27.0.1.exe:BDU
AlternateDataStreams: C:\Users\Juga\Downloads\Firefox Setup Stub 25.0.exe:BDU
AlternateDataStreams: C:\Users\Juga\Downloads\FRST.exe:BDU
AlternateDataStreams: C:\Users\Juga\Downloads\FRST64(1).exe:BDU
AlternateDataStreams: C:\Users\Juga\Downloads\FRST64.exe:BDU
AlternateDataStreams: C:\Users\Juga\Downloads\gs907w64.exe:BDU
AlternateDataStreams: C:\Users\Juga\Downloads\gsv50w64.exe:BDU
AlternateDataStreams: C:\Users\Juga\Downloads\JonDoFox.paf.exe:BDU
AlternateDataStreams: C:\Users\Juga\Downloads\JonDoSetup.paf.exe:BDU
AlternateDataStreams: C:\Users\Juga\Downloads\jre-7u45-windows-x64.exe:BDU
AlternateDataStreams: C:\Users\Juga\Downloads\jxpiinstall.exe:BDU
AlternateDataStreams: C:\Users\Juga\Downloads\PDFCreator-1_7_1_setup.exe:BDU
AlternateDataStreams: C:\Users\Juga\Downloads\PDFCreatorSetup.exe:BDU
AlternateDataStreams: C:\Users\Juga\Downloads\pdfforge_Images2PDF-0_9_6-setup.exe:BDU
AlternateDataStreams: C:\Users\Juga\Downloads\PDF_Architect_Installer_1.1.83.exe:BDU
AlternateDataStreams: C:\Users\Juga\Downloads\sed-4.2.1-setup.exe:BDU
AlternateDataStreams: C:\Users\Juga\Downloads\Setup(1).exe:BDU
AlternateDataStreams: C:\Users\Juga\Downloads\SkypeSetup(1).exe:BDU
AlternateDataStreams: C:\Users\Juga\Downloads\SkypeSetup.exe:BDU
AlternateDataStreams: C:\Users\Juga\Downloads\Steganos-SpurenVernichter-Setup.exe:BDU
AlternateDataStreams: C:\Users\Juga\Downloads\tarifrechnersetup.exe:BDU
AlternateDataStreams: C:\Users\Juga\Downloads\texmakerwin32_install.exe:BDU
AlternateDataStreams: C:\Users\Juga\Downloads\tools v6.0.8.exe:BDU
AlternateDataStreams: C:\Users\Juga\Downloads\TrueCrypt Setup 7.1a.exe:BDU
AlternateDataStreams: C:\Users\Juga\Downloads\wget-installer.exe:BDU
AlternateDataStreams: C:\Users\Juga\Downloads\ZipExtractorSetup(1).exe:BDU
AlternateDataStreams: C:\Users\Juga\Downloads\ZipExtractorSetup.exe:BDU

==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============

Name: USB-IF xHCI USB Host Controller
Description: USB-IF xHCI USB Host Controller
Class Guid: {8a2edc79-c759-46f2-88af-9d4efe3b5eee}
Manufacturer: Intel Corporation
Service: XHCIPort
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver


==================== Event log errors: =========================

Application errors:
==================
Error: (02/19/2014 03:40:09 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: LAPTOP)
Description: Die App „microsoft.windowsphotos_8wekyb3d8bbwe!Microsoft.WindowsLive.ModernPhotos“ wurde nicht innerhalb der vorgesehenen Zeit gestartet.

Error: (02/19/2014 00:58:57 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: LAPTOP)
Description: Die App „microsoft.windowsphotos_8wekyb3d8bbwe!Microsoft.WindowsLive.ModernPhotos“ wurde nicht innerhalb der vorgesehenen Zeit gestartet.

Error: (02/19/2014 00:56:14 PM) (Source: MsiInstaller) (User: LAPTOP)
Description: Produkt: Ask Toolbar -- Fehler 25001. Die folgenden Anwendungen sollten geschlossen werden, bevor Sie mit der Deinstallation fortfahren: 

Mozilla Firefox

Error: (02/19/2014 00:56:12 PM) (Source: MsiInstaller) (User: LAPTOP)
Description: Produkt: Ask Toolbar -- Fehler 25001. Die folgenden Anwendungen sollten geschlossen werden, bevor Sie mit der Deinstallation fortfahren: 

Mozilla Firefox

Error: (02/19/2014 00:56:12 PM) (Source: MsiInstaller) (User: LAPTOP)
Description: Produkt: Ask Toolbar -- Fehler 25001. Die folgenden Anwendungen sollten geschlossen werden, bevor Sie mit der Deinstallation fortfahren: 

Mozilla Firefox

Error: (02/19/2014 00:56:12 PM) (Source: MsiInstaller) (User: LAPTOP)
Description: Produkt: Ask Toolbar -- Fehler 25001. Die folgenden Anwendungen sollten geschlossen werden, bevor Sie mit der Deinstallation fortfahren: 

Mozilla Firefox

Error: (02/19/2014 00:56:11 PM) (Source: MsiInstaller) (User: LAPTOP)
Description: Produkt: Ask Toolbar -- Fehler 25001. Die folgenden Anwendungen sollten geschlossen werden, bevor Sie mit der Deinstallation fortfahren: 

Mozilla Firefox

Error: (02/19/2014 00:56:11 PM) (Source: MsiInstaller) (User: LAPTOP)
Description: Produkt: Ask Toolbar -- Fehler 25001. Die folgenden Anwendungen sollten geschlossen werden, bevor Sie mit der Deinstallation fortfahren: 

Mozilla Firefox

Error: (02/19/2014 00:56:10 PM) (Source: MsiInstaller) (User: LAPTOP)
Description: Produkt: Ask Toolbar -- Fehler 25001. Die folgenden Anwendungen sollten geschlossen werden, bevor Sie mit der Deinstallation fortfahren: 

Mozilla Firefox

Error: (02/19/2014 00:10:36 PM) (Source: DptfPolicyLpmServiceHelper) (User: )
Description: DptfPolicyLpmServiceHelperWinMain:  CreateSharedMemory() failed.


System errors:
=============
Error: (02/19/2014 00:57:36 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Update FindRight" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (02/19/2014 00:12:14 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1069

Error: (02/19/2014 00:12:14 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: 
%%1330

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (02/19/2014 00:10:11 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "PDF Architect Service" wurde mit folgendem Fehler beendet: 
%%2147500037

Error: (02/19/2014 00:10:11 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Mobile Partner. OUC" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (02/19/2014 00:10:11 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Mobile Partner. OUC erreicht.

Error: (02/19/2014 00:06:14 PM) (Source: DCOM) (User: LAPTOP)
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (02/18/2014 08:45:55 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1069

Error: (02/18/2014 08:45:55 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: 
%%1330

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (02/18/2014 08:43:51 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "PDF Architect Service" wurde mit folgendem Fehler beendet: 
%%2147500037


Microsoft Office Sessions:
=========================
Error: (07/04/2013 06:02:27 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 535 seconds with 0 seconds of active time.  This session ended with a crash.

defogger_disable.log

Code:

ATTFilter

defogger_disable by jpshortstuff (23.02.10.1)
Log created at 18:18 on 19/02/2014 (Juga)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-

mbam-logs

Code:

ATTFilter

 Malwarebytes Anti-Malware  (PRO) 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2014.02.19.08

Windows 8 x64 NTFS
Internet Explorer 10.0.9200.16798
Juga :: LAPTOP [Administrator]

Schutz: Aktiviert

19.02.2014 17:14:10
mbam-log-2014-02-19 (17-14-10).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 538471
Laufzeit: 30 Minute(n), 7 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 1
HKCU\Software\ividi\ividi (PUP.Optional.iVIDI.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 1
C:\Users\Juga\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VEWFXEL8\Setup[1].exe (PUP.Optional.FindRight.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)

Code:

ATTFilter

 Malwarebytes Anti-Malware  (Test) 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2014.02.19.08

Windows 8 x64 NTFS
Internet Explorer 10.0.9200.16798
Juga :: LAPTOP [Administrator]

Schutz: Aktiviert

19.02.2014 17:07:16
mbam-log-2014-02-19 (17-07-16).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 262700
Laufzeit: 2 Minute(n), 56 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 1
HKCU\Software\ividi\ividi (PUP.Optional.iVIDI.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)

Code:

ATTFilter

 Malwarebytes Anti-Malware  (Test) 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2014.02.19.08

Windows 8 x64 NTFS
Internet Explorer 10.0.9200.16798
Juga :: LAPTOP [Administrator]

Schutz: Aktiviert

19.02.2014 17:00:10
mbam-log-2014-02-19 (17-00-10).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 263170
Laufzeit: 2 Minute(n), 8 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 25
HKCR\AppID\{685F23D9-FCFD-475C-B56A-362645945C5A} (PUP.Optional.iVIDI.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3} (PUP.Optional.Delta.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\CLSID\{D40753C7-8A59-4C1F-BE88-C300F4624D5B} (PUP.Optional.MySearchDial.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\TypeLib\{C292AD0A-C11F-479B-B8DB-743E72D283B0} (PUP.Optional.MySearchDial.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\esrv.ividiESrvc (PUP.Optional.iVIDI.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\esrv.ividiESrvc.1 (PUP.Optional.iVIDI.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\ividi.ividiappCore (PUP.Optional.Ividi.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\ividi.ividiappCore.1 (PUP.Optional.Ividi.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\DealPlyLive (PUP.Optional.DealPly.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\Unitech LLC\ividi (PUP.Optional.Ividi.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\Software\iVIDI Plugin (PUP.Optional.Ividi.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\Software\mysearchdial.com (PUP.Optional.MySearchDial.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\Software\BabSolution\Updater (PUP.Optional.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\Software\InstallCore\1I1T1Q1S (PUP.Optional.InstallCore.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\INSTALLCORE (PUP.Optional.InstallCore.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\Software\ividi\ividi (PUP.Optional.iVIDI.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\DealPlyLive (PUP.Optional.DealPly.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde (PUP.Optional.Delta.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Google\chrome\Extensions\kpdhgpkkloealnjnmepfhanpcleldbef (PUP.Optional.Ividi.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Unitech LLC\ividi (PUP.Optional.Ividi.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\CLSID\{211B330A-499B-415E-B1F1-B7132A8751D2} (PUP.Optional.Ividi.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\CLSID\{D18734A5-B131-4335-A3E0-15FF90AC90EE} (PUP.Optional.Ividi.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\i (PUP.Optional.Ividi.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\TypeLib\{905E34C2-F4EB-49BE-A36B-47692CF957A8} (PUP.Optional.Ividi.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ividi (PUP.Optional.Ividi.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Registrierungswerte: 1
HKCU\Software\InstallCore|tb (PUP.Optional.InstallCore.A) -> Daten: 0B1G1O1S0V1G1F -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 16
C:\ProgramData\DealPlyLive (PUP.Optional.DealPly.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\DealPlyLive\Update (PUP.Optional.DealPly.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\DealPlyLive\Update\Log (PUP.Optional.DealPly.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\DealPlyLive (PUP.Optional.DealPly.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\DealPlyLive\CrashReports (PUP.Optional.DealPly.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Juga\AppData\Roaming\OpenCandy (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Juga\AppData\Roaming\OpenCandy\4C3B8E690B2A4DB2B5E3798C99871212 (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Juga\AppData\Roaming\OpenCandy\6E337B228F1A4183BD3974C21183AAF5 (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Juga\AppData\Roaming\OpenCandy\E07E3A11429943D59E3492C2A8786C68 (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Juga\AppData\Local\DealPlyLive (PUP.Optional.DealPly.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Juga\AppData\Local\DealPlyLive\CrashReports (PUP.Optional.DealPly.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\Unitech LLC\ividi (PUP.Optional.Ividi.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\Unitech LLC\ividi\1.8.23.0 (PUP.Optional.Ividi.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\Unitech LLC\ividi\1.8.23.0\bh (PUP.Optional.Ividi.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Juga\AppData\Local\Google\Chrome\User Data\default\extensions\kpdhgpkkloealnjnmepfhanpcleldbef (PUP.Optional.Ividi.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Juga\AppData\Local\Google\Chrome\User Data\default\extensions\kpdhgpkkloealnjnmepfhanpcleldbef\1.0_0 (PUP.Optional.Ividi.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Dateien: 32
C:\ProgramData\DSearchLink\DSearchLink.exe (PUP.Optional.Delta.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Juga\AppData\Roaming\OpenCandy\4C3B8E690B2A4DB2B5E3798C99871212\dp.exe (PUP.Optional.DealPly.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Juga\AppData\Local\Temp\is1590112554\1909751_stp\Mysearchdial.exe (PUP.Optional.MySpeedDial.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Juga\AppData\Local\Temp\is1590112554\1909754_stp\rcpsetup_adppi15_adppi15.exe (PUP.Optional.RegCleanPro) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Juga\AppData\Local\Temp\is1590112554\1909794_stp\FindRightSetup.exe (PUP.Optional.FindRight.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Juga\Downloads\Setup(1).exe (PUP.Optional.InstallCore) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Juga\Downloads\tools v6.0.8.exe (PUP.Optional.InstalleRex) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Juga\Downloads\ZipExtractorSetup(1).exe (PUP.Optional.InstallCore.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Juga\Downloads\ZipExtractorSetup.exe (PUP.Optional.InstallCore.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Windows\Tasks\RegClean Pro_UPDATES.job (PUP.Optional.RegCleanerPro.J) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Windows\Tasks\RegClean Pro_DEFAULT.job (PUP.Optional.RegCleanPro.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\DealPlyLive\Update\Log\DealPlyLive.log (PUP.Optional.DealPly.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Juga\AppData\Roaming\OpenCandy\6E337B228F1A4183BD3974C21183AAF5\Setupsft_chr_p1v5.exe (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Juga\AppData\Roaming\OpenCandy\E07E3A11429943D59E3492C2A8786C68\TuneUpUtilities2013-2200217_de-DE.exe (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\Unitech LLC\ividi\1.8.23.0\ividi.crx (PUP.Optional.Ividi.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\Unitech LLC\ividi\1.8.23.0\ividiApp.dll (PUP.Optional.Ividi.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\Unitech LLC\ividi\1.8.23.0\ividiEng.dll (PUP.Optional.Ividi.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\Unitech LLC\ividi\1.8.23.0\ividisrv.exe (PUP.Optional.Ividi.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\Unitech LLC\ividi\1.8.23.0\uninstall.exe (PUP.Optional.Ividi.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Juga\AppData\Local\Google\Chrome\User Data\default\extensions\kpdhgpkkloealnjnmepfhanpcleldbef\1.0_0\appCntrl.js (PUP.Optional.Ividi.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Juga\AppData\Local\Google\Chrome\User Data\default\extensions\kpdhgpkkloealnjnmepfhanpcleldbef\1.0_0\bg.html (PUP.Optional.Ividi.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Juga\AppData\Local\Google\Chrome\User Data\default\extensions\kpdhgpkkloealnjnmepfhanpcleldbef\1.0_0\bg.js (PUP.Optional.Ividi.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Juga\AppData\Local\Google\Chrome\User Data\default\extensions\kpdhgpkkloealnjnmepfhanpcleldbef\1.0_0\CrmAdpt.dll (PUP.Optional.Ividi.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Juga\AppData\Local\Google\Chrome\User Data\default\extensions\kpdhgpkkloealnjnmepfhanpcleldbef\1.0_0\ct.js (PUP.Optional.Ividi.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Juga\AppData\Local\Google\Chrome\User Data\default\extensions\kpdhgpkkloealnjnmepfhanpcleldbef\1.0_0\CTB.dll (PUP.Optional.Ividi.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Juga\AppData\Local\Google\Chrome\User Data\default\extensions\kpdhgpkkloealnjnmepfhanpcleldbef\1.0_0\dpk.js (PUP.Optional.Ividi.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Juga\AppData\Local\Google\Chrome\User Data\default\extensions\kpdhgpkkloealnjnmepfhanpcleldbef\1.0_0\hprtkMsg.htm (PUP.Optional.Ividi.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Juga\AppData\Local\Google\Chrome\User Data\default\extensions\kpdhgpkkloealnjnmepfhanpcleldbef\1.0_0\hprtkMsg.js (PUP.Optional.Ividi.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Juga\AppData\Local\Google\Chrome\User Data\default\extensions\kpdhgpkkloealnjnmepfhanpcleldbef\1.0_0\json2.min.js (PUP.Optional.Ividi.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Juga\AppData\Local\Google\Chrome\User Data\default\extensions\kpdhgpkkloealnjnmepfhanpcleldbef\1.0_0\logo.png (PUP.Optional.Ividi.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Juga\AppData\Local\Google\Chrome\User Data\default\extensions\kpdhgpkkloealnjnmepfhanpcleldbef\1.0_0\manifest.json (PUP.Optional.Ividi.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Juga\AppData\Local\Google\Chrome\User Data\default\extensions\kpdhgpkkloealnjnmepfhanpcleldbef\1.0_0\pref.json (PUP.Optional.Ividi.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)

schrauber · 20.02.2014, 09:18

hi,

Scan mit Combofix

WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link

WICHTIG: Speichere Combofix auf deinem Desktop.

Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.

Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!

Wenn Combofix fertig ist, wird es ein Logfile erstellen.

Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

jugajuga · 22.02.2014, 12:25

Herzlichen Dank für Deine Antwort!

Bitte finde anbei den Inhalt der
ComboFix.txt

Code:

ATTFilter

Combofix Logfile:

	Code: 

 ATTFilter

  
	ComboFix 14-02-20.01 - Juga 22.02.2014  12:11:10.1.4 - x64
Microsoft Windows 8  6.2.9200.0.1252.49.1031.18.3981.2313 [GMT 1:00]
ausgeführt von:: c:\users\Juga\Downloads\ComboFix.exe
AV: Bitdefender Virenschutz *Disabled/Updated* {9B5F5313-CAF9-DD97-C460-E778420237B4}
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Bitdefender Firewall *Disabled* {A364D236-8096-DCCF-EF3F-4E4DBCD170CF}
SP: Bitdefender Spyware-Schutz *Disabled/Updated* {203EB2F7-ECC3-D219-FED0-DC0A39857D09}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Neuer Wiederherstellungspunkt wurde erstellt
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\DealPly
c:\program files (x86)\DealPly\uninst.exe
c:\program files (x86)\Softonic\Softonic\1.8.21.14\bh\SoFTonic.dll
c:\program files (x86)\Softonic\Softonic\1.8.21.14\SoFTonictlbr.dll
c:\programdata\1367990257.bdinstall.bin
c:\programdata\1372594360.bdinstall.bin
c:\programdata\1372596531.bdinstall.bin
c:\programdata\1372610307.bdinstall.bin
c:\programdata\1372612818.bdinstall.bin
c:\programdata\1392836532.bdinstall.bin
c:\programdata\1392838261.bdinstall.bin
c:\programdata\1392838562.bdinstall.bin
c:\programdata\1392838841.bdinstall.bin
c:\programdata\1392838958.bdinstall.bin
c:\programdata\1392838964.bdinstall.bin
c:\programdata\1392838965.bdinstall.bin
c:\programdata\1392838970.bdinstall.bin
c:\programdata\1392838983.bdinstall.bin
c:\programdata\1392838985.bdinstall.bin
c:\programdata\1392838992.bdinstall.bin
c:\programdata\1392839030.bdinstall.bin
c:\programdata\1392839033.bdinstall.bin
c:\programdata\1392839041.bdinstall.bin
c:\programdata\1392839045.bdinstall.bin
c:\programdata\1392839054.bdinstall.bin
c:\programdata\1392839056.bdinstall.bin
c:\programdata\1392839082.bdinstall.bin
c:\programdata\1392839587.bdinstall.bin
c:\programdata\1392839655.bdinstall.bin
c:\programdata\1392839656.bdinstall.bin
c:\programdata\1392839658.bdinstall.bin
c:\programdata\1392841764.bdinstall.bin
c:\programdata\1392841766.bdinstall.bin
c:\programdata\1392841837.bdinstall.bin
c:\programdata\1392841838.bdinstall.bin
c:\programdata\1392841845.bdinstall.bin
c:\programdata\1392841846.bdinstall.bin
c:\programdata\1392841855.bdinstall.bin
c:\programdata\1392841856.bdinstall.bin
c:\programdata\1392841868.bdinstall.bin
c:\programdata\1392841869.bdinstall.bin
c:\programdata\1392841930.bdinstall.bin
c:\programdata\1392841931.bdinstall.bin
c:\programdata\1392844317.bdinstall.bin
c:\programdata\1392844318.bdinstall.bin
c:\programdata\1392844368.bdinstall.bin
c:\programdata\1392844371.bdinstall.bin
c:\programdata\1392845440.bdinstall.bin
c:\programdata\1392845445.bdinstall.bin
c:\programdata\1392845455.bdinstall.bin
c:\programdata\1392845457.bdinstall.bin
c:\programdata\1392846096.bdinstall.bin
c:\programdata\1392846100.bdinstall.bin
c:\programdata\1392846127.bdinstall.bin
c:\programdata\1392846130.bdinstall.bin
c:\programdata\1392846142.bdinstall.bin
c:\programdata\1392846144.bdinstall.bin
c:\programdata\1392846154.bdinstall.bin
c:\programdata\1392846157.bdinstall.bin
c:\programdata\1392846169.bdinstall.bin
c:\programdata\1392846172.bdinstall.bin
c:\programdata\1392846269.bdinstall.bin
c:\programdata\1392846275.bdinstall.bin
c:\programdata\1392848197.bdinstall.bin
c:\programdata\1392848202.bdinstall.bin
c:\programdata\1392849122.bdinstall.bin
c:\programdata\1392850361.bdinstall.bin
c:\programdata\Roaming
c:\programdata\SetStretch.exe
c:\windows\msvcr71.dll
c:\windows\tmp
c:\windows\tmp\dd_vcredistMSI2DB2.txt
c:\windows\tmp\dd_vcredistUI2DB2.txt
c:\windows\tmp\qtsingleapp-koboex-7d5-5-lockfile
.
Infizierte Kopie von c:\windows\SysWow64\userinit.exe wurde gefunden und desinfiziert 
Kopie von - c:\windows\WinSxS\x86_microsoft-windows-userinit_31bf3856ad364e35_6.2.9200.16384_none_d8d3c5f6a316bccc\userinit.exe wurde wiederhergestellt 
.
.
(((((((((((((((((((((((   Dateien erstellt von 2014-01-22 bis 2014-02-22  ))))))))))))))))))))))))))))))
.
.
2014-02-22 11:17 . 2014-02-22 11:17	--------	d-----w-	c:\users\UpdatusUser\AppData\Local\temp
2014-02-22 11:17 . 2014-02-22 11:17	--------	d-----w-	c:\users\Default\AppData\Local\temp
2014-02-22 11:17 . 2014-02-22 11:17	--------	d-----w-	c:\users\Administrator\AppData\Local\temp
2014-02-20 15:18 . 2014-02-20 15:18	--------	d-----w-	c:\users\Juga\AppData\Local\AAV
2014-02-20 15:16 . 2014-02-20 15:19	--------	d-----w-	c:\program files (x86)\Akademische Arbeitsgemeinschaft
2014-02-20 15:14 . 2014-02-20 15:19	--------	d-----w-	c:\programdata\AAV
2014-02-20 08:42 . 2014-02-20 08:42	--------	d-----w-	c:\program files (x86)\Common Files\Skype
2014-02-20 08:42 . 2014-02-20 08:42	--------	d-----r-	c:\program files (x86)\Skype
2014-02-20 08:40 . 2014-02-20 08:41	--------	d-----w-	c:\users\Juga\AppData\Roaming\Bitdefender
2014-02-19 20:24 . 2014-02-19 20:25	--------	d-----w-	c:\program files (x86)\Google
2014-02-19 19:34 . 2014-02-19 19:34	--------	d-----w-	c:\programdata\ClassicShell
2014-02-19 15:30 . 2014-02-20 08:38	--------	d-----w-	c:\users\Juga\AppData\Roaming\Malwarebytes
2014-02-19 15:30 . 2014-02-20 08:38	--------	d-----w-	c:\programdata\Malwarebytes
2014-02-19 15:30 . 2014-02-20 08:39	--------	d-----w-	c:\program files (x86)\Malwarebytes' Anti-Malware
2014-02-19 15:30 . 2013-04-04 13:50	25928	----a-w-	c:\windows\system32\drivers\mbam.sys
2014-02-19 14:41 . 2014-02-20 08:37	--------	d-----w-	C:\FRST
2014-02-19 11:43 . 2014-01-21 16:28	20312	----a-w-	c:\windows\system32\roboot64.exe
2014-02-19 11:43 . 2014-02-20 08:38	--------	d-----w-	c:\users\Juga\AppData\Roaming\systweak
2014-02-19 11:43 . 2014-02-19 11:43	--------	d-----w-	c:\users\Juga\AppData\Roaming\DigitalSites
2014-02-18 07:48 . 2014-02-20 08:38	--------	d-----w-	c:\users\Juga\AppData\Local\Skype
2014-02-16 21:06 . 2014-02-20 08:39	--------	d-----w-	c:\program files\CCleaner
2014-02-16 16:50 . 2014-02-20 08:39	--------	d-----w-	c:\windows\SysWow64\NV
2014-02-16 16:50 . 2014-02-20 08:39	--------	d-----w-	c:\windows\system32\NV
2014-02-16 05:31 . 2013-12-07 06:36	19751936	----a-w-	c:\windows\system32\shell32.dll
2014-02-13 21:28 . 2013-12-04 23:43	583680	----a-w-	c:\windows\system32\msdrm.dll
2014-02-13 21:28 . 2013-12-04 23:37	451072	----a-w-	c:\windows\SysWow64\msdrm.dll
2014-02-13 21:04 . 2013-11-01 05:53	2232664	----a-w-	c:\windows\system32\drivers\tcpip.sys
2014-02-13 21:02 . 2014-02-01 09:18	2648576	----a-w-	c:\windows\system32\iertutil.dll
2014-02-13 21:02 . 2014-02-01 09:18	3960320	----a-w-	c:\windows\system32\jscript9.dll
2014-02-13 21:02 . 2014-02-01 07:57	2877952	----a-w-	c:\windows\SysWow64\jscript9.dll
2014-02-13 21:02 . 2014-02-01 07:57	108032	----a-w-	c:\program files (x86)\Internet Explorer\jsdebuggeride.dll
2014-02-13 08:58 . 2014-02-20 08:39	--------	d-----w-	c:\users\Juga\AppData\Local\Temp12e72473eede95c369de200ff0f01ceb
2014-02-13 08:58 . 2014-02-20 08:39	--------	d-----w-	c:\users\Juga\AppData\Local\Tempfeb52be43e051bfaf4839a6935e00e42
2014-02-13 08:57 . 2014-02-20 08:39	--------	d-----w-	c:\users\Juga\AppData\Local\Temp14b5077f6956a3517aafd12a4b0ddc8f
2014-02-13 08:57 . 2014-02-13 08:57	--------	d-----w-	c:\users\Juga\ChromeExtensions
2014-02-13 08:57 . 2014-02-13 08:57	--------	d-----w-	c:\users\Juga\AppData\Roaming\NVIDIA
2014-02-12 10:28 . 2013-11-20 00:15	3842560	----a-w-	c:\windows\system32\d2d1.dll
2014-02-12 10:28 . 2014-01-12 23:30	2032640	----a-w-	c:\windows\SysWow64\d3d10warp.dll
2014-02-12 10:28 . 2014-01-12 23:30	2238976	----a-w-	c:\windows\system32\d3d10warp.dll
2014-02-12 10:28 . 2013-11-19 23:57	3288576	----a-w-	c:\windows\SysWow64\d2d1.dll
2014-02-05 12:45 . 2014-02-20 08:39	--------	d-----w-	c:\program files (x86)\Mozilla Thunderbird
2014-01-26 09:21 . 2013-12-18 20:09	96168	----a-w-	c:\windows\SysWow64\WindowsAccessBridge-32.dll
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-02-22 11:19 . 2013-05-06 17:53	500	----a-w-	c:\users\Juga\AppData\Roaming\sp_data.sys
2014-02-17 22:03 . 2012-07-26 08:14	78304	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-02-17 22:03 . 2012-07-26 08:14	694240	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2014-02-15 14:27 . 2013-05-06 18:57	88567024	----a-w-	c:\windows\system32\MRT.exe
2013-12-10 07:13 . 2013-12-10 07:13	18286416	----a-w-	c:\windows\system32\nvwgf2umx.dll
2013-12-10 07:13 . 2013-12-10 07:13	15855568	----a-w-	c:\windows\SysWow64\nvwgf2um.dll
2013-12-10 07:13 . 2013-12-10 07:13	32544	----a-w-	c:\windows\system32\drivers\nvpciflt.sys
2013-12-10 07:13 . 2012-11-15 18:39	1435504	----a-w-	c:\windows\system32\nvumdshimx.dll
2013-12-10 07:13 . 2012-11-15 18:39	1241376	----a-w-	c:\windows\SysWow64\nvumdshim.dll
2013-12-10 07:13 . 2013-12-10 07:13	9480328	----a-w-	c:\windows\SysWow64\nvopencl.dll
2013-12-10 07:13 . 2013-12-10 07:13	30344480	----a-w-	c:\windows\system32\nvoglv64.dll
2013-12-10 07:13 . 2013-12-10 07:13	22933792	----a-w-	c:\windows\SysWow64\nvoglv32.dll
2013-12-10 07:13 . 2013-12-10 07:13	11374520	----a-w-	c:\windows\system32\nvopencl.dll
2013-12-10 07:13 . 2013-12-10 07:13	317472	----a-w-	c:\windows\system32\nvoglshim64.dll
2013-12-10 07:13 . 2013-12-10 07:13	266984	----a-w-	c:\windows\SysWow64\nvoglshim32.dll
2013-12-10 07:13 . 2013-12-10 07:13	12572960	----a-w-	c:\windows\system32\drivers\nvlddmkm.sys
2013-12-10 07:13 . 2013-12-10 07:13	655136	----a-w-	c:\windows\system32\NvIFR64.dll
2013-12-10 07:13 . 2013-12-10 07:13	560416	----a-w-	c:\windows\SysWow64\NvIFR.dll
2013-12-10 07:13 . 2012-11-15 18:39	168616	----a-w-	c:\windows\system32\nvinitx.dll
2013-12-10 07:13 . 2012-11-15 18:39	141336	----a-w-	c:\windows\SysWow64\nvinit.dll
2013-12-10 07:13 . 2013-12-10 07:13	696096	----a-w-	c:\windows\system32\NvFBC64.dll
2013-12-10 07:13 . 2013-12-10 07:13	599840	----a-w-	c:\windows\SysWow64\NvFBC.dll
2013-12-10 07:13 . 2013-12-10 07:13	1884448	----a-w-	c:\windows\system32\nvdispco6433165.dll
2013-12-10 07:13 . 2013-12-10 07:13	18199872	----a-w-	c:\windows\system32\nvd3dumx.dll
2013-12-10 07:13 . 2013-12-10 07:13	15212336	----a-w-	c:\windows\SysWow64\nvd3dum.dll
2013-12-10 07:13 . 2013-12-10 07:13	1511712	----a-w-	c:\windows\system32\nvdispgenco6433165.dll
2013-12-10 07:13 . 2013-12-10 07:13	9524088	----a-w-	c:\windows\SysWow64\nvcuda.dll
2013-12-10 07:13 . 2013-12-10 07:13	3131680	----a-w-	c:\windows\system32\nvcuvid.dll
2013-12-10 07:13 . 2013-12-10 07:13	3124512	----a-w-	c:\windows\system32\nvcuvenc.dll
2013-12-10 07:13 . 2013-12-10 07:13	2946848	----a-w-	c:\windows\SysWow64\nvcuvid.dll
2013-12-10 07:13 . 2013-12-10 07:13	2747168	----a-w-	c:\windows\SysWow64\nvcuvenc.dll
2013-12-10 07:13 . 2013-12-10 07:13	11426568	----a-w-	c:\windows\system32\nvcuda.dll
2013-12-10 07:12 . 2013-12-10 07:12	25257248	----a-w-	c:\windows\system32\nvcompiler.dll
2013-12-10 07:12 . 2013-12-10 07:12	17560352	----a-w-	c:\windows\SysWow64\nvcompiler.dll
2013-12-10 07:12 . 2012-11-15 18:39	3067560	----a-w-	c:\windows\system32\nvapi64.dll
2013-12-10 07:12 . 2012-11-15 18:39	2695200	----a-w-	c:\windows\SysWow64\nvapi.dll
2013-12-07 06:37 . 2014-01-16 09:26	688640	----a-w-	c:\windows\system32\WSShared.dll
2013-12-07 06:37 . 2014-01-16 09:26	163840	----a-w-	c:\windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2013-12-07 05:15 . 2014-01-16 09:26	562688	----a-w-	c:\windows\SysWow64\WSShared.dll
2013-12-07 05:15 . 2014-01-16 09:26	124928	----a-w-	c:\windows\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ShareOverlay]
@="{594D4122-1F87-41E2-96C7-825FB4796516}"
[HKEY_CLASSES_ROOT\CLSID\{594D4122-1F87-41E2-96C7-825FB4796516}]
2013-10-20 16:47	627712	----a-w-	c:\program files\Classic Shell\ClassicExplorer32.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" [2012-09-12 56128]
"ASUSWebStorage"="c:\program files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\AsusWSPanel.exe" [2012-08-28 3417984]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"Reader Application Helper"="c:\program files (x86)\Sony\ReaderDesktop\appHelper\ReaderAppHelper.exe" [2013-11-27 899400]
"BingDesktop"="c:\program files (x86)\Microsoft\BingDesktop\BingDesktop.exe" [2013-09-22 2258056]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableCursorSuppression"= 1 (0x1)
"ConsentPromptBehaviorUser"= 3 (0x3)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R0 bdelam;bdelam;c:\windows\system32\drivers\bdelam.sys;c:\windows\SYSNATIVE\drivers\bdelam.sys [x]
R2 Mobile Partner. RunOuc;Mobile Partner. OUC;c:\program files (x86)\mobile partner\updatedog\ouc.exe;c:\program files (x86)\mobile partner\updatedog\ouc.exe [x]
R2 PDF Architect Service;PDF Architect Service;c:\program files (x86)\PDF Architect\ConversionService.exe;c:\program files (x86)\PDF Architect\ConversionService.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R2 UPDATESRV;Bitdefender Desktop Update Service;c:\program files\Bitdefender\Bitdefender 2013\updatesrv.exe;c:\program files\Bitdefender\Bitdefender 2013\updatesrv.exe [x]
R3 AMPPALP;Intel® Centrino® Wireless Bluetooth® + High Speed Protokoll;c:\windows\system32\DRIVERS\amppal.sys;c:\windows\SYSNATIVE\DRIVERS\amppal.sys [x]
R3 avckf;avckf;c:\windows\system32\DRIVERS\avckf.sys;c:\windows\SYSNATIVE\DRIVERS\avckf.sys [x]
R3 BDSandBox;BDSandBox;c:\windows\system32\drivers\bdsandbox.sys;c:\windows\SYSNATIVE\drivers\bdsandbox.sys [x]
R3 cjusb;REINER SCT cyberJack USB Driver;c:\windows\system32\DRIVERS\cjusb.sys;c:\windows\SYSNATIVE\DRIVERS\cjusb.sys [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys;c:\windows\SYSNATIVE\DRIVERS\ew_hwusbdev.sys [x]
R3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\DRIVERS\ewusbnet.sys;c:\windows\SYSNATIVE\DRIVERS\ewusbnet.sys [x]
R3 intaud_WaveExtensible;Intel WiDi Audio Device;c:\windows\system32\drivers\intelaud.sys;c:\windows\SYSNATIVE\drivers\intelaud.sys [x]
R3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys;c:\windows\SYSNATIVE\DRIVERS\lvrs64.sys [x]
R3 LVUVC64;@oem85.inf,%PID_0990_DD%(UVC);Logitech QuickCam Pro 9000(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys;c:\windows\SYSNATIVE\DRIVERS\lvuvc64.sys [x]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [x]
R3 RTL8168;Realtek 8168 NT-Treiber;c:\windows\system32\DRIVERS\Rt630x64.sys;c:\windows\SYSNATIVE\DRIVERS\Rt630x64.sys [x]
R3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 usb3Hub;USB-IF USB 3.0 Hub;c:\windows\System32\drivers\usb3Hub.sys;c:\windows\SYSNATIVE\drivers\usb3Hub.sys [x]
R3 XHCIPort;USB-IF xHCI USB Host Controller;c:\windows\System32\drivers\XHCIPort.sys;c:\windows\SYSNATIVE\drivers\XHCIPort.sys [x]
R4 BdDesktopParental;Bitdefender Desktop Parental Control;c:\program files\Bitdefender\Bitdefender 2013\bdparentalservice.exe;c:\program files\Bitdefender\Bitdefender 2013\bdparentalservice.exe [x]
S0 avc3;avc3;c:\windows\system32\DRIVERS\avc3.sys;c:\windows\SYSNATIVE\DRIVERS\avc3.sys [x]
S0 gzflt;gzflt;c:\windows\system32\DRIVERS\gzflt.sys;c:\windows\SYSNATIVE\DRIVERS\gzflt.sys [x]
S0 iaStorA;iaStorA;c:\windows\System32\drivers\iaStorA.sys;c:\windows\SYSNATIVE\drivers\iaStorA.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S1 ATKWMIACPIIO;ATKWMIACPI Driver;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [x]
S1 BdfNdisf;BitDefender Firewall NDIS 6 Filter Driver;c:\program files\Common Files\Bitdefender\Bitdefender Firewall\bdfndisf6.sys;c:\program files\Common Files\Bitdefender\Bitdefender Firewall\bdfndisf6.sys [x]
S1 bdfwfpf;bdfwfpf;c:\program files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys;c:\program files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [x]
S1 BDVEDISK;BDVEDISK;c:\windows\system32\DRIVERS\bdvedisk.sys;c:\windows\SYSNATIVE\DRIVERS\bdvedisk.sys [x]
S2 AAV UpdateService;AAV UpdateService;c:\program files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe;c:\program files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe [x]
S2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [x]
S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [x]
S2 ASUS InstantOn;ASUS InstantOn Service;c:\program files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe;c:\program files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [x]
S2 BingDesktopUpdate;Bing Desktop Update service;c:\program files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe;c:\program files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [x]
S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [x]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [x]
S2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [x]
S2 cjpcsc;cyberJack PC/SC COM Service ;c:\windows\SysWOW64\cjpcsc.exe;c:\windows\SysWOW64\cjpcsc.exe [x]
S2 DirMngr;DirMngr;c:\program files (x86)\GNU\GnuPG\dirmngr.exe;c:\program files (x86)\GNU\GnuPG\dirmngr.exe [x]
S2 DptfParticipantProcessorService;Intel(R) Dynamic Platform & Thermal Framework Processor Participant Service Application;c:\windows\system32\DptfParticipantProcessorService.exe;c:\windows\SYSNATIVE\DptfParticipantProcessorService.exe [x]
S2 DptfPolicyConfigTDPService;Intel(R) Dynamic Platform & Thermal Framework Config TDP Service Application;c:\windows\system32\DptfPolicyConfigTDPService.exe;c:\windows\SYSNATIVE\DptfPolicyConfigTDPService.exe [x]
S2 HWDeviceService64.exe;HWDeviceService64.exe;c:\programdata\DatacardService\HWDeviceService64.exe;c:\programdata\DatacardService\HWDeviceService64.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 Intel(R) ME Service;Intel(R) ME Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [x]
S2 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management;Intel(R) Wireless Bluetooth(R) 4.0 Radio Management;c:\program files (x86)\Intel\Bluetooth\ibtrksrv.exe;c:\program files (x86)\Intel\Bluetooth\ibtrksrv.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
S2 PDF Architect Helper Service;PDF Architect Helper Service;c:\program files (x86)\PDF Architect\HelperService.exe;c:\program files (x86)\PDF Architect\HelperService.exe [x]
S2 SafeBox;SafeBox;c:\program files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe;c:\program files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe [x]
S2 SSPORT;SSPORT;c:\windows\system32\Drivers\SSPORT.sys;c:\windows\SYSNATIVE\Drivers\SSPORT.sys [x]
S2 StarMoney 9.0 OnlineUpdate;StarMoney 9.0 OnlineUpdate;c:\program files (x86)\StarMoney 9.0\ouservice\StarMoneyOnlineUpdate.exe;c:\program files (x86)\StarMoney 9.0\ouservice\StarMoneyOnlineUpdate.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe [x]
S3 acpials;ALS-Sensorfilter;c:\windows\system32\DRIVERS\acpials.sys;c:\windows\SYSNATIVE\DRIVERS\acpials.sys [x]
S3 AiCharger;ASUS Charger Driver;c:\windows\system32\DRIVERS\AiCharger.sys;c:\windows\SYSNATIVE\DRIVERS\AiCharger.sys [x]
S3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed - Virtueller Adapter;c:\windows\System32\drivers\AMPPAL.sys;c:\windows\SYSNATIVE\drivers\AMPPAL.sys [x]
S3 ATP;ASUS PS/2 Port Input Device;c:\windows\System32\drivers\AsusTP.sys;c:\windows\SYSNATIVE\drivers\AsusTP.sys [x]
S3 avchv;avchv Function Driver;c:\windows\system32\DRIVERS\avchv.sys;c:\windows\SYSNATIVE\DRIVERS\avchv.sys [x]
S3 BthLEEnum;Treiber für energiearme Bluetooth-Geräte;c:\windows\system32\DRIVERS\BthLEEnum.sys;c:\windows\SYSNATIVE\DRIVERS\BthLEEnum.sys [x]
S3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys;c:\windows\SYSNATIVE\DRIVERS\btmaux.sys [x]
S3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys;c:\windows\SYSNATIVE\DRIVERS\btmhsf.sys [x]
S3 DptfDevDram;DptfDevDram;c:\windows\system32\DRIVERS\DptfDevDram.sys;c:\windows\SYSNATIVE\DRIVERS\DptfDevDram.sys [x]
S3 DptfDevFan;DptfDevFan;c:\windows\system32\DRIVERS\DptfDevFan.sys;c:\windows\SYSNATIVE\DRIVERS\DptfDevFan.sys [x]
S3 DptfDevGen;DptfDevGen;c:\windows\system32\DRIVERS\DptfDevGen.sys;c:\windows\SYSNATIVE\DRIVERS\DptfDevGen.sys [x]
S3 DptfDevPch;DptfDevPch;c:\windows\system32\DRIVERS\DptfDevPch.sys;c:\windows\SYSNATIVE\DRIVERS\DptfDevPch.sys [x]
S3 DptfDevProc;DptfDevProc;c:\windows\system32\DRIVERS\DptfDevProc.sys;c:\windows\SYSNATIVE\DRIVERS\DptfDevProc.sys [x]
S3 DptfManager;DptfManager;c:\windows\system32\DRIVERS\DptfManager.sys;c:\windows\SYSNATIVE\DRIVERS\DptfManager.sys [x]
S3 HIDSwitch;ASUS Wireless Radio Control;c:\windows\System32\drivers\AsHIDSwitch64.sys;c:\windows\SYSNATIVE\drivers\AsHIDSwitch64.sys [x]
S3 huawei_enumerator;huawei_enumerator;c:\windows\System32\drivers\ew_jubusenum.sys;c:\windows\SYSNATIVE\drivers\ew_jubusenum.sys [x]
S3 ibtfltcoex;ibtfltcoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys;c:\windows\SYSNATIVE\DRIVERS\iBtFltCoex.sys [x]
S3 IntcDAud;Intel(R) Display-Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 iwdbus;IWD Bus Enumerator;c:\windows\System32\drivers\iwdbus.sys;c:\windows\SYSNATIVE\drivers\iwdbus.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 NETwNe64;Intel(R) Wireless WiFi Link der Serie 5000 Adaptertreiber für Windows 8 64-Bit;c:\windows\system32\DRIVERS\NETwew00.sys;c:\windows\SYSNATIVE\DRIVERS\NETwew00.sys [x]
S3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\System32\Drivers\RtsUVStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUVStor.sys [x]
S3 SensorsAlsDriver;UMDF-Reflektordienst für SensorsAlsDriver;c:\windows\system32\DRIVERS\WUDFRd.sys;c:\windows\SYSNATIVE\DRIVERS\WUDFRd.sys [x]
S3 WUDFWpdMtp;WUDFWpdMtp;c:\windows\system32\DRIVERS\WUDFRd.sys;c:\windows\SYSNATIVE\DRIVERS\WUDFRd.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{A6EADE66-0000-0000-484E-7E8A45000000}]
2013-09-05 14:04	215416	----a-w-	c:\program files (x86)\Adobe\Reader 11.0\Esl\AiodLite.dll
.
Inhalt des "geplante Tasks" Ordners
.
2014-02-22 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-20 19:38]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2012-03-13 09:23	1500672	----a-w-	c:\program files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2012-03-13 09:23	1500672	----a-w-	c:\program files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_U]
@="{1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D}"
[HKEY_CLASSES_ROOT\CLSID\{1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D}]
2012-03-13 09:23	1500672	----a-w-	c:\program files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ShareOverlay]
@="{594D4122-1F87-41E2-96C7-825FB4796516}"
[HKEY_CLASSES_ROOT\CLSID\{594D4122-1F87-41E2-96C7-825FB4796516}]
2013-10-20 16:47	774144	----a-w-	c:\program files\Classic Shell\ClassicExplorer64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\__SafeBox1]
@="{152C96EB-288E-4EDC-B7C6-D21F8250ADF3}"
[HKEY_CLASSES_ROOT\CLSID\{152C96EB-288E-4EDC-B7C6-D21F8250ADF3}]
2013-02-27 13:43	269200	----a-w-	c:\program files\Bitdefender\Bitdefender Safebox\safeboxshell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\__SafeBox2]
@="{342DAA0B-D796-460D-8566-901E08A1CCAD}"
[HKEY_CLASSES_ROOT\CLSID\{342DAA0B-D796-460D-8566-901E08A1CCAD}]
2013-02-27 13:43	269200	----a-w-	c:\program files\Bitdefender\Bitdefender Safebox\safeboxshell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\__SafeBox3]
@="{57595DAE-1AE1-4D97-A49E-67CBB53B52DF}"
[HKEY_CLASSES_ROOT\CLSID\{57595DAE-1AE1-4D97-A49E-67CBB53B52DF}]
2013-02-27 13:43	269200	----a-w-	c:\program files\Bitdefender\Bitdefender Safebox\safeboxshell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\__SafeBox4]
@="{33816773-98AE-4723-ADE0-EBE54C8B5A67}"
[HKEY_CLASSES_ROOT\CLSID\{33816773-98AE-4723-ADE0-EBE54C8B5A67}]
2013-02-27 13:43	269200	----a-w-	c:\program files\Bitdefender\Bitdefender Safebox\safeboxshell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-08-31 170304]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-08-31 398656]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-08-30 13192848]
"ASUSQuickGesture(x86)"="c:\program files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe" [2012-09-11 20352]
"ASUSTPLoader(x64)"="c:\program files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe" [2012-09-11 169856]
"ASUSQuickGesture(x64)"="c:\program files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe" [2012-09-11 22400]
"DptfPolicyLpmServiceHelper"="c:\windows\system32\DptfPolicyLpmServiceHelper.exe" [2012-07-30 21888]
"ACMON"="c:\program files (x86)\ASUS\Splendid\ACMON.exe" [2012-08-24 107192]
"Bdagent"="c:\program files\Bitdefender\Bitdefender 2013\bdagent.exe" [2013-10-25 1575192]
"BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshellex.dll" [2013-09-19 7818040]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = about:blank
mStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.178.1
TCP: Interfaces\{AEFBB86E-3140-48A0-A253-9D902613CC85}: NameServer = 139.7.30.126 139.7.30.125
FF - ProfilePath - c:\users\Juga\AppData\Roaming\Mozilla\Firefox\Profiles\l24us74s.default-1393022713616\
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
BHO-{8B8B2E80-1444-451D-AC8E-EB9A847F3887} - c:\program files (x86)\Unitech LLC\ividi\1.8.23.0\bh\ividi.dll
BHO-{E87806B5-E908-45FD-AF5E-957D83E58E68} - c:\program files (x86)\Softonic\Softonic\1.8.21.14\bh\Softonic.dll
Toolbar-Locked - (no file)
Toolbar-{5018CFD2-804D-4C99-9F81-25EAEA2769DE} - c:\program files (x86)\Softonic\Softonic\1.8.21.14\SoftonicTlbr.dll
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
HKLM_Wow6432Node-ActiveSetup-{5CCF8330-F742-411A-8A04-719806D168B5} - msiexec
Toolbar-Locked - (no file)
ShellIconOverlayIdentifiers-{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - (no file)
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
@SACL=(02 0000)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\programdata\Mobile Partner\OnlineUpdate\ouc.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
c:\program files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
c:\program files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe
c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
c:\windows\SysWOW64\ACEngSvr.exe
c:\program files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2014-02-22  12:22:13 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2014-02-22 11:22
.
Vor Suchlauf: 15 Verzeichnis(se), 16.122.859.520 Bytes frei
Nach Suchlauf: 20 Verzeichnis(se), 15.960.530.944 Bytes frei
.
- - End Of File - - F2BDCDA679ACB2769F208E69E531A4B5
         
 --- --- ---

schrauber · 23.02.2014, 11:14

Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

und ein frisches FRST log bitte.

jugajuga · 23.02.2014, 23:56

Herzlichen Dank für Deine weitere Nachricht und Hilfe!

Malewarebyets log:

Code:

ATTFilter

 Malwarebytes Anti-Malware  (PRO) 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2014.02.22.05

Windows 8 x64 NTFS
Internet Explorer 10.0.9200.16798
Juga :: LAPTOP [Administrator]

Schutz: Aktiviert

23.02.2014 12:42:55
mbam-log-2014-02-23 (12-42-55).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 619581
Laufzeit: 1 Stunde(n), 2 Minute(n), 30 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)

Adwcleaner:

AdwCleaner Logfile:

Code:

ATTFilter

# AdwCleaner v3.019 - Bericht erstellt am 23/02/2014 um 20:34:41
# Aktualisiert 17/02/2014 von Xplode
# Betriebssystem : Windows 8  (64 bits)
# Benutzername : Juga - LAPTOP
# Gestartet von : C:\Users\Juga\Downloads\adwcleaner(1).exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\apn
Ordner Gelöscht : C:\ProgramData\Ask
Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\myfree codec
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\open it!
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\pdfforge
Ordner Gelöscht : C:\Program Files (x86)\AskPartnerNetwork
Ordner Gelöscht : C:\Program Files (x86)\myfree codec
Ordner Gelöscht : C:\Program Files (x86)\openit
Ordner Gelöscht : C:\Program Files (x86)\Softonic
Ordner Gelöscht : C:\Program Files (x86)\Unitech LLC
Ordner Gelöscht : C:\Program Files\pdfforge
Ordner Gelöscht : C:\Users\Juga\AppData\LocalLow\Softonic
Ordner Gelöscht : C:\Users\Juga\AppData\LocalLow\Unitech LLC
Ordner Gelöscht : C:\Users\Juga\AppData\Roaming\BabSolution
Ordner Gelöscht : C:\Users\Juga\AppData\Roaming\DigitalSites
Ordner Gelöscht : C:\Users\Juga\AppData\Roaming\DSite
Ordner Gelöscht : C:\Users\Juga\AppData\Roaming\pdfforge
Ordner Gelöscht : C:\Users\Juga\AppData\Roaming\Systweak
Ordner Gelöscht : C:\Users\Juga\AppData\Roaming\yourfiledownloader
Ordner Gelöscht : C:\Users\Juga\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\Extensions\sparpilot@sparpilot.com
Ordner Gelöscht : C:\Users\Juga\AppData\Roaming\Mozilla\Firefox\Profiles\kwb1kdbx.default\Extensions\sparpilot@sparpilot.com
Ordner Gelöscht : C:\Users\Juga\AppData\Local\Google\Chrome\User Data\Default\Extensions\elchiiiejkobdbblfejjkbphbddgmljf
Ordner Gelöscht : C:\Users\Juga\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde
Datei Gelöscht : C:\Windows\System32\roboot64.exe
Datei Gelöscht : C:\Users\Juga\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\Uninstall.exe
Datei Gelöscht : C:\Users\Juga\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\Mysearchdial.xml
Datei Gelöscht : C:\Users\Juga\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\softonic.xml
Datei Gelöscht : C:\Users\Juga\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\user.js
Datei Gelöscht : C:\Windows\System32\Tasks\MySearchDial
Datei Gelöscht : C:\Windows\System32\Tasks\RegClean Pro_DEFAULT
Datei Gelöscht : C:\Windows\System32\Tasks\RegClean Pro_UPDATES

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\aaaaojmikegpiepcfdkkjaplodkpfmlo
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\elchiiiejkobdbblfejjkbphbddgmljf
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\escort.escortIEPane
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\SoftonicApp.appCore
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\SoftonicApp.appCore.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\srv.SoftonicSrvc
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\srv.SoftonicSrvc.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{B15F118E-AF21-45E8-A809-29FDD7362565}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{44B50C01-4993-48E2-ADEE-D812BAE2E9A2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5018CFD2-804D-4C99-9F81-25EAEA2769DE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5C3B5DAA-0AFF-4808-90FB-0F2F2D760E36}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A3E2F089-DDBB-4CBF-B06C-5D44DA316ED3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A5679AB0-C59E-49E7-83C4-5289F844A6E0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CA0167C2-6295-41B8-9BDA-704B2F5E4CD9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E87806B5-E908-45FD-AF5E-957D83E58E68}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{FD501041-8EBE-11CE-8183-00AA00577DA2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{087CDC12-0A11-4D1D-8DCF-44185D7C3496}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{088BF3A9-6AE8-47B9-A3FB-26262F236C79}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2AC7B9EB-3881-4EB9-8DEE-0A731A309FDE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{349C0469-ACDD-49DF-9B3E-0D82E7C7DC4D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{41226591-6F7A-4082-B63A-67FE4A0CF7A6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{55D69CD1-6715-4C40-BF05-9519AC4DC6E6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66C8FD57-54C4-4D4F-BC95-DCCC763B410A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{717BAE33-7061-4279-8AE5-6C13BC8AF3F9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{84F06F7A-F811-48D7-8B34-3F4145183D8F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{88F6D55F-AA3F-4003-BE69-4AC1998D6492}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8DBCDED5-08AD-41A2-9BBC-235D84F4FE06}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A0F66203-1A86-4812-9603-A57E09A4D7A3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{BC39D1B3-4471-41C1-AACA-E097FAF4B7AA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DEB85542-1311-4EC6-8A32-5372EB27FC94}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{11D9E165-B8C1-4734-A56C-BC4FCACA966B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{B15F118E-AF21-45E8-A809-29FDD7362565}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E87806B5-E908-45FD-AF5E-957D83E58E68}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9CF034EA-7B46-48D3-8895-8A14B32AE445}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{25A3A431-30BB-47C8-AD6A-E1063801134F}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{5018CFD2-804D-4C99-9F81-25EAEA2769DE}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{087CDC12-0A11-4D1D-8DCF-44185D7C3496}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{088BF3A9-6AE8-47B9-A3FB-26262F236C79}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2AC7B9EB-3881-4EB9-8DEE-0A731A309FDE}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{349C0469-ACDD-49DF-9B3E-0D82E7C7DC4D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{41226591-6F7A-4082-B63A-67FE4A0CF7A6}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{55D69CD1-6715-4C40-BF05-9519AC4DC6E6}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66C8FD57-54C4-4D4F-BC95-DCCC763B410A}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{717BAE33-7061-4279-8AE5-6C13BC8AF3F9}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{84F06F7A-F811-48D7-8B34-3F4145183D8F}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{88F6D55F-AA3F-4003-BE69-4AC1998D6492}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{8DBCDED5-08AD-41A2-9BBC-235D84F4FE06}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A0F66203-1A86-4812-9603-A57E09A4D7A3}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{BC39D1B3-4471-41C1-AACA-E097FAF4B7AA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{DEB85542-1311-4EC6-8A32-5372EB27FC94}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Schlüssel Gelöscht : HKCU\Software\Delta
Schlüssel Gelöscht : HKCU\Software\dsiteproducts
Schlüssel Gelöscht : HKCU\Software\Myfree Codec
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\systweak
Schlüssel Gelöscht : HKCU\Software\Unitech LLC
Schlüssel Gelöscht : HKCU\Software\YourFileDownloader
Schlüssel Gelöscht : HKLM\Software\Delta
Schlüssel Gelöscht : HKLM\Software\Myfree Codec
Schlüssel Gelöscht : HKLM\Software\Softonic
Schlüssel Gelöscht : HKLM\Software\systweak
Schlüssel Gelöscht : HKLM\Software\Unitech LLC
Schlüssel Gelöscht : HKLM\Software\YourFileDownloader
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Zip Opener Packages
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Delta Chrome Toolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FLV Player
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\openit open it!
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Softonic

***** [ Browser ] *****

-\\ Internet Explorer v10.0.9200.16798

Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs]

-\\ Mozilla Firefox v27.0.1 (de)

[ Datei : C:\Users\Juga\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\prefs.js ]

Zeile gelöscht : user_pref("browser.search.defaultenginename", "Mysearchdial");
Zeile gelöscht : user_pref("pttl.menu-search-groups-tab", false);
Zeile gelöscht : user_pref("pttl.menu-search-groups-win", false);

[ Datei : C:\Users\Juga\AppData\Roaming\Mozilla\Firefox\Profiles\l24us74s.default-1393022713616\prefs.js ]


-\\ Google Chrome v

[ Datei : C:\Users\Juga\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [11449 octets] - [23/02/2014 20:32:19]
AdwCleaner[S0].txt - [10553 octets] - [23/02/2014 20:34:41]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [10614 octets] ##########

--- --- ---

Junkware Removal und FRST Log folgen, sobald ich sie erstellt habe.

Und noch die beiden weiteren angefragten LOGs:

Junkware Removal log

Code:

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.2 (02.20.2014:1)
OS: Windows 8 x64
Ran by Juga on 23.02.2014 at 21:17:19,89
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{A8687284-3697-4655-BE2B-AA9ECF2FE73E}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{E77F2311-3431-4099-BACD-C4E2DD35C235}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Users\Juga\AppData\Roaming\zip opener packages"



~~~ FireFox

Successfully deleted: [Folder] C:\Users\Juga\AppData\Roaming\mozilla\firefox\profiles\JonDoFox\extensions\staged



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 23.02.2014 at 21:29:56,20
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

FRST.txt

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 23-02-2014 02
Ran by Juga (administrator) on LAPTOP on 23-02-2014 23:55:18
Running from C:\Users\Juga\Desktop
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2013\vsserv.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
() C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe
(REINER SCT) C:\Windows\SysWOW64\cjpcsc.exe
() C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe
(Microsoft Corporation) C:\Windows\system32\dashost.exe
() C:\Windows\system32\DptfParticipantProcessorService.exe
() C:\Windows\system32\DptfPolicyConfigTDPService.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
() C:\ProgramData\DatacardService\HWDeviceService64.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
() C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\HelperService.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Star Finanz-Software Entwicklung und Vertriebs GmbH) C:\Program Files (x86)\StarMoney 9.0\ouservice\StarMoneyOnlineUpdate.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnCfg.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1114.318_x64__8wekyb3d8bbwe\LiveComm.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2013\bdagent.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Sony Corporation) C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ReaderAppHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13192848 2012-08-30] (Realtek Semiconductor)
HKLM\...\Run: [ASUSQuickGesture(x86)] - C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe [20352 2012-09-11] (ASUSTeK Computer Inc.)
HKLM\...\Run: [ASUSTPLoader(x64)] - C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe [169856 2012-09-11] (AsusTek)
HKLM\...\Run: [ASUSQuickGesture(x64)] - C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe [22400 2012-09-11] (ASUSTeK Computer Inc.)
HKLM\...\Run: [DptfPolicyLpmServiceHelper] - C:\Windows\system32\DptfPolicyLpmServiceHelper.exe [21888 2012-07-30] ()
HKLM\...\Run: [ACMON] - C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [107192 2012-08-24] (ASUS)
HKLM\...\Run: [Bdagent] - C:\Program Files\Bitdefender\Bitdefender 2013\bdagent.exe [1575192 2013-10-25] (Bitdefender)
HKLM\...\Run: [BTMTrayAgent] - C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll [7818040 2013-09-19] (Motorola Solutions, Inc.)
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [285240 2012-09-01] (Intel Corporation)
HKLM-x32\...\Run: [ASUSWebStorage] - C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\AsusWSPanel.exe [3417984 2012-08-28] (ASUS Cloud Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Reader Application Helper] - C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ReaderAppHelper.exe [899400 2013-11-27] (Sony Corporation)
HKLM-x32\...\Run: [BingDesktop] - C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe [2258056 2013-09-22] (Microsoft Corp.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [] - [X]
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [168616 2013-12-10] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [141336 2013-12-10] (NVIDIA Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&amp;form=IE10TR&amp;src=IE10TR&amp;pc=ASU2JS
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&amp;form=IE10TR&amp;src=IE10TR&amp;pc=ASU2JS
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: ASUS Browser Extension x64 - {78234974-0C4B-4111-BDEB-D9A104418772} - C:\Program Files (x86)\ASUS\ASUS Smart Gesture\install\x64\BrowserExtension64.dll (ASUSTeK Computer Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_64.dll (IvoSoft)
BHO-x32: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GmbH)
BHO-x32: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: ASUS Browser Extension x86 - {78234974-0C4B-4111-BDEB-D9A104418771} - C:\Program Files (x86)\ASUS\ASUS Smart Gesture\install\x86\BrowserExtension.dll (ASUSTeK Computer Inc.)
BHO-x32: ividi Helper Object - {8B8B2E80-1444-451D-AC8E-EB9A847F3887} - C:\Program Files (x86)\Unitech LLC\ividi\1.8.23.0\bh\ividi.dll No File
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{AEFBB86E-3140-48A0-A253-9D902613CC85}: [NameServer]139.7.30.126 139.7.30.125

FireFox:
========
FF ProfilePath: C:\Users\Juga\AppData\Roaming\Mozilla\Firefox\Profiles\l24us74s.default-1393022713616
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_70.dll ()
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll ()
FF Plugin-x32: @ei.FromDocToPDF_65.com/Plugin - C:\Program Files (x86)\FromDocToPDF_65EI\Installr\1.bin\NP65EISB.dll (FromDocToPDF)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @sony.com/ReaderDesktop - C:\Program Files (x86)\Sony\ReaderDesktop\npreaderdetectmoz.dll (Sony Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2013\bdtbext
FF Extension: No Name - C:\Program Files\Bitdefender\Bitdefender 2013\bdtbext [2013-06-30]
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2013-10-21]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2013\bdtbext
FF Extension: No Name - C:\Program Files\Bitdefender\Bitdefender 2013\bdtbext [2013-06-30]

Chrome: 
=======
CHR Extension: (Google Docs) - C:\Users\Juga\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-02-19]
CHR Extension: (Google Drive) - C:\Users\Juga\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-02-19]
CHR Extension: (YouTube) - C:\Users\Juga\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-02-19]
CHR Extension: (Google-Suche) - C:\Users\Juga\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-02-19]
CHR Extension: (Softonic Chrome Toolbar) - C:\Users\Juga\AppData\Local\Google\Chrome\User Data\Default\Extensions\elchiiiejkobdbblfejjkbphbddgmljf [2013-10-21]
CHR Extension: (Delta Toolbar) - C:\Users\Juga\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde [2014-02-19]
CHR Extension: (Amazon-Icon) - C:\Users\Juga\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkcedibhemacmilmkpndpkoidlnmgngg [2014-02-19]
CHR Extension: (Google Wallet) - C:\Users\Juga\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-19]
CHR Extension: (Google Mail) - C:\Users\Juga\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-02-19]
CHR HKLM-x32\...\Chrome\Extension: [mkcedibhemacmilmkpndpkoidlnmgngg] - C:\Users\Juga\ChromeExtensions\mkcedibhemacmilmkpndpkoidlnmgngg\amazon.crx [2014-02-13]

==================== Services (Whitelisted) =================

R2 AAV UpdateService; C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe [128296 2008-10-24] ()
R2 ASUS InstantOn; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [277120 2012-04-13] (ASUS)
S4 BdDesktopParental; C:\Program Files\Bitdefender\Bitdefender 2013\bdparentalservice.exe [69392 2013-10-25] (Bitdefender)
R2 BingDesktopUpdate; C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [173192 2013-09-22] (Microsoft Corp.)
R2 cjpcsc; C:\Windows\SysWOW64\cjpcsc.exe [515632 2013-05-21] (REINER SCT)
R2 DirMngr; C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe [218112 2013-05-28] ()
R2 DptfParticipantProcessorService; C:\Windows\system32\DptfParticipantProcessorService.exe [29056 2012-07-30] ()
R2 DptfPolicyConfigTDPService; C:\Windows\system32\DptfPolicyConfigTDPService.exe [30592 2012-07-30] ()
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [339456 2010-11-16] ()
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
R2 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [157128 2013-09-18] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S2 Mobile Partner. RunOuc; c:\program files (x86)\mobile partner\updatedog\ouc.exe [218624 2013-05-09] ()
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-08-28] ()
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
S2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
R2 SafeBox; C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe [95184 2012-06-25] (Bitdefender)
R2 StarMoney 9.0 OnlineUpdate; C:\Program Files (x86)\StarMoney 9.0\ouservice\StarMoneyOnlineUpdate.exe [663184 2014-01-27] (Star Finanz-Software Entwicklung und Vertriebs GmbH)
S2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2013\updatesrv.exe [67320 2013-10-25] (Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2013\vsserv.exe [1645256 2013-10-25] (Bitdefender)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-02] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3378416 2013-08-28] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [56704 2012-09-11] (ASUS Corporation)
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [727592 2013-10-25] (BitDefender)
R3 avchv; C:\Windows\system32\DRIVERS\avchv.sys [261056 2012-11-02] (BitDefender)
S3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [601360 2013-10-25] (BitDefender)
S0 bdelam; C:\Windows\System32\drivers\bdelam.sys [23456 2012-07-11] (Bitdefender)
R1 BdfNdisf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfndisf6.sys [98768 2013-10-25] (BitDefender LLC)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [107008 2013-10-25] (BitDefender LLC)
S3 BDSandBox; C:\Windows\system32\drivers\bdsandbox.sys [82824 2013-10-25] (BitDefender SRL)
R1 BDVEDISK; C:\Windows\system32\DRIVERS\bdvedisk.sys [79192 2013-10-25] (BitDefender)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [140600 2013-07-22] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1390904 2013-09-05] (Motorola Solutions, Inc.)
S3 cjusb; C:\Windows\system32\DRIVERS\cjusb.sys [35192 2012-09-04] (REINER SCT)
R3 DptfDevDram; C:\Windows\system32\DRIVERS\DptfDevDram.sys [107328 2012-07-13] (Intel Corporation)
R3 DptfDevFan; C:\Windows\system32\DRIVERS\DptfDevFan.sys [42816 2012-07-13] (Intel Corporation)
R3 DptfDevGen; C:\Windows\system32\DRIVERS\DptfDevGen.sys [64832 2012-07-13] (Intel Corporation)
R3 DptfDevPch; C:\Windows\system32\DRIVERS\DptfDevPch.sys [96064 2012-07-13] (Intel Corporation)
R3 DptfDevProc; C:\Windows\system32\DRIVERS\DptfDevProc.sys [228672 2012-07-13] (Intel Corporation)
R3 DptfManager; C:\Windows\system32\DRIVERS\DptfManager.sys [361792 2012-07-13] (Intel Corporation)
S3 ewusbnet; C:\Windows\system32\DRIVERS\ewusbnet.sys [256000 2013-05-09] (Huawei Technologies Co., Ltd.)
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [150256 2013-10-25] (BitDefender LLC)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( )
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3345376 2013-10-08] (Intel Corporation)
R3 SensorsAlsDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [198656 2012-07-26] (Microsoft Corporation)
R2 trufos; C:\Windows\System32\DRIVERS\trufos.sys [389240 2013-10-25] (BitDefender S.R.L.)
S3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [48096 2012-08-09] (Windows (R) Win 7 DDK provider)
S3 XHCIPort; C:\Windows\System32\drivers\XHCIPort.sys [188384 2012-08-09] (Windows (R) Win 7 DDK provider)
U5 AppMgmt; C:\Windows\system32\svchost.exe [29696 2012-09-20] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
U0 msahci; 

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-02-23 21:29 - 2014-02-23 21:29 - 00001258 _____ () C:\Users\Juga\Desktop\JRT.txt
2014-02-23 21:17 - 2014-02-23 21:17 - 00000000 ____D () C:\Windows\ERUNT
2014-02-23 21:14 - 2014-02-23 21:14 - 00010755 _____ () C:\Users\Juga\Desktop\AdwCleaner[S0].txt
2014-02-23 20:35 - 2014-02-23 20:35 - 00000022 _____ () C:\Windows\S.dirmngr
2014-02-23 20:32 - 2014-02-23 20:34 - 00000000 ____D () C:\AdwCleaner
2014-02-23 20:31 - 2014-02-23 20:32 - 01241834 _____ () C:\Users\Juga\Downloads\adwcleaner(2).exe
2014-02-23 20:31 - 2014-02-23 20:31 - 01241834 _____ () C:\Users\Juga\Downloads\adwcleaner(1).exe
2014-02-23 12:43 - 2014-02-23 12:43 - 01241834 _____ () C:\Users\Juga\Downloads\adwcleaner.exe
2014-02-23 12:43 - 2014-02-23 12:43 - 01037734 _____ (Thisisu) C:\Users\Juga\Downloads\JRT.exe
2014-02-23 12:41 - 2014-02-23 23:55 - 00000000 ____D () C:\Users\Juga\Desktop\FRST-OlderVersion
2014-02-23 12:15 - 2014-02-23 12:16 - 00000000 ____D () C:\Recovery
2014-02-23 12:09 - 2014-02-23 12:10 - 00000712 _____ () C:\Windows\DtcInstall.log
2014-02-23 12:05 - 2014-02-23 12:05 - 00001564 _____ () C:\Windows\comsetup.log
2014-02-23 12:01 - 2014-02-23 12:10 - 00658599 _____ () C:\Windows\setupact.log
2014-02-23 12:01 - 2014-02-23 12:01 - 00000000 _____ () C:\Windows\setuperr.log
2014-02-22 12:22 - 2014-02-22 12:22 - 00033083 _____ () C:\ComboFix.txt
2014-02-22 12:09 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-02-22 12:09 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-02-22 12:09 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-02-22 12:09 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-02-22 12:09 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-02-22 12:09 - 2000-08-31 01:00 - 00212480 _____ (SteelWerX) C:\Windows\SWXCACLS.exe
2014-02-22 12:09 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2014-02-22 12:09 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2014-02-22 12:09 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2014-02-22 12:08 - 2014-02-22 12:22 - 00000000 ____D () C:\Qoobox
2014-02-22 12:08 - 2014-02-22 12:20 - 00000000 ____D () C:\Windows\erdnt
2014-02-22 12:08 - 2014-02-22 12:08 - 05183886 ____R (Swearware) C:\Users\Juga\Downloads\ComboFix.exe
2014-02-21 23:45 - 2014-02-21 23:45 - 00000000 ____D () C:\Users\Juga\Desktop\Alte Firefox-Daten
2014-02-21 23:44 - 2014-02-21 23:44 - 00019926 _____ () C:\Users\Juga\Desktop\Bestätigung Ihrer Zahlung an Rove.design GmbH.eml
2014-02-20 20:51 - 2014-02-20 21:09 - 182401458 _____ () C:\Users\Juga\Desktop\480_633_M5DAr-G182-50lo.mp4
2014-02-20 16:18 - 2014-02-20 16:22 - 00002167 _____ () C:\Users\Public\Desktop\SteuerSparErklärung 2014.lnk
2014-02-20 16:18 - 2014-02-20 16:18 - 00000000 ____D () C:\Users\Juga\AppData\Local\AAV
2014-02-20 16:16 - 2014-02-20 16:19 - 00000000 ____D () C:\Program Files (x86)\Akademische Arbeitsgemeinschaft
2014-02-20 16:14 - 2014-02-20 16:19 - 00000000 ____D () C:\ProgramData\AAV
2014-02-20 14:27 - 2014-02-20 14:28 - 05631168 _____ (IvoSoft) C:\Users\Juga\Downloads\ClassicShellSetup_4_0_4.exe
2014-02-20 09:42 - 2014-02-20 09:42 - 01678496 _____ (Skype Technologies S.A.) C:\Users\Juga\Downloads\SkypeSetup(2).exe
2014-02-20 09:42 - 2014-02-20 09:42 - 00002699 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-02-20 09:42 - 2014-02-20 09:42 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-02-20 09:40 - 2014-02-20 09:41 - 00000000 ____D () C:\Users\Juga\AppData\Roaming\Bitdefender
2014-02-19 23:33 - 2014-02-23 21:28 - 00929328 _____ () C:\Windows\WindowsUpdate.log
2014-02-19 23:19 - 2014-02-22 12:18 - 00037464 _____ () C:\Windows\PFRO.log
2014-02-19 21:24 - 2014-02-19 21:25 - 00000000 ____D () C:\Program Files (x86)\Google
2014-02-19 20:34 - 2014-02-19 20:34 - 00000000 ____D () C:\ProgramData\ClassicShell
2014-02-19 18:21 - 2014-02-19 18:21 - 00299776 _____ () C:\Windows\Minidump\021914-7500-01.dmp
2014-02-19 18:18 - 2014-02-23 23:55 - 00022398 _____ () C:\Users\Juga\Desktop\FRST.txt
2014-02-19 18:18 - 2014-02-19 18:18 - 00000470 _____ () C:\Users\Juga\Desktop\defogger_disable.log
2014-02-19 17:09 - 2014-02-19 17:09 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Juga\Downloads\mbam-consumer.exe
2014-02-19 16:30 - 2014-02-20 09:39 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-19 16:30 - 2014-02-20 09:38 - 00000000 ____D () C:\Users\Juga\AppData\Roaming\Malwarebytes
2014-02-19 16:30 - 2014-02-20 09:38 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-02-19 16:30 - 2014-02-19 16:30 - 00001071 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-02-19 16:30 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-02-19 16:29 - 2014-02-19 16:29 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Juga\Downloads\mbam-setup-1.75.0.1300.exe
2014-02-19 16:19 - 2014-02-19 15:42 - 00029451 _____ () C:\Users\Juga\Desktop\Addition.txt
2014-02-19 16:03 - 2014-02-19 16:03 - 00000470 _____ () C:\Windows\SysWOW64\defogger_disable.log
2014-02-19 15:51 - 2014-02-19 15:51 - 00296784 _____ () C:\Windows\Minidump\021914-7562-01.dmp
2014-02-19 15:44 - 2014-02-19 15:44 - 00299816 _____ () C:\Windows\Minidump\021914-7718-01.dmp
2014-02-19 15:43 - 2014-02-19 15:43 - 00380416 _____ () C:\Users\Juga\Desktop\Gmer-19357.exe
2014-02-19 15:41 - 2014-02-23 23:55 - 00000000 ____D () C:\FRST
2014-02-19 12:49 - 2014-02-23 23:55 - 02155520 _____ (Farbar) C:\Users\Juga\Desktop\FRST64.exe
2014-02-19 12:46 - 2014-02-19 12:46 - 01141248 _____ (Farbar) C:\Users\Juga\Downloads\FRST.exe
2014-02-19 12:46 - 2014-02-19 12:46 - 00000470 _____ () C:\Users\Juga\Downloads\defogger_disable.log
2014-02-19 12:46 - 2014-02-19 12:46 - 00000000 _____ () C:\Users\Juga\defogger_reenable
2014-02-19 12:45 - 2014-02-19 12:45 - 00050477 _____ () C:\Users\Juga\Desktop\Defogger.exe
2014-02-19 12:43 - 2014-02-19 12:43 - 00002640 _____ () C:\Windows\System32\Tasks\Digital Sites
2014-02-19 10:15 - 2014-02-19 19:15 - 00003586 _____ () C:\Windows\System32\Tasks\Bitdefender Auto-Scan
2014-02-18 08:48 - 2014-02-20 09:38 - 00000000 ____D () C:\Users\Juga\AppData\Local\Skype
2014-02-18 08:48 - 2014-02-18 08:48 - 00003142 _____ () C:\Windows\System32\Tasks\{CEEC242F-CB31-4B7C-BA41-759D23FC22A4}
2014-02-18 08:47 - 2014-02-18 08:47 - 01659552 _____ (Skype Technologies S.A.) C:\Users\Juga\Downloads\SkypeSetup(1).exe
2014-02-17 20:40 - 2014-02-17 20:40 - 01816433 _____ () C:\Users\Juga\Downloads\tools_v6.0.8.zip
2014-02-17 20:29 - 2014-02-17 20:29 - 09954793 _____ () C:\Users\Juga\Downloads\Ultimate-DRM-Removal-last.zip
2014-02-17 09:23 - 2014-02-17 09:25 - 88898427 _____ () C:\Users\Juga\Desktop\Tumblr_Video.mp4
2014-02-16 22:29 - 2014-02-22 12:18 - 00323576 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-02-16 22:06 - 2014-02-20 09:39 - 00000000 ____D () C:\Program Files\CCleaner
2014-02-16 22:06 - 2014-02-16 22:06 - 00002770 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-02-16 22:06 - 2014-02-16 22:06 - 00000824 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-02-16 22:05 - 2014-02-16 22:06 - 03645064 _____ (Piriform Ltd) C:\Users\Juga\Downloads\ccsetup410_slim.exe
2014-02-16 17:50 - 2014-02-20 09:39 - 00000000 ____D () C:\Windows\SysWOW64\NV
2014-02-16 17:50 - 2014-02-20 09:39 - 00000000 ____D () C:\Windows\system32\NV
2014-02-16 12:58 - 2014-02-16 12:59 - 54537728 _____ () C:\Users\Juga\Downloads\calibre-1.24.0.msi
2014-02-16 06:31 - 2013-12-07 07:36 - 19751936 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-02-16 06:31 - 2013-12-07 06:15 - 17560576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-02-15 20:17 - 2014-02-15 20:17 - 24490112 _____ (Mozilla) C:\Users\Juga\Downloads\Firefox Setup 27.0.1.exe
2014-02-15 00:23 - 2014-02-15 00:49 - 130171322 _____ () C:\Users\Juga\Desktop\1103195_white_ass_slut_fucked_twice_bare_creamed_huge_black_.flv
2014-02-14 10:11 - 2014-02-20 09:39 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-13 22:28 - 2013-12-05 00:43 - 00583680 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-02-13 22:28 - 2013-12-05 00:37 - 00451072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-02-13 22:04 - 2013-11-01 06:53 - 02232664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-02-13 22:03 - 2014-02-01 10:20 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-13 22:03 - 2014-02-01 10:19 - 02241536 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-13 22:03 - 2014-02-01 10:19 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-13 22:03 - 2014-02-01 10:19 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2014-02-13 22:03 - 2014-02-01 10:19 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2014-02-13 22:03 - 2014-02-01 10:18 - 19274240 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-13 22:03 - 2014-02-01 10:18 - 15403520 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-13 22:03 - 2014-02-01 10:18 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-02-13 22:03 - 2014-02-01 10:18 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-13 22:03 - 2014-02-01 10:18 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-13 22:03 - 2014-02-01 10:18 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-02-13 22:03 - 2014-02-01 10:18 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-13 22:03 - 2014-02-01 10:18 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-13 22:03 - 2014-02-01 10:18 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-13 22:03 - 2014-02-01 08:58 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-13 22:03 - 2014-02-01 08:58 - 01140736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-13 22:03 - 2014-02-01 08:58 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2014-02-13 22:03 - 2014-02-01 08:57 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-13 22:03 - 2014-02-01 08:57 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-13 22:03 - 2014-02-01 08:57 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-13 22:03 - 2014-02-01 08:57 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-02-13 22:03 - 2014-02-01 08:57 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-13 22:03 - 2014-02-01 08:57 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-13 22:03 - 2014-02-01 08:57 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-13 22:03 - 2014-02-01 08:40 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-13 22:03 - 2014-02-01 08:34 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-13 22:03 - 2014-02-01 06:08 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2014-02-13 22:03 - 2013-12-09 01:45 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-02-13 22:03 - 2013-12-09 00:59 - 00600064 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-13 22:03 - 2013-12-05 00:43 - 01845248 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-13 22:03 - 2013-12-05 00:37 - 01419264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-02-13 22:03 - 2013-11-27 01:19 - 00385614 _____ () C:\Windows\system32\ApnDatabase.xml
2014-02-13 22:03 - 2013-11-26 00:17 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2014-02-13 22:02 - 2014-02-01 10:18 - 03960320 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-13 22:02 - 2014-02-01 10:18 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-13 22:02 - 2014-02-01 08:57 - 14359040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-13 22:02 - 2014-02-01 08:57 - 02877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-13 22:02 - 2014-02-01 08:57 - 02049024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-13 22:02 - 2014-02-01 08:57 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-02-13 09:58 - 2014-02-20 09:39 - 00000000 ____D () C:\Users\Juga\AppData\Local\Tempfeb52be43e051bfaf4839a6935e00e42
2014-02-13 09:58 - 2014-02-20 09:39 - 00000000 ____D () C:\Users\Juga\AppData\Local\Temp12e72473eede95c369de200ff0f01ceb
2014-02-13 09:57 - 2014-02-20 09:39 - 00000000 ____D () C:\Users\Juga\AppData\Local\Temp14b5077f6956a3517aafd12a4b0ddc8f
2014-02-13 09:57 - 2014-02-13 09:57 - 00000000 ____D () C:\Users\Juga\Downloads\Steganos-SpurenVernichter
2014-02-13 09:57 - 2014-02-13 09:57 - 00000000 ____D () C:\Users\Juga\ChromeExtensions
2014-02-13 09:57 - 2014-02-13 09:57 - 00000000 ____D () C:\Users\Juga\AppData\Roaming\NVIDIA
2014-02-13 09:56 - 2014-02-13 09:56 - 01059584 _____ () C:\Users\Juga\Downloads\Steganos-SpurenVernichter-Setup.exe
2014-02-13 06:43 - 2014-02-13 06:43 - 00001237 _____ () C:\Users\Juga\Downloads\URLLink(6).acsm
2014-02-12 11:28 - 2014-01-13 00:30 - 02238976 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-02-12 11:28 - 2014-01-13 00:30 - 02032640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-02-12 11:28 - 2013-11-20 01:15 - 03842560 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-02-12 11:28 - 2013-11-20 00:57 - 03288576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-02-08 11:19 - 2014-02-08 11:19 - 00003576 _____ () C:\Users\Juga\Desktop\anschreibenMBWK.tex
2014-02-05 13:45 - 2014-02-20 09:39 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-02-02 12:22 - 2014-02-02 12:22 - 00007374 _____ () C:\Users\Juga\Desktop\Preisinformation zum 1. März 2014.eml
2014-01-26 10:21 - 2013-12-18 21:09 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-01-26 10:21 - 2013-12-18 21:04 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-01-26 10:21 - 2013-12-18 21:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-01-26 10:21 - 2013-12-18 21:03 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-01-26 10:15 - 2014-01-26 10:15 - 00921000 _____ (Oracle Corporation) C:\Users\Juga\Downloads\jxpiinstall.exe

==================== One Month Modified Files and Folders =======

2014-02-23 23:55 - 2014-02-23 12:41 - 00000000 ____D () C:\Users\Juga\Desktop\FRST-OlderVersion
2014-02-23 23:55 - 2014-02-19 18:18 - 00022398 _____ () C:\Users\Juga\Desktop\FRST.txt
2014-02-23 23:55 - 2014-02-19 15:41 - 00000000 ____D () C:\FRST
2014-02-23 23:55 - 2014-02-19 12:49 - 02155520 _____ (Farbar) C:\Users\Juga\Desktop\FRST64.exe
2014-02-23 23:51 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\system32\sru
2014-02-23 21:30 - 2013-05-07 18:30 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3203196741-1805427045-687499267-1002
2014-02-23 21:29 - 2014-02-23 21:29 - 00001258 _____ () C:\Users\Juga\Desktop\JRT.txt
2014-02-23 21:28 - 2014-02-19 23:33 - 00929328 _____ () C:\Windows\WindowsUpdate.log
2014-02-23 21:17 - 2014-02-23 21:17 - 00000000 ____D () C:\Windows\ERUNT
2014-02-23 21:15 - 2014-01-08 10:52 - 00000000 ____D () C:\Users\Juga\AppData\Roaming\ClassicShell
2014-02-23 21:14 - 2014-02-23 21:14 - 00010755 _____ () C:\Users\Juga\Desktop\AdwCleaner[S0].txt
2014-02-23 21:13 - 2013-05-06 18:53 - 00000500 _____ () C:\Users\Juga\AppData\Roaming\sp_data.sys
2014-02-23 20:47 - 2013-05-06 21:41 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-23 20:40 - 2012-08-03 00:02 - 00761598 _____ () C:\Windows\system32\perfh007.dat
2014-02-23 20:40 - 2012-08-03 00:02 - 00159306 _____ () C:\Windows\system32\perfc007.dat
2014-02-23 20:40 - 2012-07-26 08:28 - 01748838 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-23 20:35 - 2014-02-23 20:35 - 00000022 _____ () C:\Windows\S.dirmngr
2014-02-23 20:35 - 2012-07-26 08:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-23 20:35 - 2012-07-26 06:26 - 00524288 ___SH () C:\Windows\system32\config\BBI
2014-02-23 20:34 - 2014-02-23 20:32 - 00000000 ____D () C:\AdwCleaner
2014-02-23 20:32 - 2014-02-23 20:31 - 01241834 _____ () C:\Users\Juga\Downloads\adwcleaner(2).exe
2014-02-23 20:31 - 2014-02-23 20:31 - 01241834 _____ () C:\Users\Juga\Downloads\adwcleaner(1).exe
2014-02-23 12:43 - 2014-02-23 12:43 - 01241834 _____ () C:\Users\Juga\Downloads\adwcleaner.exe
2014-02-23 12:43 - 2014-02-23 12:43 - 01037734 _____ (Thisisu) C:\Users\Juga\Downloads\JRT.exe
2014-02-23 12:17 - 2013-11-14 09:24 - 00000000 ___HD () C:\$Windows.~BT
2014-02-23 12:16 - 2014-02-23 12:15 - 00000000 ____D () C:\Recovery
2014-02-23 12:10 - 2014-02-23 12:09 - 00000712 _____ () C:\Windows\DtcInstall.log
2014-02-23 12:10 - 2014-02-23 12:01 - 00658599 _____ () C:\Windows\setupact.log
2014-02-23 12:10 - 2013-05-06 18:50 - 00066678 _____ () C:\Windows\diagwrn.xml
2014-02-23 12:10 - 2013-05-06 18:50 - 00066678 _____ () C:\Windows\diagerr.xml
2014-02-23 12:10 - 2012-07-26 06:26 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-02-23 12:05 - 2014-02-23 12:05 - 00001564 _____ () C:\Windows\comsetup.log
2014-02-23 12:05 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\registration
2014-02-23 12:04 - 2013-08-18 10:30 - 00008713 _____ () C:\Windows\system32\lvcoinst.log
2014-02-23 12:01 - 2014-02-23 12:01 - 00000000 _____ () C:\Windows\setuperr.log
2014-02-23 11:37 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\AUInstallAgent
2014-02-23 02:00 - 2013-05-09 10:21 - 00000000 ____D () C:\Users\Juga\AppData\Roaming\Skype
2014-02-22 15:34 - 2013-05-09 10:31 - 00000121 _____ () C:\Users\Public\LMDebug.log
2014-02-22 15:31 - 2013-12-29 14:33 - 00000285 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
2014-02-22 15:31 - 2013-05-07 21:13 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-02-22 12:22 - 2014-02-22 12:22 - 00033083 _____ () C:\ComboFix.txt
2014-02-22 12:22 - 2014-02-22 12:08 - 00000000 ____D () C:\Qoobox
2014-02-22 12:22 - 2012-07-26 06:37 - 00000000 __RHD () C:\Users\Default
2014-02-22 12:20 - 2014-02-22 12:08 - 00000000 ____D () C:\Windows\erdnt
2014-02-22 12:19 - 2012-07-26 06:26 - 00000215 _____ () C:\Windows\system.ini
2014-02-22 12:18 - 2014-02-19 23:19 - 00037464 _____ () C:\Windows\PFRO.log
2014-02-22 12:18 - 2014-02-16 22:29 - 00323576 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-02-22 12:16 - 2013-05-11 16:41 - 00000000 ____D () C:\Users\Juga\AppData\Roaming\vlc
2014-02-22 12:08 - 2014-02-22 12:08 - 05183886 ____R (Swearware) C:\Users\Juga\Downloads\ComboFix.exe
2014-02-21 23:45 - 2014-02-21 23:45 - 00000000 ____D () C:\Users\Juga\Desktop\Alte Firefox-Daten
2014-02-21 23:44 - 2014-02-21 23:44 - 00019926 _____ () C:\Users\Juga\Desktop\Bestätigung Ihrer Zahlung an Rove.design GmbH.eml
2014-02-20 21:09 - 2014-02-20 20:51 - 182401458 _____ () C:\Users\Juga\Desktop\480_633_M5DAr-G182-50lo.mp4
2014-02-20 20:39 - 2013-05-08 17:53 - 00000000 ____D () C:\Users\Juga\AppData\Local\Adobe
2014-02-20 20:38 - 2013-05-06 21:41 - 00003772 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-02-20 20:38 - 2012-08-17 01:53 - 00000000 ____D () C:\ProgramData\McAfee
2014-02-20 20:22 - 2013-08-09 17:51 - 00000000 ____D () C:\Program Files (x86)\StarMoney 9.0
2014-02-20 16:22 - 2014-02-20 16:18 - 00002167 _____ () C:\Users\Public\Desktop\SteuerSparErklärung 2014.lnk
2014-02-20 16:19 - 2014-02-20 16:16 - 00000000 ____D () C:\Program Files (x86)\Akademische Arbeitsgemeinschaft
2014-02-20 16:19 - 2014-02-20 16:14 - 00000000 ____D () C:\ProgramData\AAV
2014-02-20 16:18 - 2014-02-20 16:18 - 00000000 ____D () C:\Users\Juga\AppData\Local\AAV
2014-02-20 14:28 - 2014-02-20 14:27 - 05631168 _____ (IvoSoft) C:\Users\Juga\Downloads\ClassicShellSetup_4_0_4.exe
2014-02-20 09:42 - 2014-02-20 09:42 - 01678496 _____ (Skype Technologies S.A.) C:\Users\Juga\Downloads\SkypeSetup(2).exe
2014-02-20 09:42 - 2014-02-20 09:42 - 00002699 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-02-20 09:42 - 2014-02-20 09:42 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-02-20 09:42 - 2013-05-09 10:21 - 00000000 ____D () C:\ProgramData\Skype
2014-02-20 09:41 - 2014-02-20 09:40 - 00000000 ____D () C:\Users\Juga\AppData\Roaming\Bitdefender
2014-02-20 09:41 - 2013-06-30 18:20 - 00000000 ____D () C:\ProgramData\Bitdefender
2014-02-20 09:40 - 2013-10-21 11:38 - 00000000 ____D () C:\Program Files (x86)\PDF Architect
2014-02-20 09:40 - 2013-05-24 05:45 - 00000000 ____D () C:\Windows\Minidump
2014-02-20 09:40 - 2013-05-09 17:55 - 00000000 ____D () C:\ProgramData\DatacardService
2014-02-20 09:40 - 2013-05-06 18:50 - 00000000 ____D () C:\Users\Juga
2014-02-20 09:40 - 2012-07-26 09:12 - 00000000 ____D () C:\Program Files\Windows Portable Devices
2014-02-20 09:39 - 2014-02-19 16:30 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-20 09:39 - 2014-02-16 22:06 - 00000000 ____D () C:\Program Files\CCleaner
2014-02-20 09:39 - 2014-02-16 17:50 - 00000000 ____D () C:\Windows\SysWOW64\NV
2014-02-20 09:39 - 2014-02-16 17:50 - 00000000 ____D () C:\Windows\system32\NV
2014-02-20 09:39 - 2014-02-14 10:11 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-20 09:39 - 2014-02-13 09:58 - 00000000 ____D () C:\Users\Juga\AppData\Local\Tempfeb52be43e051bfaf4839a6935e00e42
2014-02-20 09:39 - 2014-02-13 09:58 - 00000000 ____D () C:\Users\Juga\AppData\Local\Temp12e72473eede95c369de200ff0f01ceb
2014-02-20 09:39 - 2014-02-13 09:57 - 00000000 ____D () C:\Users\Juga\AppData\Local\Temp14b5077f6956a3517aafd12a4b0ddc8f
2014-02-20 09:39 - 2014-02-05 13:45 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-02-20 09:39 - 2014-01-08 10:52 - 00000000 ____D () C:\Program Files\Classic Shell
2014-02-20 09:39 - 2013-11-10 22:27 - 00000000 ____D () C:\Users\Juga\AppData\Roaming\xm1
2014-02-20 09:39 - 2013-11-10 22:12 - 00000000 ____D () C:\Program Files (x86)\Texmaker
2014-02-20 09:39 - 2013-11-02 21:57 - 00000000 ____D () C:\Program Files (x86)\Tor Browser
2014-02-20 09:39 - 2013-10-21 11:46 - 00000000 ____D () C:\Users\Juga\AppData\Roaming\Scan2PDF
2014-02-20 09:39 - 2013-10-21 11:46 - 00000000 ____D () C:\Program Files (x86)\Scan2PDF
2014-02-20 09:39 - 2013-10-20 21:34 - 00000000 ____D () C:\Program Files (x86)\JonDo
2014-02-20 09:39 - 2013-10-04 09:49 - 00000000 ____D () C:\Program Files (x86)\Vidalia Relay Bundle
2014-02-20 09:39 - 2013-09-30 17:11 - 00000000 ____D () C:\totalcmd
2014-02-20 09:39 - 2013-09-29 19:33 - 00000000 ____D () C:\Program Files\WinDjView
2014-02-20 09:39 - 2013-09-28 14:18 - 00000000 ____D () C:\Program Files (x86)\7-Zip
2014-02-20 09:39 - 2013-09-17 22:17 - 00000000 ____D () C:\Program Files (x86)\Audiograbber
2014-02-20 09:39 - 2013-09-14 22:45 - 00000000 ____D () C:\Program Files (x86)\Calibre2
2014-02-20 09:39 - 2013-08-29 00:41 - 00000000 ____D () C:\Program Files (x86)\StreamTransport
2014-02-20 09:39 - 2013-08-27 18:02 - 00000000 ____D () C:\Program Files (x86)\FLV Player
2014-02-20 09:39 - 2013-05-16 23:12 - 00000000 ____D () C:\Program Files (x86)\PDFCreator
2014-02-20 09:39 - 2013-05-09 17:55 - 00000000 ____D () C:\Program Files (x86)\Mobile Partner
2014-02-20 09:39 - 2013-05-07 21:28 - 00000000 ____D () C:\Program Files (x86)\Microsoft Works
2014-02-20 09:39 - 2013-05-07 21:13 - 00000000 ____D () C:\Users\Juga\AppData\Local\Microsoft Help
2014-02-20 09:39 - 2013-05-06 18:55 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-20 09:39 - 2013-05-06 18:52 - 00000000 ___RD () C:\Users\Juga\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-02-20 09:39 - 2012-11-15 19:47 - 00000000 ____D () C:\ProgramData\P4G
2014-02-20 09:39 - 2012-11-15 19:39 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-02-20 09:39 - 2012-11-15 19:39 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-02-20 09:39 - 2012-08-02 14:28 - 00000000 ____D () C:\Users\Administrator
2014-02-20 09:39 - 2012-07-26 09:12 - 00000000 ___RD () C:\Windows\ToastData
2014-02-20 09:39 - 2012-07-26 09:12 - 00000000 ___RD () C:\Windows\ImmersiveControlPanel
2014-02-20 09:39 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\WinStore
2014-02-20 09:39 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\SysWOW64\MSDRM
2014-02-20 09:39 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\system32\MSDRM
2014-02-20 09:39 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\rescache
2014-02-20 09:39 - 2012-07-26 09:12 - 00000000 ____D () C:\Program Files\Windows Defender
2014-02-20 09:39 - 2012-07-26 06:37 - 00000000 ____D () C:\Windows\servicing
2014-02-20 09:38 - 2014-02-19 16:30 - 00000000 ____D () C:\Users\Juga\AppData\Roaming\Malwarebytes
2014-02-20 09:38 - 2014-02-19 16:30 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-02-20 09:38 - 2014-02-18 08:48 - 00000000 ____D () C:\Users\Juga\AppData\Local\Skype
2014-02-20 09:38 - 2013-11-02 21:16 - 00000000 ____D () C:\ProgramData\Package Cache
2014-02-20 09:38 - 2013-10-03 12:01 - 00000000 ____D () C:\Users\Juga\AppData\Local\Google
2014-02-20 09:38 - 2013-05-08 06:19 - 00000000 ____D () C:\Program Files\Bitdefender
2014-02-20 09:38 - 2013-05-08 06:15 - 00000000 ____D () C:\Program Files\Common Files\Bitdefender
2014-02-20 09:38 - 2013-05-06 18:50 - 00000000 ____D () C:\Users\Juga\AppData\Local\ASUS
2014-02-20 09:38 - 2013-04-02 14:25 - 00000000 ____D () C:\Users\Juga\AppData\Local\Packages
2014-02-20 09:38 - 2012-11-15 19:43 - 00000000 ____D () C:\Program Files\DIFX
2014-02-20 09:38 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\Help
2014-02-20 09:38 - 2012-07-26 09:12 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-02-20 09:38 - 2012-07-26 06:38 - 00000000 ____D () C:\Windows\system32\Sysprep
2014-02-20 09:37 - 2013-05-10 20:39 - 00000000 ____D () C:\Program Files (x86)\Java
2014-02-20 09:37 - 2012-11-15 19:39 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-02-20 09:37 - 2012-11-15 19:35 - 00000000 ____D () C:\Program Files (x86)\Intel
2014-02-20 09:36 - 2014-01-03 16:19 - 00000000 ____D () C:\Users\Juga\Desktop\pics
2014-02-20 09:23 - 2013-05-08 06:20 - 00000000 ____D () C:\Users\Juga\AppData\Roaming\QuickScan
2014-02-20 09:14 - 2012-11-15 19:35 - 00000000 ____D () C:\Intel
2014-02-19 23:36 - 2013-05-08 06:24 - 00000000 ____D () C:\ProgramData\BDLogging
2014-02-19 21:25 - 2014-02-19 21:24 - 00000000 ____D () C:\Program Files (x86)\Google
2014-02-19 20:34 - 2014-02-19 20:34 - 00000000 ____D () C:\ProgramData\ClassicShell
2014-02-19 19:15 - 2014-02-19 10:15 - 00003586 _____ () C:\Windows\System32\Tasks\Bitdefender Auto-Scan
2014-02-19 18:21 - 2014-02-19 18:21 - 00299776 _____ () C:\Windows\Minidump\021914-7500-01.dmp
2014-02-19 18:18 - 2014-02-19 18:18 - 00000470 _____ () C:\Users\Juga\Desktop\defogger_disable.log
2014-02-19 17:09 - 2014-02-19 17:09 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Juga\Downloads\mbam-consumer.exe
2014-02-19 16:30 - 2014-02-19 16:30 - 00001071 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-02-19 16:29 - 2014-02-19 16:29 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Juga\Downloads\mbam-setup-1.75.0.1300.exe
2014-02-19 16:03 - 2014-02-19 16:03 - 00000470 _____ () C:\Windows\SysWOW64\defogger_disable.log
2014-02-19 15:51 - 2014-02-19 15:51 - 00296784 _____ () C:\Windows\Minidump\021914-7562-01.dmp
2014-02-19 15:44 - 2014-02-19 15:44 - 00299816 _____ () C:\Windows\Minidump\021914-7718-01.dmp
2014-02-19 15:43 - 2014-02-19 15:43 - 00380416 _____ () C:\Users\Juga\Desktop\Gmer-19357.exe
2014-02-19 15:42 - 2014-02-19 16:19 - 00029451 _____ () C:\Users\Juga\Desktop\Addition.txt
2014-02-19 12:46 - 2014-02-19 12:46 - 01141248 _____ (Farbar) C:\Users\Juga\Downloads\FRST.exe
2014-02-19 12:46 - 2014-02-19 12:46 - 00000470 _____ () C:\Users\Juga\Downloads\defogger_disable.log
2014-02-19 12:46 - 2014-02-19 12:46 - 00000000 _____ () C:\Users\Juga\defogger_reenable
2014-02-19 12:45 - 2014-02-19 12:45 - 00050477 _____ () C:\Users\Juga\Desktop\Defogger.exe
2014-02-19 12:43 - 2014-02-19 12:43 - 00002640 _____ () C:\Windows\System32\Tasks\Digital Sites
2014-02-19 12:43 - 2013-07-26 23:49 - 00000101 _____ () C:\Users\Juga\AppData\Roaming\WB.CFG
2014-02-19 12:06 - 2013-06-30 21:58 - 524288512 _____ () C:\Users\Juga\Desktop\Datentresor - Ruppert.bvd
2014-02-18 08:48 - 2014-02-18 08:48 - 00003142 _____ () C:\Windows\System32\Tasks\{CEEC242F-CB31-4B7C-BA41-759D23FC22A4}
2014-02-18 08:47 - 2014-02-18 08:47 - 01659552 _____ (Skype Technologies S.A.) C:\Users\Juga\Downloads\SkypeSetup(1).exe
2014-02-17 23:03 - 2012-07-26 09:14 - 00694240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-17 23:03 - 2012-07-26 09:14 - 00078304 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-17 20:42 - 2013-09-14 22:45 - 00000000 ____D () C:\Users\Juga\Documents\Calibre-Bibliothek
2014-02-17 20:40 - 2014-02-17 20:40 - 01816433 _____ () C:\Users\Juga\Downloads\tools_v6.0.8.zip
2014-02-17 20:29 - 2014-02-17 20:29 - 09954793 _____ () C:\Users\Juga\Downloads\Ultimate-DRM-Removal-last.zip
2014-02-17 09:25 - 2014-02-17 09:23 - 88898427 _____ () C:\Users\Juga\Desktop\Tumblr_Video.mp4
2014-02-16 22:20 - 2013-05-06 18:51 - 00000000 ____D () C:\Users\Juga\AppData\Local\VirtualStore
2014-02-16 22:08 - 2012-08-02 23:24 - 00000000 ____D () C:\Windows\Panther
2014-02-16 22:06 - 2014-02-16 22:06 - 00002770 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-02-16 22:06 - 2014-02-16 22:06 - 00000824 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-02-16 22:06 - 2014-02-16 22:05 - 03645064 _____ (Piriform Ltd) C:\Users\Juga\Downloads\ccsetup410_slim.exe
2014-02-16 12:59 - 2014-02-16 12:58 - 54537728 _____ () C:\Users\Juga\Downloads\calibre-1.24.0.msi
2014-02-16 07:33 - 2013-06-22 06:43 - 00000000 ____D () C:\Users\Juga\AppData\Roaming\gnupg
2014-02-15 20:19 - 2013-11-02 21:49 - 00001109 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-02-15 20:17 - 2014-02-15 20:17 - 24490112 _____ (Mozilla) C:\Users\Juga\Downloads\Firefox Setup 27.0.1.exe
2014-02-15 15:28 - 2013-07-11 10:30 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-15 15:27 - 2013-05-06 19:57 - 88567024 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-02-15 00:49 - 2014-02-15 00:23 - 130171322 _____ () C:\Users\Juga\Desktop\1103195_white_ass_slut_fucked_twice_bare_creamed_huge_black_.flv
2014-02-14 19:21 - 2012-07-26 06:26 - 00262144 ___SH () C:\Windows\system32\config\BBI(1020)
2014-02-13 09:57 - 2014-02-13 09:57 - 00000000 ____D () C:\Users\Juga\Downloads\Steganos-SpurenVernichter
2014-02-13 09:57 - 2014-02-13 09:57 - 00000000 ____D () C:\Users\Juga\ChromeExtensions
2014-02-13 09:57 - 2014-02-13 09:57 - 00000000 ____D () C:\Users\Juga\AppData\Roaming\NVIDIA
2014-02-13 09:56 - 2014-02-13 09:56 - 01059584 _____ () C:\Users\Juga\Downloads\Steganos-SpurenVernichter-Setup.exe
2014-02-13 06:43 - 2014-02-13 06:43 - 00001237 _____ () C:\Users\Juga\Downloads\URLLink(6).acsm
2014-02-09 15:20 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\system32\NDF
2014-02-08 11:19 - 2014-02-08 11:19 - 00003576 _____ () C:\Users\Juga\Desktop\anschreibenMBWK.tex
2014-02-02 12:22 - 2014-02-02 12:22 - 00007374 _____ () C:\Users\Juga\Desktop\Preisinformation zum 1. März 2014.eml
2014-02-01 10:20 - 2014-02-13 22:03 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-01 10:19 - 2014-02-13 22:03 - 02241536 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-01 10:19 - 2014-02-13 22:03 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-01 10:19 - 2014-02-13 22:03 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2014-02-01 10:19 - 2014-02-13 22:03 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2014-02-01 10:18 - 2014-02-13 22:03 - 19274240 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-01 10:18 - 2014-02-13 22:03 - 15403520 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-01 10:18 - 2014-02-13 22:03 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-02-01 10:18 - 2014-02-13 22:03 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-01 10:18 - 2014-02-13 22:03 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-01 10:18 - 2014-02-13 22:03 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-02-01 10:18 - 2014-02-13 22:03 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-01 10:18 - 2014-02-13 22:03 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-01 10:18 - 2014-02-13 22:03 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-01 10:18 - 2014-02-13 22:02 - 03960320 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-01 10:18 - 2014-02-13 22:02 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-01 08:58 - 2014-02-13 22:03 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-01 08:58 - 2014-02-13 22:03 - 01140736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-01 08:58 - 2014-02-13 22:03 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2014-02-01 08:57 - 2014-02-13 22:03 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-01 08:57 - 2014-02-13 22:03 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-01 08:57 - 2014-02-13 22:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-01 08:57 - 2014-02-13 22:03 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-02-01 08:57 - 2014-02-13 22:03 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-01 08:57 - 2014-02-13 22:03 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-01 08:57 - 2014-02-13 22:03 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-01 08:57 - 2014-02-13 22:02 - 14359040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-01 08:57 - 2014-02-13 22:02 - 02877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-01 08:57 - 2014-02-13 22:02 - 02049024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-01 08:57 - 2014-02-13 22:02 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-02-01 08:40 - 2014-02-13 22:03 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-01 08:34 - 2014-02-13 22:03 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-01 06:08 - 2014-02-13 22:03 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2014-01-26 10:21 - 2013-11-02 21:48 - 00000000 ____D () C:\ProgramData\Oracle
2014-01-26 10:15 - 2014-01-26 10:15 - 00921000 _____ (Oracle Corporation) C:\Users\Juga\Downloads\jxpiinstall.exe

Files to move or delete:
====================
C:\Users\Juga\AppData\Roaming\Camdata.ini
C:\Users\Juga\AppData\Roaming\CamLayout.ini
C:\Users\Juga\AppData\Roaming\CamShapes.ini
C:\Users\Juga\AppData\Roaming\CamStudio.Producer.Data.ini


Some content of TEMP:
====================
C:\Users\Juga\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-02-17 09:01

==================== End Of Log ============================

--- --- ---

--- --- ---

schrauber · 24.02.2014, 18:42

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Downloade Dir bitte

SecurityCheck und:

Speichere es auf dem Desktop.
Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.

Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?

jugajuga · 25.02.2014, 19:31

ESET - ist ganz lange gelaufen

log.txt

Code:

ATTFilter

ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=b4cd9c0265590f40944309abbe904af6
# engine=17208
# end=finished
# remove_checked=false
# archives_checked=false
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-02-25 01:24:10
# local_time=2014-02-25 02:24:10 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.2.9200 NT 
# compatibility_mode=5893 16776574 100 94 449061 52840761 0 0
# scanned=359835
# found=0
# cleaned=0
# scan_time=54564

Anderer Log folgt

SecurityCheck

Code:

ATTFilter

 Results of screen317's Security Check version 0.99.79  
   x64 (UAC is enabled)  
 Internet Explorer 10 Out of date! 
``````````````Antivirus/Firewall Check:`````````````` 
Windows Defender          
Bitdefender Virenschutz   
 Antivirus up to date!  (On Access scanning disabled!) 
`````````Anti-malware/Other Utilities Check:````````` 
 Malwarebytes Anti-Malware Version 1.75.0.1300  
 Java 7 Update 51  
 Adobe Flash Player 	12.0.0.70  
 Adobe Reader XI  
 Mozilla Firefox (27.0.1) 
 Mozilla Thunderbird (24.3.0) 
 Google Chrome 32.0.1700.107  
````````Process Check: objlist.exe by Laurent````````  
 Malwarebytes Anti-Malware mbamservice.exe  
 Malwarebytes Anti-Malware mbamgui.exe  
 Malwarebytes' Anti-Malware mbamscheduler.exe   
 Bitdefender Bitdefender 2013 vsserv.exe  
 Bitdefender Bitdefender SafeBox safeboxservice.exe  
 Bitdefender Bitdefender 2013 bdagent.exe  
 Mobile Partner OnlineUpdate ouc.exe  
 StarMoney 9.0 ouservice StarMoneyOnlineUpdate.exe  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  % 
````````````````````End of Log``````````````````````

schrauber · 26.02.2014, 14:34

FRST und die Antwort auf meine Frage fehlt noch

jugajuga · 26.02.2014, 23:29

Hallo, sorry, hatte das FRST File vergessen.

Die letzten paar Stunden ist der Fehler nicht mehr aufgetreten. Ich hoffe, es bleibt so.

Herzlichen Dank!

Woran lag es? Kann ich etwas tun, um soetwas in Zukunft zu verhindern?

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 23-02-2014 02
Ran by Juga (administrator) on LAPTOP on 26-02-2014 18:42:33
Running from C:\Users\Juga\Desktop
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2013\vsserv.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
() C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe
(REINER SCT) C:\Windows\SysWOW64\cjpcsc.exe
() C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe
(Microsoft Corporation) C:\Windows\system32\dashost.exe
() C:\Windows\system32\DptfParticipantProcessorService.exe
() C:\Windows\system32\DptfPolicyConfigTDPService.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
() C:\ProgramData\DatacardService\HWDeviceService64.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
() C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\HelperService.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Star Finanz-Software Entwicklung und Vertriebs GmbH) C:\Program Files (x86)\StarMoney 9.0\ouservice\StarMoneyOnlineUpdate.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnCfg.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1114.318_x64__8wekyb3d8bbwe\LiveComm.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2013\bdagent.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Sony Corporation) C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ReaderAppHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13192848 2012-08-30] (Realtek Semiconductor)
HKLM\...\Run: [ASUSQuickGesture(x86)] - C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe [20352 2012-09-11] (ASUSTeK Computer Inc.)
HKLM\...\Run: [ASUSTPLoader(x64)] - C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe [169856 2012-09-11] (AsusTek)
HKLM\...\Run: [ASUSQuickGesture(x64)] - C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe [22400 2012-09-11] (ASUSTeK Computer Inc.)
HKLM\...\Run: [DptfPolicyLpmServiceHelper] - C:\Windows\system32\DptfPolicyLpmServiceHelper.exe [21888 2012-07-30] ()
HKLM\...\Run: [ACMON] - C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [107192 2012-08-24] (ASUS)
HKLM\...\Run: [Bdagent] - C:\Program Files\Bitdefender\Bitdefender 2013\bdagent.exe [1575192 2013-10-25] (Bitdefender)
HKLM\...\Run: [BTMTrayAgent] - C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll [7818040 2013-09-19] (Motorola Solutions, Inc.)
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [285240 2012-09-01] (Intel Corporation)
HKLM-x32\...\Run: [ASUSWebStorage] - C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\AsusWSPanel.exe [3417984 2012-08-28] (ASUS Cloud Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Reader Application Helper] - C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ReaderAppHelper.exe [899400 2013-11-27] (Sony Corporation)
HKLM-x32\...\Run: [BingDesktop] - C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe [2258056 2013-09-22] (Microsoft Corp.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [] - [X]
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [168616 2013-12-10] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [141336 2013-12-10] (NVIDIA Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&amp;form=IE10TR&amp;src=IE10TR&amp;pc=ASU2JS
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&amp;form=IE10TR&amp;src=IE10TR&amp;pc=ASU2JS
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: ASUS Browser Extension x64 - {78234974-0C4B-4111-BDEB-D9A104418772} - C:\Program Files (x86)\ASUS\ASUS Smart Gesture\install\x64\BrowserExtension64.dll (ASUSTeK Computer Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_64.dll (IvoSoft)
BHO-x32: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GmbH)
BHO-x32: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: ASUS Browser Extension x86 - {78234974-0C4B-4111-BDEB-D9A104418771} - C:\Program Files (x86)\ASUS\ASUS Smart Gesture\install\x86\BrowserExtension.dll (ASUSTeK Computer Inc.)
BHO-x32: ividi Helper Object - {8B8B2E80-1444-451D-AC8E-EB9A847F3887} - C:\Program Files (x86)\Unitech LLC\ividi\1.8.23.0\bh\ividi.dll No File
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.43.1
Tcpip\..\Interfaces\{AEFBB86E-3140-48A0-A253-9D902613CC85}: [NameServer]139.7.30.126 139.7.30.125

FireFox:
========
FF ProfilePath: C:\Users\Juga\AppData\Roaming\Mozilla\Firefox\Profiles\l24us74s.default-1393022713616
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_70.dll ()
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll ()
FF Plugin-x32: @ei.FromDocToPDF_65.com/Plugin - C:\Program Files (x86)\FromDocToPDF_65EI\Installr\1.bin\NP65EISB.dll (FromDocToPDF)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @sony.com/ReaderDesktop - C:\Program Files (x86)\Sony\ReaderDesktop\npreaderdetectmoz.dll (Sony Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2013\bdtbext
FF Extension: No Name - C:\Program Files\Bitdefender\Bitdefender 2013\bdtbext [2013-06-30]
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2013-10-21]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2013\bdtbext
FF Extension: No Name - C:\Program Files\Bitdefender\Bitdefender 2013\bdtbext [2013-06-30]

Chrome: 
=======
CHR Extension: (Google Docs) - C:\Users\Juga\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-02-19]
CHR Extension: (Google Drive) - C:\Users\Juga\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-02-19]
CHR Extension: (YouTube) - C:\Users\Juga\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-02-19]
CHR Extension: (Google-Suche) - C:\Users\Juga\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-02-19]
CHR Extension: (Softonic Chrome Toolbar) - C:\Users\Juga\AppData\Local\Google\Chrome\User Data\Default\Extensions\elchiiiejkobdbblfejjkbphbddgmljf [2013-10-21]
CHR Extension: (Delta Toolbar) - C:\Users\Juga\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde [2014-02-19]
CHR Extension: (Amazon-Icon) - C:\Users\Juga\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkcedibhemacmilmkpndpkoidlnmgngg [2014-02-19]
CHR Extension: (Google Wallet) - C:\Users\Juga\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-19]
CHR Extension: (Google Mail) - C:\Users\Juga\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-02-19]
CHR HKLM-x32\...\Chrome\Extension: [mkcedibhemacmilmkpndpkoidlnmgngg] - C:\Users\Juga\ChromeExtensions\mkcedibhemacmilmkpndpkoidlnmgngg\amazon.crx [2014-02-13]

==================== Services (Whitelisted) =================

R2 AAV UpdateService; C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe [128296 2008-10-24] ()
R2 ASUS InstantOn; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [277120 2012-04-13] (ASUS)
S4 BdDesktopParental; C:\Program Files\Bitdefender\Bitdefender 2013\bdparentalservice.exe [69392 2013-10-25] (Bitdefender)
R2 BingDesktopUpdate; C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [173192 2013-09-22] (Microsoft Corp.)
R2 cjpcsc; C:\Windows\SysWOW64\cjpcsc.exe [515632 2013-05-21] (REINER SCT)
R2 DirMngr; C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe [218112 2013-05-28] ()
R2 DptfParticipantProcessorService; C:\Windows\system32\DptfParticipantProcessorService.exe [29056 2012-07-30] ()
R2 DptfPolicyConfigTDPService; C:\Windows\system32\DptfPolicyConfigTDPService.exe [30592 2012-07-30] ()
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [339456 2010-11-16] ()
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
R2 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [157128 2013-09-18] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S2 Mobile Partner. RunOuc; c:\program files (x86)\mobile partner\updatedog\ouc.exe [218624 2013-05-09] ()
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-08-28] ()
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
S2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
R2 SafeBox; C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe [95184 2012-06-25] (Bitdefender)
R2 StarMoney 9.0 OnlineUpdate; C:\Program Files (x86)\StarMoney 9.0\ouservice\StarMoneyOnlineUpdate.exe [663184 2014-01-27] (Star Finanz-Software Entwicklung und Vertriebs GmbH)
S2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2013\updatesrv.exe [67320 2013-10-25] (Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2013\vsserv.exe [1645256 2013-10-25] (Bitdefender)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-02] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3378416 2013-08-28] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [56704 2012-09-11] (ASUS Corporation)
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [727592 2013-10-25] (BitDefender)
R3 avchv; C:\Windows\system32\DRIVERS\avchv.sys [261056 2012-11-02] (BitDefender)
S3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [601360 2013-10-25] (BitDefender)
S0 bdelam; C:\Windows\System32\drivers\bdelam.sys [23456 2012-07-11] (Bitdefender)
R1 BdfNdisf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfndisf6.sys [98768 2013-10-25] (BitDefender LLC)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [107008 2013-10-25] (BitDefender LLC)
S3 BDSandBox; C:\Windows\system32\drivers\bdsandbox.sys [82824 2013-10-25] (BitDefender SRL)
R1 BDVEDISK; C:\Windows\system32\DRIVERS\bdvedisk.sys [79192 2013-10-25] (BitDefender)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [140600 2013-07-22] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1390904 2013-09-05] (Motorola Solutions, Inc.)
S3 cjusb; C:\Windows\system32\DRIVERS\cjusb.sys [35192 2012-09-04] (REINER SCT)
R3 DptfDevDram; C:\Windows\system32\DRIVERS\DptfDevDram.sys [107328 2012-07-13] (Intel Corporation)
R3 DptfDevFan; C:\Windows\system32\DRIVERS\DptfDevFan.sys [42816 2012-07-13] (Intel Corporation)
R3 DptfDevGen; C:\Windows\system32\DRIVERS\DptfDevGen.sys [64832 2012-07-13] (Intel Corporation)
R3 DptfDevPch; C:\Windows\system32\DRIVERS\DptfDevPch.sys [96064 2012-07-13] (Intel Corporation)
R3 DptfDevProc; C:\Windows\system32\DRIVERS\DptfDevProc.sys [228672 2012-07-13] (Intel Corporation)
R3 DptfManager; C:\Windows\system32\DRIVERS\DptfManager.sys [361792 2012-07-13] (Intel Corporation)
S3 ewusbnet; C:\Windows\system32\DRIVERS\ewusbnet.sys [256000 2013-05-09] (Huawei Technologies Co., Ltd.)
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [150256 2013-10-25] (BitDefender LLC)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( )
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3345376 2013-10-08] (Intel Corporation)
R3 SensorsAlsDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [198656 2012-07-26] (Microsoft Corporation)
R2 trufos; C:\Windows\System32\DRIVERS\trufos.sys [389240 2013-10-25] (BitDefender S.R.L.)
S3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [48096 2012-08-09] (Windows (R) Win 7 DDK provider)
S3 XHCIPort; C:\Windows\System32\drivers\XHCIPort.sys [188384 2012-08-09] (Windows (R) Win 7 DDK provider)
U5 AppMgmt; C:\Windows\system32\svchost.exe [29696 2012-09-20] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
U0 msahci; 

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-02-26 18:42 - 2014-02-26 18:42 - 00022644 _____ () C:\Users\Juga\Desktop\FRST.txt
2014-02-26 13:59 - 2014-02-26 14:06 - 00001244 _____ () C:\Users\Juga\Desktop\Bahnfahrt-Beschwerde.txt
2014-02-24 23:07 - 2014-02-24 23:07 - 02347384 _____ (ESET) C:\Users\Juga\Downloads\esetsmartinstaller_enu.exe
2014-02-24 23:07 - 2014-02-24 23:07 - 00987425 _____ () C:\Users\Juga\Downloads\SecurityCheck.exe
2014-02-23 21:17 - 2014-02-23 21:17 - 00000000 ____D () C:\Windows\ERUNT
2014-02-23 20:35 - 2014-02-23 20:35 - 00000022 _____ () C:\Windows\S.dirmngr
2014-02-23 20:32 - 2014-02-23 20:34 - 00000000 ____D () C:\AdwCleaner
2014-02-23 20:31 - 2014-02-23 20:32 - 01241834 _____ () C:\Users\Juga\Downloads\adwcleaner(2).exe
2014-02-23 20:31 - 2014-02-23 20:31 - 01241834 _____ () C:\Users\Juga\Downloads\adwcleaner(1).exe
2014-02-23 12:43 - 2014-02-23 12:43 - 01241834 _____ () C:\Users\Juga\Downloads\adwcleaner.exe
2014-02-23 12:43 - 2014-02-23 12:43 - 01037734 _____ (Thisisu) C:\Users\Juga\Downloads\JRT.exe
2014-02-23 12:41 - 2014-02-23 23:55 - 00000000 ____D () C:\Users\Juga\Desktop\FRST-OlderVersion
2014-02-23 12:15 - 2014-02-23 12:16 - 00000000 ____D () C:\Recovery
2014-02-23 12:09 - 2014-02-23 12:10 - 00000712 _____ () C:\Windows\DtcInstall.log
2014-02-23 12:05 - 2014-02-23 12:05 - 00001564 _____ () C:\Windows\comsetup.log
2014-02-23 12:01 - 2014-02-23 12:10 - 00658599 _____ () C:\Windows\setupact.log
2014-02-23 12:01 - 2014-02-23 12:01 - 00000000 _____ () C:\Windows\setuperr.log
2014-02-22 12:22 - 2014-02-22 12:22 - 00033083 _____ () C:\ComboFix.txt
2014-02-22 12:09 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-02-22 12:09 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-02-22 12:09 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-02-22 12:09 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-02-22 12:09 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-02-22 12:09 - 2000-08-31 01:00 - 00212480 _____ (SteelWerX) C:\Windows\SWXCACLS.exe
2014-02-22 12:09 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2014-02-22 12:09 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2014-02-22 12:09 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2014-02-22 12:08 - 2014-02-22 12:22 - 00000000 ____D () C:\Qoobox
2014-02-22 12:08 - 2014-02-22 12:20 - 00000000 ____D () C:\Windows\erdnt
2014-02-22 12:08 - 2014-02-22 12:08 - 05183886 ____R (Swearware) C:\Users\Juga\Downloads\ComboFix.exe
2014-02-21 23:45 - 2014-02-21 23:45 - 00000000 ____D () C:\Users\Juga\Desktop\Alte Firefox-Daten
2014-02-21 23:44 - 2014-02-21 23:44 - 00019926 _____ () C:\Users\Juga\Desktop\Bestätigung Ihrer Zahlung an Rove.design GmbH.eml
2014-02-20 20:51 - 2014-02-20 21:09 - 182401458 _____ () C:\Users\Juga\Desktop\480_633_M5DAr-G182-50lo.mp4
2014-02-20 16:18 - 2014-02-20 16:22 - 00002167 _____ () C:\Users\Public\Desktop\SteuerSparErklärung 2014.lnk
2014-02-20 16:18 - 2014-02-20 16:18 - 00000000 ____D () C:\Users\Juga\AppData\Local\AAV
2014-02-20 16:16 - 2014-02-20 16:19 - 00000000 ____D () C:\Program Files (x86)\Akademische Arbeitsgemeinschaft
2014-02-20 16:14 - 2014-02-20 16:19 - 00000000 ____D () C:\ProgramData\AAV
2014-02-20 14:27 - 2014-02-20 14:28 - 05631168 _____ (IvoSoft) C:\Users\Juga\Downloads\ClassicShellSetup_4_0_4.exe
2014-02-20 09:42 - 2014-02-20 09:42 - 01678496 _____ (Skype Technologies S.A.) C:\Users\Juga\Downloads\SkypeSetup(2).exe
2014-02-20 09:42 - 2014-02-20 09:42 - 00002699 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-02-20 09:42 - 2014-02-20 09:42 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-02-20 09:40 - 2014-02-20 09:41 - 00000000 ____D () C:\Users\Juga\AppData\Roaming\Bitdefender
2014-02-19 23:33 - 2014-02-26 17:42 - 01073319 _____ () C:\Windows\WindowsUpdate.log
2014-02-19 23:19 - 2014-02-22 12:18 - 00037464 _____ () C:\Windows\PFRO.log
2014-02-19 21:24 - 2014-02-19 21:25 - 00000000 ____D () C:\Program Files (x86)\Google
2014-02-19 20:34 - 2014-02-19 20:34 - 00000000 ____D () C:\ProgramData\ClassicShell
2014-02-19 18:21 - 2014-02-19 18:21 - 00299776 _____ () C:\Windows\Minidump\021914-7500-01.dmp
2014-02-19 18:18 - 2014-02-19 18:18 - 00000470 _____ () C:\Users\Juga\Desktop\defogger_disable.log
2014-02-19 17:09 - 2014-02-19 17:09 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Juga\Downloads\mbam-consumer.exe
2014-02-19 16:30 - 2014-02-20 09:39 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-19 16:30 - 2014-02-20 09:38 - 00000000 ____D () C:\Users\Juga\AppData\Roaming\Malwarebytes
2014-02-19 16:30 - 2014-02-20 09:38 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-02-19 16:30 - 2014-02-19 16:30 - 00001071 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-02-19 16:30 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-02-19 16:29 - 2014-02-19 16:29 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Juga\Downloads\mbam-setup-1.75.0.1300.exe
2014-02-19 16:19 - 2014-02-19 15:42 - 00029451 _____ () C:\Users\Juga\Desktop\Addition.txt
2014-02-19 16:03 - 2014-02-19 16:03 - 00000470 _____ () C:\Windows\SysWOW64\defogger_disable.log
2014-02-19 15:51 - 2014-02-19 15:51 - 00296784 _____ () C:\Windows\Minidump\021914-7562-01.dmp
2014-02-19 15:44 - 2014-02-19 15:44 - 00299816 _____ () C:\Windows\Minidump\021914-7718-01.dmp
2014-02-19 15:43 - 2014-02-19 15:43 - 00380416 _____ () C:\Users\Juga\Desktop\Gmer-19357.exe
2014-02-19 15:41 - 2014-02-23 23:56 - 00000000 ____D () C:\FRST
2014-02-19 12:49 - 2014-02-23 23:55 - 02155520 _____ (Farbar) C:\Users\Juga\Desktop\FRST64.exe
2014-02-19 12:46 - 2014-02-19 12:46 - 01141248 _____ (Farbar) C:\Users\Juga\Downloads\FRST.exe
2014-02-19 12:46 - 2014-02-19 12:46 - 00000470 _____ () C:\Users\Juga\Downloads\defogger_disable.log
2014-02-19 12:46 - 2014-02-19 12:46 - 00000000 _____ () C:\Users\Juga\defogger_reenable
2014-02-19 12:45 - 2014-02-19 12:45 - 00050477 _____ () C:\Users\Juga\Desktop\Defogger.exe
2014-02-19 12:43 - 2014-02-19 12:43 - 00002640 _____ () C:\Windows\System32\Tasks\Digital Sites
2014-02-19 10:15 - 2014-02-19 19:15 - 00003586 _____ () C:\Windows\System32\Tasks\Bitdefender Auto-Scan
2014-02-18 08:48 - 2014-02-20 09:38 - 00000000 ____D () C:\Users\Juga\AppData\Local\Skype
2014-02-18 08:48 - 2014-02-18 08:48 - 00003142 _____ () C:\Windows\System32\Tasks\{CEEC242F-CB31-4B7C-BA41-759D23FC22A4}
2014-02-18 08:47 - 2014-02-18 08:47 - 01659552 _____ (Skype Technologies S.A.) C:\Users\Juga\Downloads\SkypeSetup(1).exe
2014-02-17 20:40 - 2014-02-17 20:40 - 01816433 _____ () C:\Users\Juga\Downloads\tools_v6.0.8.zip
2014-02-17 20:29 - 2014-02-17 20:29 - 09954793 _____ () C:\Users\Juga\Downloads\Ultimate-DRM-Removal-last.zip
2014-02-17 09:23 - 2014-02-17 09:25 - 88898427 _____ () C:\Users\Juga\Desktop\Tumblr_Video.mp4
2014-02-16 22:29 - 2014-02-22 12:18 - 00323576 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-02-16 22:06 - 2014-02-20 09:39 - 00000000 ____D () C:\Program Files\CCleaner
2014-02-16 22:06 - 2014-02-16 22:06 - 00002770 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-02-16 22:06 - 2014-02-16 22:06 - 00000824 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-02-16 22:05 - 2014-02-16 22:06 - 03645064 _____ (Piriform Ltd) C:\Users\Juga\Downloads\ccsetup410_slim.exe
2014-02-16 17:50 - 2014-02-20 09:39 - 00000000 ____D () C:\Windows\SysWOW64\NV
2014-02-16 17:50 - 2014-02-20 09:39 - 00000000 ____D () C:\Windows\system32\NV
2014-02-16 12:58 - 2014-02-16 12:59 - 54537728 _____ () C:\Users\Juga\Downloads\calibre-1.24.0.msi
2014-02-16 06:31 - 2013-12-07 07:36 - 19751936 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-02-16 06:31 - 2013-12-07 06:15 - 17560576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-02-15 20:17 - 2014-02-15 20:17 - 24490112 _____ (Mozilla) C:\Users\Juga\Downloads\Firefox Setup 27.0.1.exe
2014-02-15 00:23 - 2014-02-15 00:49 - 130171322 _____ () C:\Users\Juga\Desktop\1103195_white_ass_slut_fucked_twice_bare_creamed_huge_black_.flv
2014-02-14 10:11 - 2014-02-20 09:39 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-13 22:28 - 2013-12-05 00:43 - 00583680 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-02-13 22:28 - 2013-12-05 00:37 - 00451072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-02-13 22:04 - 2013-11-01 06:53 - 02232664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-02-13 22:03 - 2014-02-01 10:20 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-13 22:03 - 2014-02-01 10:19 - 02241536 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-13 22:03 - 2014-02-01 10:19 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-13 22:03 - 2014-02-01 10:19 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2014-02-13 22:03 - 2014-02-01 10:19 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2014-02-13 22:03 - 2014-02-01 10:18 - 19274240 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-13 22:03 - 2014-02-01 10:18 - 15403520 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-13 22:03 - 2014-02-01 10:18 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-02-13 22:03 - 2014-02-01 10:18 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-13 22:03 - 2014-02-01 10:18 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-13 22:03 - 2014-02-01 10:18 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-02-13 22:03 - 2014-02-01 10:18 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-13 22:03 - 2014-02-01 10:18 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-13 22:03 - 2014-02-01 10:18 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-13 22:03 - 2014-02-01 08:58 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-13 22:03 - 2014-02-01 08:58 - 01140736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-13 22:03 - 2014-02-01 08:58 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2014-02-13 22:03 - 2014-02-01 08:57 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-13 22:03 - 2014-02-01 08:57 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-13 22:03 - 2014-02-01 08:57 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-13 22:03 - 2014-02-01 08:57 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-02-13 22:03 - 2014-02-01 08:57 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-13 22:03 - 2014-02-01 08:57 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-13 22:03 - 2014-02-01 08:57 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-13 22:03 - 2014-02-01 08:40 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-13 22:03 - 2014-02-01 08:34 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-13 22:03 - 2014-02-01 06:08 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2014-02-13 22:03 - 2013-12-09 01:45 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-02-13 22:03 - 2013-12-09 00:59 - 00600064 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-13 22:03 - 2013-12-05 00:43 - 01845248 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-13 22:03 - 2013-12-05 00:37 - 01419264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-02-13 22:03 - 2013-11-27 01:19 - 00385614 _____ () C:\Windows\system32\ApnDatabase.xml
2014-02-13 22:03 - 2013-11-26 00:17 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2014-02-13 22:02 - 2014-02-01 10:18 - 03960320 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-13 22:02 - 2014-02-01 10:18 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-13 22:02 - 2014-02-01 08:57 - 14359040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-13 22:02 - 2014-02-01 08:57 - 02877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-13 22:02 - 2014-02-01 08:57 - 02049024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-13 22:02 - 2014-02-01 08:57 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-02-13 09:58 - 2014-02-20 09:39 - 00000000 ____D () C:\Users\Juga\AppData\Local\Tempfeb52be43e051bfaf4839a6935e00e42
2014-02-13 09:58 - 2014-02-20 09:39 - 00000000 ____D () C:\Users\Juga\AppData\Local\Temp12e72473eede95c369de200ff0f01ceb
2014-02-13 09:57 - 2014-02-20 09:39 - 00000000 ____D () C:\Users\Juga\AppData\Local\Temp14b5077f6956a3517aafd12a4b0ddc8f
2014-02-13 09:57 - 2014-02-13 09:57 - 00000000 ____D () C:\Users\Juga\Downloads\Steganos-SpurenVernichter
2014-02-13 09:57 - 2014-02-13 09:57 - 00000000 ____D () C:\Users\Juga\ChromeExtensions
2014-02-13 09:57 - 2014-02-13 09:57 - 00000000 ____D () C:\Users\Juga\AppData\Roaming\NVIDIA
2014-02-13 09:56 - 2014-02-13 09:56 - 01059584 _____ () C:\Users\Juga\Downloads\Steganos-SpurenVernichter-Setup.exe
2014-02-13 06:43 - 2014-02-13 06:43 - 00001237 _____ () C:\Users\Juga\Downloads\URLLink(6).acsm
2014-02-12 11:28 - 2014-01-13 00:30 - 02238976 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-02-12 11:28 - 2014-01-13 00:30 - 02032640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-02-12 11:28 - 2013-11-20 01:15 - 03842560 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-02-12 11:28 - 2013-11-20 00:57 - 03288576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-02-08 11:19 - 2014-02-08 11:19 - 00003576 _____ () C:\Users\Juga\Desktop\anschreibenMBWK.tex
2014-02-05 13:45 - 2014-02-20 09:39 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-02-02 12:22 - 2014-02-02 12:22 - 00007374 _____ () C:\Users\Juga\Desktop\Preisinformation zum 1. März 2014.eml

==================== One Month Modified Files and Folders =======

2014-02-26 18:43 - 2014-02-26 18:42 - 00022644 _____ () C:\Users\Juga\Desktop\FRST.txt
2014-02-26 18:43 - 2013-05-09 10:21 - 00000000 ____D () C:\Users\Juga\AppData\Roaming\Skype
2014-02-26 18:42 - 2014-02-19 15:41 - 00000000 ____D () C:\FRST
2014-02-26 18:41 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\system32\sru
2014-02-26 17:47 - 2013-05-06 21:41 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-26 17:46 - 2013-05-11 16:41 - 00000000 ____D () C:\Users\Juga\AppData\Roaming\vlc
2014-02-26 17:42 - 2014-02-19 23:33 - 01073319 _____ () C:\Windows\WindowsUpdate.log
2014-02-26 15:58 - 2013-06-15 14:16 - 00000000 ____D () C:\Users\Juga\AppData\Roaming\dvdcss
2014-02-26 14:06 - 2014-02-26 13:59 - 00001244 _____ () C:\Users\Juga\Desktop\Bahnfahrt-Beschwerde.txt
2014-02-26 13:53 - 2014-01-08 10:52 - 00000000 ____D () C:\Users\Juga\AppData\Roaming\ClassicShell
2014-02-26 12:14 - 2013-05-09 10:31 - 00000121 _____ () C:\Users\Public\LMDebug.log
2014-02-25 20:26 - 2013-05-07 18:30 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3203196741-1805427045-687499267-1002
2014-02-25 19:44 - 2013-05-06 18:53 - 00000500 _____ () C:\Users\Juga\AppData\Roaming\sp_data.sys
2014-02-25 14:12 - 2013-08-09 17:51 - 00000000 ____D () C:\Program Files (x86)\StarMoney 9.0
2014-02-24 23:07 - 2014-02-24 23:07 - 02347384 _____ (ESET) C:\Users\Juga\Downloads\esetsmartinstaller_enu.exe
2014-02-24 23:07 - 2014-02-24 23:07 - 00987425 _____ () C:\Users\Juga\Downloads\SecurityCheck.exe
2014-02-23 23:55 - 2014-02-23 12:41 - 00000000 ____D () C:\Users\Juga\Desktop\FRST-OlderVersion
2014-02-23 23:55 - 2014-02-19 12:49 - 02155520 _____ (Farbar) C:\Users\Juga\Desktop\FRST64.exe
2014-02-23 21:17 - 2014-02-23 21:17 - 00000000 ____D () C:\Windows\ERUNT
2014-02-23 20:40 - 2012-08-03 00:02 - 00761598 _____ () C:\Windows\system32\perfh007.dat
2014-02-23 20:40 - 2012-08-03 00:02 - 00159306 _____ () C:\Windows\system32\perfc007.dat
2014-02-23 20:40 - 2012-07-26 08:28 - 01748838 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-23 20:35 - 2014-02-23 20:35 - 00000022 _____ () C:\Windows\S.dirmngr
2014-02-23 20:35 - 2012-07-26 08:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-23 20:35 - 2012-07-26 06:26 - 00524288 ___SH () C:\Windows\system32\config\BBI
2014-02-23 20:34 - 2014-02-23 20:32 - 00000000 ____D () C:\AdwCleaner
2014-02-23 20:32 - 2014-02-23 20:31 - 01241834 _____ () C:\Users\Juga\Downloads\adwcleaner(2).exe
2014-02-23 20:31 - 2014-02-23 20:31 - 01241834 _____ () C:\Users\Juga\Downloads\adwcleaner(1).exe
2014-02-23 12:43 - 2014-02-23 12:43 - 01241834 _____ () C:\Users\Juga\Downloads\adwcleaner.exe
2014-02-23 12:43 - 2014-02-23 12:43 - 01037734 _____ (Thisisu) C:\Users\Juga\Downloads\JRT.exe
2014-02-23 12:17 - 2013-11-14 09:24 - 00000000 ___HD () C:\$Windows.~BT
2014-02-23 12:16 - 2014-02-23 12:15 - 00000000 ____D () C:\Recovery
2014-02-23 12:10 - 2014-02-23 12:09 - 00000712 _____ () C:\Windows\DtcInstall.log
2014-02-23 12:10 - 2014-02-23 12:01 - 00658599 _____ () C:\Windows\setupact.log
2014-02-23 12:10 - 2013-05-06 18:50 - 00066678 _____ () C:\Windows\diagwrn.xml
2014-02-23 12:10 - 2013-05-06 18:50 - 00066678 _____ () C:\Windows\diagerr.xml
2014-02-23 12:10 - 2012-07-26 06:26 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-02-23 12:05 - 2014-02-23 12:05 - 00001564 _____ () C:\Windows\comsetup.log
2014-02-23 12:05 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\registration
2014-02-23 12:04 - 2013-08-18 10:30 - 00008713 _____ () C:\Windows\system32\lvcoinst.log
2014-02-23 12:01 - 2014-02-23 12:01 - 00000000 _____ () C:\Windows\setuperr.log
2014-02-23 11:37 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\AUInstallAgent
2014-02-22 15:31 - 2013-12-29 14:33 - 00000285 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
2014-02-22 15:31 - 2013-05-07 21:13 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-02-22 12:22 - 2014-02-22 12:22 - 00033083 _____ () C:\ComboFix.txt
2014-02-22 12:22 - 2014-02-22 12:08 - 00000000 ____D () C:\Qoobox
2014-02-22 12:22 - 2012-07-26 06:37 - 00000000 __RHD () C:\Users\Default
2014-02-22 12:20 - 2014-02-22 12:08 - 00000000 ____D () C:\Windows\erdnt
2014-02-22 12:19 - 2012-07-26 06:26 - 00000215 _____ () C:\Windows\system.ini
2014-02-22 12:18 - 2014-02-19 23:19 - 00037464 _____ () C:\Windows\PFRO.log
2014-02-22 12:18 - 2014-02-16 22:29 - 00323576 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-02-22 12:08 - 2014-02-22 12:08 - 05183886 ____R (Swearware) C:\Users\Juga\Downloads\ComboFix.exe
2014-02-21 23:45 - 2014-02-21 23:45 - 00000000 ____D () C:\Users\Juga\Desktop\Alte Firefox-Daten
2014-02-21 23:44 - 2014-02-21 23:44 - 00019926 _____ () C:\Users\Juga\Desktop\Bestätigung Ihrer Zahlung an Rove.design GmbH.eml
2014-02-20 21:09 - 2014-02-20 20:51 - 182401458 _____ () C:\Users\Juga\Desktop\480_633_M5DAr-G182-50lo.mp4
2014-02-20 20:39 - 2013-05-08 17:53 - 00000000 ____D () C:\Users\Juga\AppData\Local\Adobe
2014-02-20 20:38 - 2013-05-06 21:41 - 00003772 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-02-20 20:38 - 2012-08-17 01:53 - 00000000 ____D () C:\ProgramData\McAfee
2014-02-20 16:22 - 2014-02-20 16:18 - 00002167 _____ () C:\Users\Public\Desktop\SteuerSparErklärung 2014.lnk
2014-02-20 16:19 - 2014-02-20 16:16 - 00000000 ____D () C:\Program Files (x86)\Akademische Arbeitsgemeinschaft
2014-02-20 16:19 - 2014-02-20 16:14 - 00000000 ____D () C:\ProgramData\AAV
2014-02-20 16:18 - 2014-02-20 16:18 - 00000000 ____D () C:\Users\Juga\AppData\Local\AAV
2014-02-20 14:28 - 2014-02-20 14:27 - 05631168 _____ (IvoSoft) C:\Users\Juga\Downloads\ClassicShellSetup_4_0_4.exe
2014-02-20 09:42 - 2014-02-20 09:42 - 01678496 _____ (Skype Technologies S.A.) C:\Users\Juga\Downloads\SkypeSetup(2).exe
2014-02-20 09:42 - 2014-02-20 09:42 - 00002699 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-02-20 09:42 - 2014-02-20 09:42 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-02-20 09:42 - 2013-05-09 10:21 - 00000000 ____D () C:\ProgramData\Skype
2014-02-20 09:41 - 2014-02-20 09:40 - 00000000 ____D () C:\Users\Juga\AppData\Roaming\Bitdefender
2014-02-20 09:41 - 2013-06-30 18:20 - 00000000 ____D () C:\ProgramData\Bitdefender
2014-02-20 09:40 - 2013-10-21 11:38 - 00000000 ____D () C:\Program Files (x86)\PDF Architect
2014-02-20 09:40 - 2013-05-24 05:45 - 00000000 ____D () C:\Windows\Minidump
2014-02-20 09:40 - 2013-05-09 17:55 - 00000000 ____D () C:\ProgramData\DatacardService
2014-02-20 09:40 - 2013-05-06 18:50 - 00000000 ____D () C:\Users\Juga
2014-02-20 09:40 - 2012-07-26 09:12 - 00000000 ____D () C:\Program Files\Windows Portable Devices
2014-02-20 09:39 - 2014-02-19 16:30 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-20 09:39 - 2014-02-16 22:06 - 00000000 ____D () C:\Program Files\CCleaner
2014-02-20 09:39 - 2014-02-16 17:50 - 00000000 ____D () C:\Windows\SysWOW64\NV
2014-02-20 09:39 - 2014-02-16 17:50 - 00000000 ____D () C:\Windows\system32\NV
2014-02-20 09:39 - 2014-02-14 10:11 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-20 09:39 - 2014-02-13 09:58 - 00000000 ____D () C:\Users\Juga\AppData\Local\Tempfeb52be43e051bfaf4839a6935e00e42
2014-02-20 09:39 - 2014-02-13 09:58 - 00000000 ____D () C:\Users\Juga\AppData\Local\Temp12e72473eede95c369de200ff0f01ceb
2014-02-20 09:39 - 2014-02-13 09:57 - 00000000 ____D () C:\Users\Juga\AppData\Local\Temp14b5077f6956a3517aafd12a4b0ddc8f
2014-02-20 09:39 - 2014-02-05 13:45 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-02-20 09:39 - 2014-01-08 10:52 - 00000000 ____D () C:\Program Files\Classic Shell
2014-02-20 09:39 - 2013-11-10 22:27 - 00000000 ____D () C:\Users\Juga\AppData\Roaming\xm1
2014-02-20 09:39 - 2013-11-10 22:12 - 00000000 ____D () C:\Program Files (x86)\Texmaker
2014-02-20 09:39 - 2013-11-02 21:57 - 00000000 ____D () C:\Program Files (x86)\Tor Browser
2014-02-20 09:39 - 2013-10-21 11:46 - 00000000 ____D () C:\Users\Juga\AppData\Roaming\Scan2PDF
2014-02-20 09:39 - 2013-10-21 11:46 - 00000000 ____D () C:\Program Files (x86)\Scan2PDF
2014-02-20 09:39 - 2013-10-20 21:34 - 00000000 ____D () C:\Program Files (x86)\JonDo
2014-02-20 09:39 - 2013-10-04 09:49 - 00000000 ____D () C:\Program Files (x86)\Vidalia Relay Bundle
2014-02-20 09:39 - 2013-09-30 17:11 - 00000000 ____D () C:\totalcmd
2014-02-20 09:39 - 2013-09-29 19:33 - 00000000 ____D () C:\Program Files\WinDjView
2014-02-20 09:39 - 2013-09-28 14:18 - 00000000 ____D () C:\Program Files (x86)\7-Zip
2014-02-20 09:39 - 2013-09-17 22:17 - 00000000 ____D () C:\Program Files (x86)\Audiograbber
2014-02-20 09:39 - 2013-09-14 22:45 - 00000000 ____D () C:\Program Files (x86)\Calibre2
2014-02-20 09:39 - 2013-08-29 00:41 - 00000000 ____D () C:\Program Files (x86)\StreamTransport
2014-02-20 09:39 - 2013-08-27 18:02 - 00000000 ____D () C:\Program Files (x86)\FLV Player
2014-02-20 09:39 - 2013-05-16 23:12 - 00000000 ____D () C:\Program Files (x86)\PDFCreator
2014-02-20 09:39 - 2013-05-09 17:55 - 00000000 ____D () C:\Program Files (x86)\Mobile Partner
2014-02-20 09:39 - 2013-05-07 21:28 - 00000000 ____D () C:\Program Files (x86)\Microsoft Works
2014-02-20 09:39 - 2013-05-07 21:13 - 00000000 ____D () C:\Users\Juga\AppData\Local\Microsoft Help
2014-02-20 09:39 - 2013-05-06 18:55 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-20 09:39 - 2013-05-06 18:52 - 00000000 ___RD () C:\Users\Juga\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-02-20 09:39 - 2012-11-15 19:47 - 00000000 ____D () C:\ProgramData\P4G
2014-02-20 09:39 - 2012-11-15 19:39 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-02-20 09:39 - 2012-11-15 19:39 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-02-20 09:39 - 2012-08-02 14:28 - 00000000 ____D () C:\Users\Administrator
2014-02-20 09:39 - 2012-07-26 09:12 - 00000000 ___RD () C:\Windows\ToastData
2014-02-20 09:39 - 2012-07-26 09:12 - 00000000 ___RD () C:\Windows\ImmersiveControlPanel
2014-02-20 09:39 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\WinStore
2014-02-20 09:39 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\SysWOW64\MSDRM
2014-02-20 09:39 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\system32\MSDRM
2014-02-20 09:39 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\rescache
2014-02-20 09:39 - 2012-07-26 09:12 - 00000000 ____D () C:\Program Files\Windows Defender
2014-02-20 09:39 - 2012-07-26 06:37 - 00000000 ____D () C:\Windows\servicing
2014-02-20 09:38 - 2014-02-19 16:30 - 00000000 ____D () C:\Users\Juga\AppData\Roaming\Malwarebytes
2014-02-20 09:38 - 2014-02-19 16:30 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-02-20 09:38 - 2014-02-18 08:48 - 00000000 ____D () C:\Users\Juga\AppData\Local\Skype
2014-02-20 09:38 - 2013-11-02 21:16 - 00000000 ____D () C:\ProgramData\Package Cache
2014-02-20 09:38 - 2013-10-03 12:01 - 00000000 ____D () C:\Users\Juga\AppData\Local\Google
2014-02-20 09:38 - 2013-05-08 06:19 - 00000000 ____D () C:\Program Files\Bitdefender
2014-02-20 09:38 - 2013-05-08 06:15 - 00000000 ____D () C:\Program Files\Common Files\Bitdefender
2014-02-20 09:38 - 2013-05-06 18:50 - 00000000 ____D () C:\Users\Juga\AppData\Local\ASUS
2014-02-20 09:38 - 2013-04-02 14:25 - 00000000 ____D () C:\Users\Juga\AppData\Local\Packages
2014-02-20 09:38 - 2012-11-15 19:43 - 00000000 ____D () C:\Program Files\DIFX
2014-02-20 09:38 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\Help
2014-02-20 09:38 - 2012-07-26 09:12 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-02-20 09:38 - 2012-07-26 06:38 - 00000000 ____D () C:\Windows\system32\Sysprep
2014-02-20 09:37 - 2013-05-10 20:39 - 00000000 ____D () C:\Program Files (x86)\Java
2014-02-20 09:37 - 2012-11-15 19:39 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-02-20 09:37 - 2012-11-15 19:35 - 00000000 ____D () C:\Program Files (x86)\Intel
2014-02-20 09:36 - 2014-01-03 16:19 - 00000000 ____D () C:\Users\Juga\Desktop\pics
2014-02-20 09:23 - 2013-05-08 06:20 - 00000000 ____D () C:\Users\Juga\AppData\Roaming\QuickScan
2014-02-20 09:14 - 2012-11-15 19:35 - 00000000 ____D () C:\Intel
2014-02-19 23:36 - 2013-05-08 06:24 - 00000000 ____D () C:\ProgramData\BDLogging
2014-02-19 21:25 - 2014-02-19 21:24 - 00000000 ____D () C:\Program Files (x86)\Google
2014-02-19 20:34 - 2014-02-19 20:34 - 00000000 ____D () C:\ProgramData\ClassicShell
2014-02-19 19:15 - 2014-02-19 10:15 - 00003586 _____ () C:\Windows\System32\Tasks\Bitdefender Auto-Scan
2014-02-19 18:21 - 2014-02-19 18:21 - 00299776 _____ () C:\Windows\Minidump\021914-7500-01.dmp
2014-02-19 18:18 - 2014-02-19 18:18 - 00000470 _____ () C:\Users\Juga\Desktop\defogger_disable.log
2014-02-19 17:09 - 2014-02-19 17:09 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Juga\Downloads\mbam-consumer.exe
2014-02-19 16:30 - 2014-02-19 16:30 - 00001071 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-02-19 16:29 - 2014-02-19 16:29 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Juga\Downloads\mbam-setup-1.75.0.1300.exe
2014-02-19 16:03 - 2014-02-19 16:03 - 00000470 _____ () C:\Windows\SysWOW64\defogger_disable.log
2014-02-19 15:51 - 2014-02-19 15:51 - 00296784 _____ () C:\Windows\Minidump\021914-7562-01.dmp
2014-02-19 15:44 - 2014-02-19 15:44 - 00299816 _____ () C:\Windows\Minidump\021914-7718-01.dmp
2014-02-19 15:43 - 2014-02-19 15:43 - 00380416 _____ () C:\Users\Juga\Desktop\Gmer-19357.exe
2014-02-19 15:42 - 2014-02-19 16:19 - 00029451 _____ () C:\Users\Juga\Desktop\Addition.txt
2014-02-19 12:46 - 2014-02-19 12:46 - 01141248 _____ (Farbar) C:\Users\Juga\Downloads\FRST.exe
2014-02-19 12:46 - 2014-02-19 12:46 - 00000470 _____ () C:\Users\Juga\Downloads\defogger_disable.log
2014-02-19 12:46 - 2014-02-19 12:46 - 00000000 _____ () C:\Users\Juga\defogger_reenable
2014-02-19 12:45 - 2014-02-19 12:45 - 00050477 _____ () C:\Users\Juga\Desktop\Defogger.exe
2014-02-19 12:43 - 2014-02-19 12:43 - 00002640 _____ () C:\Windows\System32\Tasks\Digital Sites
2014-02-19 12:43 - 2013-07-26 23:49 - 00000101 _____ () C:\Users\Juga\AppData\Roaming\WB.CFG
2014-02-19 12:06 - 2013-06-30 21:58 - 524288512 _____ () C:\Users\Juga\Desktop\Datentresor - Ruppert.bvd
2014-02-18 08:48 - 2014-02-18 08:48 - 00003142 _____ () C:\Windows\System32\Tasks\{CEEC242F-CB31-4B7C-BA41-759D23FC22A4}
2014-02-18 08:47 - 2014-02-18 08:47 - 01659552 _____ (Skype Technologies S.A.) C:\Users\Juga\Downloads\SkypeSetup(1).exe
2014-02-17 23:03 - 2012-07-26 09:14 - 00694240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-17 23:03 - 2012-07-26 09:14 - 00078304 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-17 20:42 - 2013-09-14 22:45 - 00000000 ____D () C:\Users\Juga\Documents\Calibre-Bibliothek
2014-02-17 20:40 - 2014-02-17 20:40 - 01816433 _____ () C:\Users\Juga\Downloads\tools_v6.0.8.zip
2014-02-17 20:29 - 2014-02-17 20:29 - 09954793 _____ () C:\Users\Juga\Downloads\Ultimate-DRM-Removal-last.zip
2014-02-17 09:25 - 2014-02-17 09:23 - 88898427 _____ () C:\Users\Juga\Desktop\Tumblr_Video.mp4
2014-02-16 22:20 - 2013-05-06 18:51 - 00000000 ____D () C:\Users\Juga\AppData\Local\VirtualStore
2014-02-16 22:08 - 2012-08-02 23:24 - 00000000 ____D () C:\Windows\Panther
2014-02-16 22:06 - 2014-02-16 22:06 - 00002770 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-02-16 22:06 - 2014-02-16 22:06 - 00000824 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-02-16 22:06 - 2014-02-16 22:05 - 03645064 _____ (Piriform Ltd) C:\Users\Juga\Downloads\ccsetup410_slim.exe
2014-02-16 12:59 - 2014-02-16 12:58 - 54537728 _____ () C:\Users\Juga\Downloads\calibre-1.24.0.msi
2014-02-16 07:33 - 2013-06-22 06:43 - 00000000 ____D () C:\Users\Juga\AppData\Roaming\gnupg
2014-02-15 20:19 - 2013-11-02 21:49 - 00001109 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-02-15 20:17 - 2014-02-15 20:17 - 24490112 _____ (Mozilla) C:\Users\Juga\Downloads\Firefox Setup 27.0.1.exe
2014-02-15 15:28 - 2013-07-11 10:30 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-15 15:27 - 2013-05-06 19:57 - 88567024 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-02-15 00:49 - 2014-02-15 00:23 - 130171322 _____ () C:\Users\Juga\Desktop\1103195_white_ass_slut_fucked_twice_bare_creamed_huge_black_.flv
2014-02-14 19:21 - 2012-07-26 06:26 - 00262144 ___SH () C:\Windows\system32\config\BBI(1020)
2014-02-13 09:57 - 2014-02-13 09:57 - 00000000 ____D () C:\Users\Juga\Downloads\Steganos-SpurenVernichter
2014-02-13 09:57 - 2014-02-13 09:57 - 00000000 ____D () C:\Users\Juga\ChromeExtensions
2014-02-13 09:57 - 2014-02-13 09:57 - 00000000 ____D () C:\Users\Juga\AppData\Roaming\NVIDIA
2014-02-13 09:56 - 2014-02-13 09:56 - 01059584 _____ () C:\Users\Juga\Downloads\Steganos-SpurenVernichter-Setup.exe
2014-02-13 06:43 - 2014-02-13 06:43 - 00001237 _____ () C:\Users\Juga\Downloads\URLLink(6).acsm
2014-02-09 15:20 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\system32\NDF
2014-02-08 11:19 - 2014-02-08 11:19 - 00003576 _____ () C:\Users\Juga\Desktop\anschreibenMBWK.tex
2014-02-02 12:22 - 2014-02-02 12:22 - 00007374 _____ () C:\Users\Juga\Desktop\Preisinformation zum 1. März 2014.eml
2014-02-01 10:20 - 2014-02-13 22:03 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-01 10:19 - 2014-02-13 22:03 - 02241536 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-01 10:19 - 2014-02-13 22:03 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-01 10:19 - 2014-02-13 22:03 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2014-02-01 10:19 - 2014-02-13 22:03 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2014-02-01 10:18 - 2014-02-13 22:03 - 19274240 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-01 10:18 - 2014-02-13 22:03 - 15403520 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-01 10:18 - 2014-02-13 22:03 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-02-01 10:18 - 2014-02-13 22:03 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-01 10:18 - 2014-02-13 22:03 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-01 10:18 - 2014-02-13 22:03 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-02-01 10:18 - 2014-02-13 22:03 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-01 10:18 - 2014-02-13 22:03 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-01 10:18 - 2014-02-13 22:03 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-01 10:18 - 2014-02-13 22:02 - 03960320 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-01 10:18 - 2014-02-13 22:02 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-01 08:58 - 2014-02-13 22:03 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-01 08:58 - 2014-02-13 22:03 - 01140736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-01 08:58 - 2014-02-13 22:03 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2014-02-01 08:57 - 2014-02-13 22:03 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-01 08:57 - 2014-02-13 22:03 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-01 08:57 - 2014-02-13 22:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-01 08:57 - 2014-02-13 22:03 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-02-01 08:57 - 2014-02-13 22:03 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-01 08:57 - 2014-02-13 22:03 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-01 08:57 - 2014-02-13 22:03 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-01 08:57 - 2014-02-13 22:02 - 14359040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-01 08:57 - 2014-02-13 22:02 - 02877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-01 08:57 - 2014-02-13 22:02 - 02049024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-01 08:57 - 2014-02-13 22:02 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-02-01 08:40 - 2014-02-13 22:03 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-01 08:34 - 2014-02-13 22:03 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-01 06:08 - 2014-02-13 22:03 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll

Files to move or delete:
====================
C:\Users\Juga\AppData\Roaming\Camdata.ini
C:\Users\Juga\AppData\Roaming\CamLayout.ini
C:\Users\Juga\AppData\Roaming\CamShapes.ini
C:\Users\Juga\AppData\Roaming\CamStudio.Producer.Data.ini


Some content of TEMP:
====================
C:\Users\Juga\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-02-26 15:30

==================== End Of Log ============================

--- --- ---

schrauber · 27.02.2014, 18:33

An den gefühlten 30GB Adware die wir gelöscht haben

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

C:\Users\Juga\AppData\Roaming\Camdata.ini
C:\Users\Juga\AppData\Roaming\CamLayout.ini
C:\Users\Juga\AppData\Roaming\CamShapes.ini
C:\Users\Juga\AppData\Roaming\CamStudio.Producer.Data.ini

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

Fertig

Die Reihenfolge ist hier entscheidend.

Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
- Windowstaste + R > Combofix /Uninstall (eingeben) > OK
- Alternative: Combofix.exe in uninstall.exe umbenennen und starten
- Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
Downloade Dir bitte auf jeden Fall DelFix auf deinen Desktop:
- Schließe alle offenen Programme.
- Starte die delfix.exe mit einem Doppelklick.
- Setze vor jede Funktion ein Häkchen.
- Klicke auf Start.
- Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
- Starte deinen Rechner abschließend neu.
Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.

Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun

Hier noch ein paar Tipps zur Absicherung deines Systems.

Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.

Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
Windows Updates
- Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
- Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
Gehe sicher das die automatischen Updates aktiviert sind.
Software Updates
Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.

Anti- Viren Software

Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.

Zusätzlicher Schutz

MalwareBytes Anti Malware
Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
Ein Tutorial zur Verwendung findest Du hier.
WinPatrol
Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.

Sicheres Browsen

SpywareBlaster
Eine kurze Einführung findest du Hier
MVPs hosts file
Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
WOT (Web of trust)
Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.

Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.

Opera
Mozilla Firefox.
- Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
- NoScript
  Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
- AdblockPlus
  Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
  Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )

Don'ts

Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe

Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.

jugajuga · 16.03.2014, 23:13

Hallo,

danke für den Hinweis, ich habe es erst gar nicht gerafft, dass ich noch was machen soll.

Leider ist das System in den letzten Tagen wieder instabil und öffnet mitunter selbstständig immernoch Hilfeseiten - allerdings weniger als früher :-/.

Hier erstmal das fixlist.txt

Code:

ATTFilter

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 13-03-2014
Ran by Juga at 2014-03-16 22:22:51 Run:3
Running from C:\Users\Juga\Desktop\AdWareKiller
Boot Mode: Normal
==============================================

Content of fixlist:

*****************
C:\Users\Juga\AppData\Roaming\Camdata.ini
C:\Users\Juga\AppData\Roaming\CamLayout.ini
C:\Users\Juga\AppData\Roaming\CamShapes.ini
C:\Users\Juga\AppData\Roaming\CamStudio.Producer.Data.ini
*****************

"C:\Users\Juga\AppData\Roaming\Camdata.ini" => File/Directory not found.
"C:\Users\Juga\AppData\Roaming\CamLayout.ini" => File/Directory not found.
"C:\Users\Juga\AppData\Roaming\CamShapes.ini" => File/Directory not found.
"C:\Users\Juga\AppData\Roaming\CamStudio.Producer.Data.ini" => File/Directory not found.
==== End of Fixlog ====

Daher habe ich nochmal FRST laufen lassen.

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by Juga (administrator) on LAPTOP on 16-03-2014 23:06:44
Running from C:\Users\Juga\Desktop\AdWareKiller
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\vsserv.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
() C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe
(REINER SCT) C:\Windows\SysWOW64\cjpcsc.exe
() C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe
(Microsoft Corporation) C:\Windows\system32\dashost.exe
() C:\Windows\system32\DptfParticipantProcessorService.exe
() C:\Windows\system32\DptfPolicyConfigTDPService.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
() C:\ProgramData\DatacardService\HWDeviceService64.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
() C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\HelperService.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\PSIA.exe
(Star Finanz-Software Entwicklung und Vertriebs GmbH) C:\Program Files (x86)\StarMoney 9.0\ouservice\StarMoneyOnlineUpdate.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnCfg.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1114.318_x64__8wekyb3d8bbwe\LiveComm.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\bdagent.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13192848 2012-08-30] (Realtek Semiconductor)
HKLM\...\Run: [ASUSQuickGesture(x86)] - C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe [20352 2012-09-11] (ASUSTeK Computer Inc.)
HKLM\...\Run: [ASUSTPLoader(x64)] - C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe [169856 2012-09-11] (AsusTek)
HKLM\...\Run: [ASUSQuickGesture(x64)] - C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe [22400 2012-09-11] (ASUSTeK Computer Inc.)
HKLM\...\Run: [DptfPolicyLpmServiceHelper] - C:\Windows\system32\DptfPolicyLpmServiceHelper.exe [21888 2012-07-30] ()
HKLM\...\Run: [ACMON] - C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [107192 2012-08-24] (ASUS)
HKLM\...\Run: [BTMTrayAgent] - C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll [7818040 2013-09-19] (Motorola Solutions, Inc.)
HKLM\...\Run: [Bdagent] - C:\Program Files\Bitdefender\Bitdefender\bdagent.exe [1739480 2014-01-29] (Bitdefender)
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [285240 2012-09-01] (Intel Corporation)
HKLM-x32\...\Run: [ASUSWebStorage] - C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\AsusWSPanel.exe [3417984 2012-08-28] (ASUS Cloud Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Reader Application Helper] - C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ReaderAppHelper.exe [899400 2013-11-27] (Sony Corporation)
HKLM-x32\...\Run: [BingDesktop] - C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe [2258056 2013-09-22] (Microsoft Corp.)
HKLM-x32\...\Run: [] - [X]
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\.DEFAULT\...\Run: [Bitdefender-Geldbörse-Agent] - C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe [567888 2014-02-03] (Bitdefender)
HKU\.DEFAULT\...\Run: [Bitdefender-Geldbörse] - C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe [1001536 2014-02-03] (Bitdefender)
HKU\.DEFAULT\...\Run: [Bitdefender-Geldbörse-Anwendungs-Agent] - C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe [614232 2014-01-29] (Bitdefender)
HKU\S-1-5-21-3203196741-1805427045-687499267-1002\...\Run: [Bitdefender-Geldbörse-Agent] - C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe [567888 2014-02-03] (Bitdefender)
HKU\S-1-5-21-3203196741-1805427045-687499267-1002\...\Run: [Bitdefender-Geldbörse] - C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe [1001536 2014-02-03] (Bitdefender)
HKU\S-1-5-21-3203196741-1805427045-687499267-1002\...\Run: [Bitdefender-Geldbörse-Anwendungs-Agent] - C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe [614232 2014-01-29] (Bitdefender)
AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [168616 2013-12-10] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [141336 2013-12-10] (NVIDIA Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&amp;form=IE10TR&amp;src=IE10TR&amp;pc=ASU2JS
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&amp;form=IE10TR&amp;src=IE10TR&amp;pc=ASU2JS
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender\pmbxie.dll (Bitdefender)
BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: ASUS Browser Extension x64 - {78234974-0C4B-4111-BDEB-D9A104418772} - C:\Program Files (x86)\ASUS\ASUS Smart Gesture\install\x64\BrowserExtension64.dll (ASUSTeK Computer Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_64.dll (IvoSoft)
BHO-x32: Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender\Antispam32\pmbxie.dll (Bitdefender)
BHO-x32: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GmbH)
BHO-x32: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: ASUS Browser Extension x86 - {78234974-0C4B-4111-BDEB-D9A104418771} - C:\Program Files (x86)\ASUS\ASUS Smart Gesture\install\x86\BrowserExtension.dll (ASUSTeK Computer Inc.)
BHO-x32: ividi Helper Object - {8B8B2E80-1444-451D-AC8E-EB9A847F3887} - C:\Program Files (x86)\Unitech LLC\ividi\1.8.23.0\bh\ividi.dll No File
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{AEFBB86E-3140-48A0-A253-9D902613CC85}: [NameServer]139.7.30.126 139.7.30.125

FireFox:
========
FF ProfilePath: C:\Users\Juga\AppData\Roaming\Mozilla\Firefox\Profiles\l24us74s.default-1393022713616
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @ei.FromDocToPDF_65.com/Plugin - C:\Program Files (x86)\FromDocToPDF_65EI\Installr\1.bin\NP65EISB.dll No File
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @sony.com/ReaderDesktop - C:\Program Files (x86)\Sony\ReaderDesktop\npreaderdetectmoz.dll (Sony Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: DownloadHelper - C:\Users\Juga\AppData\Roaming\Mozilla\Firefox\Profiles\l24us74s.default-1393022713616\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-03-16]
FF Extension: aklamio CashBar - C:\Users\Juga\AppData\Roaming\Mozilla\Firefox\Profiles\l24us74s.default-1393022713616\Extensions\addon@aklamio.de.xpi [2014-03-03]
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender\bdtbext
FF Extension: bdToolbar - C:\Program Files\Bitdefender\Bitdefender\bdtbext [2014-03-15]
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2013-10-21]
FF HKLM-x32\...\Firefox\Extensions: [ffpwdman@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender\Antispam32\ffpwdman\
FF Extension: Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender\Antispam32\ffpwdman\ []
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender\bdtbext
FF Extension: bdToolbar - C:\Program Files\Bitdefender\Bitdefender\bdtbext [2014-03-15]

==================== Services (Whitelisted) =================

R2 AAV UpdateService; C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe [128296 2008-10-24] ()
R2 ASUS InstantOn; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [277120 2012-04-13] (ASUS)
S4 BdDesktopParental; C:\Program Files\Bitdefender\Bitdefender\bdparentalservice.exe [77632 2013-11-21] (Bitdefender)
R2 BingDesktopUpdate; C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [173192 2013-09-22] (Microsoft Corp.)
R2 cjpcsc; C:\Windows\SysWOW64\cjpcsc.exe [515632 2013-05-21] (REINER SCT)
R2 DirMngr; C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe [218112 2013-05-28] ()
R2 DptfParticipantProcessorService; C:\Windows\system32\DptfParticipantProcessorService.exe [29056 2012-07-30] ()
R2 DptfPolicyConfigTDPService; C:\Windows\system32\DptfPolicyConfigTDPService.exe [30592 2012-07-30] ()
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [339456 2010-11-16] ()
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
R2 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [157128 2013-09-18] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S2 Mobile Partner. RunOuc; c:\program files (x86)\mobile partner\updatedog\ouc.exe [218624 2013-05-09] ()
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-08-28] ()
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
S2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
R2 SafeBox; C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe [94624 2013-07-08] (Bitdefender)
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1229528 2013-12-06] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [662232 2013-12-06] (Secunia)
R2 StarMoney 9.0 OnlineUpdate; C:\Program Files (x86)\StarMoney 9.0\ouservice\StarMoneyOnlineUpdate.exe [663184 2014-01-27] (Star Finanz-Software Entwicklung und Vertriebs GmbH)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe [67320 2013-10-07] (Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender\vsserv.exe [1507248 2014-01-29] (Bitdefender)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-10-25] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3378416 2013-08-28] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

U5 AppMgmt; C:\Windows\system32\svchost.exe [29696 2012-09-20] (Microsoft Corporation)
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [56704 2012-09-11] (ASUS Corporation)
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [893440 2013-12-02] (BitDefender)
R3 avchv; C:\Windows\system32\DRIVERS\avchv.sys [261056 2014-03-15] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [635392 2013-12-02] (BitDefender)
S0 bdelam; C:\Windows\System32\drivers\bdelam.sys [23568 2013-09-08] (Bitdefender)
R1 BdfNdisf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfndisf6.sys [98768 2013-07-24] (BitDefender LLC)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [107008 2013-07-29] (BitDefender LLC)
S3 bdfwfpf_pc; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys [121928 2013-07-02] (Bitdefender SRL)
S3 BDSandBox; C:\Windows\system32\drivers\bdsandbox.sys [82824 2013-11-04] (BitDefender SRL)
R1 BDVEDISK; C:\Windows\system32\DRIVERS\bdvedisk.sys [79192 2013-07-30] (BitDefender)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [140600 2013-07-22] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1390904 2013-09-05] (Motorola Solutions, Inc.)
S3 cjusb; C:\Windows\system32\DRIVERS\cjusb.sys [35192 2012-09-04] (REINER SCT)
R3 DptfDevDram; C:\Windows\system32\DRIVERS\DptfDevDram.sys [107328 2012-07-13] (Intel Corporation)
R3 DptfDevFan; C:\Windows\system32\DRIVERS\DptfDevFan.sys [42816 2012-07-13] (Intel Corporation)
R3 DptfDevGen; C:\Windows\system32\DRIVERS\DptfDevGen.sys [64832 2012-07-13] (Intel Corporation)
R3 DptfDevPch; C:\Windows\system32\DRIVERS\DptfDevPch.sys [96064 2012-07-13] (Intel Corporation)
R3 DptfDevProc; C:\Windows\system32\DRIVERS\DptfDevProc.sys [228672 2012-07-13] (Intel Corporation)
R3 DptfManager; C:\Windows\system32\DRIVERS\DptfManager.sys [361792 2012-07-13] (Intel Corporation)
S3 ewusbnet; C:\Windows\system32\DRIVERS\ewusbnet.sys [256000 2013-05-09] (Huawei Technologies Co., Ltd.)
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [150256 2013-08-23] (BitDefender LLC)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( )
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3345376 2013-10-08] (Intel Corporation)
R3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-12-06] (Secunia)
R3 SensorsAlsDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [198656 2012-07-26] (Microsoft Corporation)
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [389240 2013-08-07] (BitDefender S.R.L.)
S3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [48096 2012-08-09] (Windows (R) Win 7 DDK provider)
S3 XHCIPort; C:\Windows\System32\drivers\XHCIPort.sys [188384 2012-08-09] (Windows (R) Win 7 DDK provider)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
U0 msahci; 

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-16 22:35 - 2014-03-16 22:35 - 00323576 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-16 22:35 - 2014-03-16 22:35 - 00000385 _____ () C:\Windows\system32\user_gensett.xml
2014-03-16 22:35 - 2014-03-16 22:35 - 00000022 _____ () C:\Windows\S.dirmngr
2014-03-16 22:30 - 2014-03-16 22:30 - 01064488 _____ (BillP Studios) C:\Users\Juga\Downloads\wpsetup(1).exe
2014-03-16 22:30 - 2014-03-16 22:30 - 00700980 _____ () C:\Users\Juga\Downloads\adblock_edge-2.0.7-sm+an+tb+fx-windows.xpi
2014-03-16 22:21 - 2014-03-16 22:21 - 00000190 _____ () C:\Users\Juga\Desktop\fixlist.txt
2014-03-16 09:51 - 2014-03-16 09:51 - 00000568 _____ () C:\Users\Public\Desktop\Biet-O-Matic.lnk
2014-03-16 09:50 - 2003-01-07 02:22 - 00015873 _____ () C:\Windows\SysWOW64\Inetde.dll
2014-03-16 09:50 - 2000-12-05 23:00 - 00109248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Mswinsck.ocx
2014-03-16 09:50 - 2000-05-22 15:58 - 00115920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msinet.ocx
2014-03-16 09:50 - 2000-04-03 19:06 - 00016896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winskde.dll
2014-03-16 09:50 - 1999-07-14 13:07 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\stdftde.dll
2014-03-16 09:50 - 1998-07-05 23:00 - 00022528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Tabctde.dll
2014-03-16 09:50 - 1998-06-23 23:00 - 00209192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Tabctl32.ocx
2014-03-16 09:43 - 2014-03-16 09:43 - 04653537 _____ () C:\Users\Juga\Downloads\BOM21412_setup.exe
2014-03-15 16:50 - 2014-03-15 16:50 - 00001774 _____ () C:\Users\Juga\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\mbam.exe - Verknüpfung.lnk
2014-03-15 16:16 - 2014-03-15 16:40 - 00009247 _____ () C:\Users\Juga\Documents\Zeitschriften-Festgeld-Gas-Strom.xlsx
2014-03-15 16:02 - 2014-03-15 16:02 - 00000195 _____ () C:\Users\Juga\Documents\jr.bwl
2014-03-15 15:04 - 2014-03-15 15:04 - 02257742 _____ () C:\ProgramData\1394891656.bdinstall.bin
2014-03-15 15:01 - 2014-03-15 15:19 - 00261056 _____ (BitDefender) C:\Windows\system32\Drivers\avchv.sys
2014-03-15 15:01 - 2014-03-15 15:19 - 00074512 _____ (BitDefender SRL) C:\Windows\SysWOW64\bdsandboxuiskin32.dll
2014-03-15 15:01 - 2014-03-15 15:01 - 00002188 _____ () C:\Users\Public\Desktop\Bitdefender Safepay.lnk
2014-03-15 15:01 - 2014-03-15 15:01 - 00002144 _____ () C:\Users\Public\Desktop\Bitdefender Total Security.lnk
2014-03-15 15:01 - 2014-03-15 15:01 - 00000299 _____ () C:\Windows\setupact.log
2014-03-15 15:01 - 2014-03-15 15:01 - 00000000 _____ () C:\Windows\setuperr.log
2014-03-15 15:01 - 2013-12-02 11:58 - 00635392 _____ (BitDefender) C:\Windows\system32\Drivers\avckf.sys
2014-03-15 15:01 - 2013-12-02 11:56 - 00893440 _____ (BitDefender) C:\Windows\system32\Drivers\avc3.sys
2014-03-15 15:01 - 2013-11-04 15:47 - 00082824 _____ (BitDefender SRL) C:\Windows\system32\Drivers\bdsandbox.sys
2014-03-15 15:01 - 2013-09-08 19:04 - 00023568 _____ (Bitdefender) C:\Windows\system32\Drivers\bdelam.sys
2014-03-15 15:01 - 2013-07-30 17:41 - 00079192 _____ (BitDefender) C:\Windows\system32\Drivers\bdvedisk.sys
2014-03-15 15:01 - 2013-07-24 17:19 - 00098768 _____ (BitDefender LLC) C:\Windows\system32\Drivers\bdfndisf6.sys
2014-03-15 14:56 - 2014-03-15 15:16 - 00000000 ____D () C:\Users\Juga\AppData\Roaming\Bitdefender
2014-03-15 14:54 - 2014-03-15 15:19 - 00074512 _____ (BitDefender SRL) C:\Windows\system32\bdsandboxuiskin32.dll
2014-03-15 14:54 - 2014-03-15 15:19 - 00000000 ____D () C:\ProgramData\Bitdefender
2014-03-15 14:54 - 2014-03-15 14:56 - 00000000 ____D () C:\Program Files\Bitdefender
2014-03-15 14:54 - 2014-03-15 14:54 - 00000000 ____D () C:\Program Files\Common Files\Bitdefender
2014-03-15 14:54 - 2013-11-04 15:47 - 00084848 _____ (BitDefender SRL) C:\Windows\system32\BDSandBoxUISkin.dll
2014-03-15 14:54 - 2013-11-04 15:46 - 00034384 _____ (BitDefender SRL) C:\Windows\system32\BDSandBoxUH.dll
2014-03-15 14:54 - 2013-08-23 12:48 - 00150256 _____ (BitDefender LLC) C:\Windows\system32\Drivers\gzflt.sys
2014-03-15 14:54 - 2013-08-07 12:46 - 00389240 _____ (BitDefender S.R.L.) C:\Windows\system32\Drivers\trufos.sys
2014-03-15 14:53 - 2014-03-15 14:53 - 07304560 _____ () C:\Users\Juga\Downloads\bitdefender_tsecurity(1).exe
2014-03-15 11:29 - 2014-03-15 11:29 - 00091541 _____ () C:\ProgramData\1394879380.bdinstall.bin
2014-03-15 11:29 - 2014-03-15 11:29 - 00001549 _____ () C:\ProgramData\1394879387.bdinstall.bin
2014-03-15 11:28 - 2014-03-15 11:28 - 00091543 _____ () C:\ProgramData\1394879319.bdinstall.bin
2014-03-15 11:28 - 2014-03-15 11:28 - 00091542 _____ () C:\ProgramData\1394879295.bdinstall.bin
2014-03-15 11:28 - 2014-03-15 11:28 - 00091541 _____ () C:\ProgramData\1394879279.bdinstall.bin
2014-03-15 11:28 - 2014-03-15 11:28 - 00001549 _____ () C:\ProgramData\1394879303.bdinstall.bin
2014-03-15 11:28 - 2014-03-15 11:28 - 00001548 _____ () C:\ProgramData\1394879324.bdinstall.bin
2014-03-15 11:28 - 2014-03-15 11:28 - 00001548 _____ () C:\ProgramData\1394879284.bdinstall.bin
2014-03-15 11:27 - 2014-03-15 11:27 - 00091541 _____ () C:\ProgramData\1394879244.bdinstall.bin
2014-03-15 11:27 - 2014-03-15 11:27 - 00001548 _____ () C:\ProgramData\1394879252.bdinstall.bin
2014-03-15 11:24 - 2014-03-15 11:24 - 07302320 _____ () C:\Users\Juga\Downloads\bitdefender_tsecurity.exe
2014-03-14 23:16 - 2014-03-14 23:16 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-03-14 23:15 - 2014-03-14 23:15 - 00000745 _____ () C:\Users\Juga\Desktop\JRT.txt
2014-03-14 22:57 - 2014-03-14 22:57 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-03-14 22:57 - 2014-03-14 22:57 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-03-14 22:57 - 2014-03-14 22:57 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-03-14 22:57 - 2014-03-14 22:57 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-03-14 22:57 - 2014-03-14 22:57 - 00000000 ____D () C:\Program Files\Java
2014-03-14 22:55 - 2014-03-14 22:55 - 01064488 _____ (BillP Studios) C:\Users\Juga\Downloads\wpsetup.exe
2014-03-14 22:55 - 2014-03-14 22:55 - 00000000 ____D () C:\Users\Juga\AppData\Local\Secunia PSI
2014-03-14 22:54 - 2014-03-14 22:54 - 05329480 _____ (Secunia) C:\Users\Juga\Downloads\PSISetup_3.0.0.9016.exe
2014-03-14 22:54 - 2014-03-14 22:54 - 00000000 ____D () C:\Program Files (x86)\Secunia
2014-03-14 22:45 - 2014-03-14 22:45 - 00000834 _____ () C:\Users\Juga\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\adwcleaner.lnk
2014-03-14 21:26 - 2014-03-14 21:26 - 00024597 _____ () C:\ComboFix.txt
2014-03-14 21:18 - 2014-01-31 01:48 - 01339392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-03-14 21:18 - 2014-01-31 01:06 - 01628160 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-03-14 21:18 - 2013-10-25 08:34 - 00035856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2014-03-14 21:18 - 2013-10-24 23:34 - 00248240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2014-03-14 17:39 - 2014-03-14 17:39 - 00987442 _____ () C:\Users\Juga\Downloads\SecurityCheck(1).exe
2014-03-14 17:20 - 2014-03-16 23:06 - 00000000 ____D () C:\Users\Juga\Desktop\AdWareKiller
2014-03-14 16:54 - 2014-03-14 16:54 - 00000414 _____ () C:\Users\Juga\Desktop\Fixlist.txt.lnk
2014-03-14 11:55 - 2014-03-16 22:35 - 00008666 _____ () C:\Windows\PFRO.log
2014-03-14 11:48 - 2014-03-14 11:48 - 03105184 _____ () C:\Users\Juga\Downloads\BitDefender_Uninstall_Tool.exe
2014-03-14 11:12 - 2014-02-08 05:34 - 04036608 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-14 11:11 - 2014-02-23 09:13 - 02241536 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-14 11:11 - 2014-02-23 09:13 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-14 11:11 - 2014-02-23 09:13 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2014-03-14 11:11 - 2014-02-23 09:13 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2014-03-14 11:11 - 2014-02-23 09:13 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-14 11:11 - 2014-02-23 09:12 - 19273216 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-14 11:11 - 2014-02-23 09:12 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-14 11:11 - 2014-02-23 09:12 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-14 11:11 - 2014-02-23 09:11 - 15404032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-14 11:11 - 2014-02-23 09:11 - 03960320 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-14 11:11 - 2014-02-23 09:11 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-14 11:11 - 2014-02-23 09:11 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-03-14 11:11 - 2014-02-23 09:11 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-03-14 11:11 - 2014-02-23 09:11 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-14 11:11 - 2014-02-23 09:11 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-14 11:11 - 2014-02-23 09:11 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-14 11:11 - 2014-02-23 07:54 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-14 11:11 - 2014-02-23 07:54 - 01140736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-14 11:11 - 2014-02-23 07:54 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2014-03-14 11:11 - 2014-02-23 07:53 - 14358016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-14 11:11 - 2014-02-23 07:53 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-14 11:11 - 2014-02-23 07:53 - 02877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-14 11:11 - 2014-02-23 07:53 - 02049024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-14 11:11 - 2014-02-23 07:53 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-03-14 11:11 - 2014-02-23 07:53 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-14 11:11 - 2014-02-23 07:53 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-14 11:11 - 2014-02-23 07:53 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-03-14 11:11 - 2014-02-23 07:53 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-14 11:11 - 2014-02-23 07:53 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-14 11:11 - 2014-02-23 07:53 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-14 11:11 - 2014-02-23 07:35 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-14 11:11 - 2014-02-23 07:31 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-14 11:11 - 2014-02-23 05:06 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2014-03-13 18:25 - 2014-02-06 00:41 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-13 18:25 - 2014-02-06 00:37 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-03-11 13:54 - 2014-03-11 13:54 - 00001249 _____ () C:\Users\Juga\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpywareBlaster.lnk
2014-03-10 21:00 - 2014-03-16 22:55 - 01367404 _____ () C:\Windows\WindowsUpdate.log
2014-03-10 20:50 - 2014-03-10 22:22 - 00000000 ____D () C:\Program Files (x86)\FreeCommander XE
2014-03-10 20:50 - 2014-03-10 20:50 - 00000000 ____D () C:\Users\Juga\AppData\Local\FreeCommanderXE
2014-03-10 20:35 - 2014-03-10 21:00 - 00000000 ____D () C:\3590F75ABA9E485486C100C1A9D4FF06ZZZZZ.Z.ZZ.Z...Z
2014-03-10 07:00 - 2014-03-10 07:00 - 00000000 ____D () C:\Users\Juga\AppData\Local\Eraser 6
2014-03-09 23:08 - 2014-03-10 22:19 - 00000000 ____D () C:\Program Files\Eraser
2014-03-08 21:32 - 2014-03-08 22:24 - 00010748 _____ () C:\Users\Juga\Documents\foto-langen.xlsx
2014-03-08 18:49 - 2014-03-10 22:21 - 00000000 ____D () C:\Program Files (x86)\IrfanView
2014-03-08 13:42 - 2014-03-12 19:08 - 00000000 ____D () C:\Users\Juga\Desktop\Münze-
2014-03-07 13:35 - 2014-03-07 14:06 - 00008570 _____ () C:\Users\Juga\Documents\Telefonkosten.xlsx
2014-03-06 18:42 - 2014-03-06 18:43 - 00000000 ____D () C:\Users\Juga\Desktop\Tor Browser
2014-03-04 17:23 - 2014-03-04 19:46 - 00000000 ____D () C:\Users\Juga\Desktop\Münzbilder - test
2014-03-04 13:36 - 2014-03-04 17:35 - 00010867 _____ () C:\Users\Juga\Documents\Münzen.xlsx
2014-03-04 13:36 - 2014-03-04 13:36 - 00000165 ____H () C:\Users\Juga\Documents\~$Münzen.xlsx
2014-02-27 19:57 - 2014-03-15 11:27 - 00000000 ____D () C:\Program Files (x86)\SpywareBlaster
2014-02-27 19:57 - 2014-03-10 22:50 - 00000000 ____D () C:\ProgramData\Licenses
2014-02-27 19:56 - 2014-02-27 19:56 - 04095448 _____ (BrightFort LLC ) C:\Users\Juga\Downloads\spywareblastersetup50.exe
2014-02-27 19:56 - 2014-02-27 19:56 - 04095448 _____ (BrightFort LLC ) C:\Users\Juga\Downloads\spywareblastersetup50(1).exe
2014-02-26 13:59 - 2014-03-01 19:50 - 00001283 _____ () C:\Users\Juga\Desktop\Bahnfahrt-Beschwerde.txt
2014-02-24 23:07 - 2014-02-24 23:07 - 00987425 _____ () C:\Users\Juga\Downloads\SecurityCheck.exe
2014-02-23 21:17 - 2014-02-23 21:17 - 00000000 ____D () C:\Windows\ERUNT
2014-02-23 20:32 - 2014-03-14 22:47 - 00000000 ____D () C:\AdwCleaner
2014-02-23 12:15 - 2014-02-23 12:16 - 00000000 ____D () C:\Recovery
2014-02-22 12:09 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-02-22 12:09 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-02-22 12:09 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-02-22 12:09 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-02-22 12:09 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-02-22 12:09 - 2000-08-31 01:00 - 00212480 _____ (SteelWerX) C:\Windows\SWXCACLS.exe
2014-02-22 12:09 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2014-02-22 12:09 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2014-02-22 12:09 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2014-02-22 12:08 - 2014-03-14 21:26 - 00000000 ____D () C:\Qoobox
2014-02-22 12:08 - 2014-03-14 21:19 - 05190279 ____R (Swearware) C:\Users\Juga\Downloads\ComboFix.exe
2014-02-22 12:08 - 2014-03-10 23:07 - 00000000 ____D () C:\Windows\erdnt
2014-02-21 23:44 - 2014-02-21 23:44 - 00019926 _____ () C:\Users\Juga\Desktop\Bestätigung Ihrer Zahlung an Rove.design GmbH.eml
2014-02-20 16:18 - 2014-02-20 16:22 - 00002167 _____ () C:\Users\Public\Desktop\SteuerSparErklärung 2014.lnk
2014-02-20 16:18 - 2014-02-20 16:18 - 00000000 ____D () C:\Users\Juga\AppData\Local\AAV
2014-02-20 16:16 - 2014-02-20 16:19 - 00000000 ____D () C:\Program Files (x86)\Akademische Arbeitsgemeinschaft
2014-02-20 16:14 - 2014-02-20 16:19 - 00000000 ____D () C:\ProgramData\AAV
2014-02-20 14:27 - 2014-02-20 14:28 - 05631168 _____ (IvoSoft) C:\Users\Juga\Downloads\ClassicShellSetup_4_0_4.exe
2014-02-20 09:42 - 2014-03-10 22:39 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-02-20 09:42 - 2014-02-20 09:42 - 01678496 _____ (Skype Technologies S.A.) C:\Users\Juga\Downloads\SkypeSetup(2).exe
2014-02-20 09:42 - 2014-02-20 09:42 - 00002699 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-02-19 21:24 - 2014-03-10 20:43 - 00000000 ____D () C:\Program Files (x86)\Google
2014-02-19 20:34 - 2014-02-19 20:34 - 00000000 ____D () C:\ProgramData\ClassicShell
2014-02-19 18:21 - 2014-02-19 18:21 - 00299776 _____ () C:\Windows\Minidump\021914-7500-01.dmp
2014-02-19 17:09 - 2014-02-19 17:09 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Juga\Downloads\mbam-consumer.exe
2014-02-19 16:30 - 2014-03-14 21:44 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-19 16:30 - 2014-02-20 09:38 - 00000000 ____D () C:\Users\Juga\AppData\Roaming\Malwarebytes
2014-02-19 16:30 - 2014-02-20 09:38 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-02-19 16:30 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-02-19 16:29 - 2014-02-19 16:29 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Juga\Downloads\mbam-setup-1.75.0.1300.exe
2014-02-19 16:03 - 2014-02-19 16:03 - 00000470 _____ () C:\Windows\SysWOW64\defogger_disable.log
2014-02-19 15:51 - 2014-02-19 15:51 - 00296784 _____ () C:\Windows\Minidump\021914-7562-01.dmp
2014-02-19 15:44 - 2014-02-19 15:44 - 00299816 _____ () C:\Windows\Minidump\021914-7718-01.dmp
2014-02-19 15:41 - 2014-03-16 23:06 - 00000000 ____D () C:\FRST
2014-02-19 12:46 - 2014-02-19 12:46 - 01141248 _____ (Farbar) C:\Users\Juga\Downloads\FRST.exe
2014-02-19 12:46 - 2014-02-19 12:46 - 00000000 _____ () C:\Users\Juga\defogger_reenable
2014-02-19 10:15 - 2014-03-15 22:39 - 00003576 _____ () C:\Windows\System32\Tasks\Bitdefender Auto-Scan
2014-02-18 08:48 - 2014-02-20 09:38 - 00000000 ____D () C:\Users\Juga\AppData\Local\Skype
2014-02-18 08:48 - 2014-02-18 08:48 - 00003142 _____ () C:\Windows\System32\Tasks\{CEEC242F-CB31-4B7C-BA41-759D23FC22A4}
2014-02-18 08:47 - 2014-02-18 08:47 - 01659552 _____ (Skype Technologies S.A.) C:\Users\Juga\Downloads\SkypeSetup(1).exe
2014-02-16 22:06 - 2014-03-10 22:42 - 00000000 ____D () C:\Program Files\CCleaner
2014-02-16 22:06 - 2014-02-16 22:06 - 00002770 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-02-16 22:05 - 2014-02-16 22:06 - 03645064 _____ (Piriform Ltd) C:\Users\Juga\Downloads\ccsetup410_slim.exe
2014-02-16 17:50 - 2014-03-10 23:50 - 00000000 ____D () C:\Windows\SysWOW64\NV
2014-02-16 17:50 - 2014-03-10 23:48 - 00000000 ____D () C:\Windows\system32\NV
2014-02-16 12:58 - 2014-02-16 12:59 - 54537728 _____ () C:\Users\Juga\Downloads\calibre-1.24.0.msi
2014-02-16 06:31 - 2013-12-07 07:36 - 19751936 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-02-16 06:31 - 2013-12-07 06:15 - 17560576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-02-15 20:17 - 2014-02-15 20:17 - 24490112 _____ (Mozilla) C:\Users\Juga\Downloads\Firefox Setup 27.0.1.exe
2014-02-14 10:11 - 2014-03-10 22:39 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox

==================== One Month Modified Files and Folders =======

2014-03-16 23:06 - 2014-03-14 17:20 - 00000000 ____D () C:\Users\Juga\Desktop\AdWareKiller
2014-03-16 23:06 - 2014-02-19 15:41 - 00000000 ____D () C:\FRST
2014-03-16 23:00 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\system32\sru
2014-03-16 22:55 - 2014-03-10 21:00 - 01367404 _____ () C:\Windows\WindowsUpdate.log
2014-03-16 22:55 - 2013-05-07 18:30 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3203196741-1805427045-687499267-1002
2014-03-16 22:50 - 2013-09-16 18:17 - 00000513 _____ () C:\Windows\system32\checkdnsid.xml
2014-03-16 22:49 - 2013-09-14 22:45 - 00000000 ____D () C:\Users\Juga\Documents\Calibre-Bibliothek
2014-03-16 22:47 - 2013-05-06 21:41 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-16 22:40 - 2012-08-03 00:02 - 00761598 _____ () C:\Windows\system32\perfh007.dat
2014-03-16 22:40 - 2012-08-03 00:02 - 00159306 _____ () C:\Windows\system32\perfc007.dat
2014-03-16 22:40 - 2012-07-26 08:28 - 01748838 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-16 22:35 - 2014-03-16 22:35 - 00323576 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-16 22:35 - 2014-03-16 22:35 - 00000385 _____ () C:\Windows\system32\user_gensett.xml
2014-03-16 22:35 - 2014-03-16 22:35 - 00000022 _____ () C:\Windows\S.dirmngr
2014-03-16 22:35 - 2014-03-14 11:55 - 00008666 _____ () C:\Windows\PFRO.log
2014-03-16 22:35 - 2013-05-06 18:53 - 00000500 _____ () C:\Users\Juga\AppData\Roaming\sp_data.sys
2014-03-16 22:35 - 2012-07-26 08:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-16 22:35 - 2012-07-26 06:26 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-03-16 22:34 - 2013-06-30 21:58 - 524288512 _____ () C:\Users\Juga\Desktop\Datentresor - Ruppert.bvd
2014-03-16 22:34 - 2013-05-11 16:41 - 00000000 ____D () C:\Users\Juga\AppData\Roaming\vlc
2014-03-16 22:34 - 2012-07-26 06:26 - 00524288 ___SH () C:\Windows\system32\config\BBI
2014-03-16 22:31 - 2014-01-08 10:52 - 00000000 ____D () C:\Users\Juga\AppData\Roaming\ClassicShell
2014-03-16 22:30 - 2014-03-16 22:30 - 01064488 _____ (BillP Studios) C:\Users\Juga\Downloads\wpsetup(1).exe
2014-03-16 22:30 - 2014-03-16 22:30 - 00700980 _____ () C:\Users\Juga\Downloads\adblock_edge-2.0.7-sm+an+tb+fx-windows.xpi
2014-03-16 22:28 - 2013-05-09 10:21 - 00000000 ____D () C:\Users\Juga\AppData\Roaming\Skype
2014-03-16 22:21 - 2014-03-16 22:21 - 00000190 _____ () C:\Users\Juga\Desktop\fixlist.txt
2014-03-16 14:43 - 2013-05-09 10:31 - 00000121 _____ () C:\Users\Public\LMDebug.log
2014-03-16 12:24 - 2013-12-16 15:50 - 00001028 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-03-16 09:51 - 2014-03-16 09:51 - 00000568 _____ () C:\Users\Public\Desktop\Biet-O-Matic.lnk
2014-03-16 09:43 - 2014-03-16 09:43 - 04653537 _____ () C:\Users\Juga\Downloads\BOM21412_setup.exe
2014-03-15 22:39 - 2014-02-19 10:15 - 00003576 _____ () C:\Windows\System32\Tasks\Bitdefender Auto-Scan
2014-03-15 16:50 - 2014-03-15 16:50 - 00001774 _____ () C:\Users\Juga\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\mbam.exe - Verknüpfung.lnk
2014-03-15 16:40 - 2014-03-15 16:16 - 00009247 _____ () C:\Users\Juga\Documents\Zeitschriften-Festgeld-Gas-Strom.xlsx
2014-03-15 16:02 - 2014-03-15 16:02 - 00000195 _____ () C:\Users\Juga\Documents\jr.bwl
2014-03-15 15:19 - 2014-03-15 15:01 - 00261056 _____ (BitDefender) C:\Windows\system32\Drivers\avchv.sys
2014-03-15 15:19 - 2014-03-15 15:01 - 00074512 _____ (BitDefender SRL) C:\Windows\SysWOW64\bdsandboxuiskin32.dll
2014-03-15 15:19 - 2014-03-15 14:54 - 00074512 _____ (BitDefender SRL) C:\Windows\system32\bdsandboxuiskin32.dll
2014-03-15 15:19 - 2014-03-15 14:54 - 00000000 ____D () C:\ProgramData\Bitdefender
2014-03-15 15:16 - 2014-03-15 14:56 - 00000000 ____D () C:\Users\Juga\AppData\Roaming\Bitdefender
2014-03-15 15:04 - 2014-03-15 15:04 - 02257742 _____ () C:\ProgramData\1394891656.bdinstall.bin
2014-03-15 15:01 - 2014-03-15 15:01 - 00002188 _____ () C:\Users\Public\Desktop\Bitdefender Safepay.lnk
2014-03-15 15:01 - 2014-03-15 15:01 - 00002144 _____ () C:\Users\Public\Desktop\Bitdefender Total Security.lnk
2014-03-15 15:01 - 2014-03-15 15:01 - 00000299 _____ () C:\Windows\setupact.log
2014-03-15 15:01 - 2014-03-15 15:01 - 00000000 _____ () C:\Windows\setuperr.log
2014-03-15 14:56 - 2014-03-15 14:54 - 00000000 ____D () C:\Program Files\Bitdefender
2014-03-15 14:54 - 2014-03-15 14:54 - 00000000 ____D () C:\Program Files\Common Files\Bitdefender
2014-03-15 14:53 - 2014-03-15 14:53 - 07304560 _____ () C:\Users\Juga\Downloads\bitdefender_tsecurity(1).exe
2014-03-15 14:39 - 2012-07-26 09:12 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-03-15 14:39 - 2012-07-26 09:12 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-03-15 14:39 - 2012-07-26 09:12 - 00000000 ____D () C:\Program Files\Windows Defender
2014-03-15 14:39 - 2012-07-26 09:12 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-03-15 11:32 - 2013-07-11 10:30 - 00000000 ____D () C:\Windows\system32\MRT
2014-03-15 11:30 - 2013-05-06 19:57 - 90015360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-03-15 11:29 - 2014-03-15 11:29 - 00091541 _____ () C:\ProgramData\1394879380.bdinstall.bin
2014-03-15 11:29 - 2014-03-15 11:29 - 00001549 _____ () C:\ProgramData\1394879387.bdinstall.bin
2014-03-15 11:28 - 2014-03-15 11:28 - 00091543 _____ () C:\ProgramData\1394879319.bdinstall.bin
2014-03-15 11:28 - 2014-03-15 11:28 - 00091542 _____ () C:\ProgramData\1394879295.bdinstall.bin
2014-03-15 11:28 - 2014-03-15 11:28 - 00091541 _____ () C:\ProgramData\1394879279.bdinstall.bin
2014-03-15 11:28 - 2014-03-15 11:28 - 00001549 _____ () C:\ProgramData\1394879303.bdinstall.bin
2014-03-15 11:28 - 2014-03-15 11:28 - 00001548 _____ () C:\ProgramData\1394879324.bdinstall.bin
2014-03-15 11:28 - 2014-03-15 11:28 - 00001548 _____ () C:\ProgramData\1394879284.bdinstall.bin
2014-03-15 11:27 - 2014-03-15 11:27 - 00091541 _____ () C:\ProgramData\1394879244.bdinstall.bin
2014-03-15 11:27 - 2014-03-15 11:27 - 00001548 _____ () C:\ProgramData\1394879252.bdinstall.bin
2014-03-15 11:27 - 2014-02-27 19:57 - 00000000 ____D () C:\Program Files (x86)\SpywareBlaster
2014-03-15 11:24 - 2014-03-15 11:24 - 07302320 _____ () C:\Users\Juga\Downloads\bitdefender_tsecurity.exe
2014-03-15 11:24 - 2013-06-22 06:43 - 00000000 ____D () C:\Users\Juga\AppData\Roaming\gnupg
2014-03-15 10:22 - 2013-05-07 21:13 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-03-14 23:16 - 2014-03-14 23:16 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-03-14 23:15 - 2014-03-14 23:15 - 00000745 _____ () C:\Users\Juga\Desktop\JRT.txt
2014-03-14 22:57 - 2014-03-14 22:57 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-03-14 22:57 - 2014-03-14 22:57 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-03-14 22:57 - 2014-03-14 22:57 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-03-14 22:57 - 2014-03-14 22:57 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-03-14 22:57 - 2014-03-14 22:57 - 00000000 ____D () C:\Program Files\Java
2014-03-14 22:55 - 2014-03-14 22:55 - 01064488 _____ (BillP Studios) C:\Users\Juga\Downloads\wpsetup.exe
2014-03-14 22:55 - 2014-03-14 22:55 - 00000000 ____D () C:\Users\Juga\AppData\Local\Secunia PSI
2014-03-14 22:54 - 2014-03-14 22:54 - 05329480 _____ (Secunia) C:\Users\Juga\Downloads\PSISetup_3.0.0.9016.exe
2014-03-14 22:54 - 2014-03-14 22:54 - 00000000 ____D () C:\Program Files (x86)\Secunia
2014-03-14 22:47 - 2014-02-23 20:32 - 00000000 ____D () C:\AdwCleaner
2014-03-14 22:45 - 2014-03-14 22:45 - 00000834 _____ () C:\Users\Juga\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\adwcleaner.lnk
2014-03-14 21:44 - 2014-02-19 16:30 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-03-14 21:26 - 2014-03-14 21:26 - 00024597 _____ () C:\ComboFix.txt
2014-03-14 21:26 - 2014-02-22 12:08 - 00000000 ____D () C:\Qoobox
2014-03-14 21:24 - 2012-07-26 06:26 - 00000215 _____ () C:\Windows\system.ini
2014-03-14 21:19 - 2014-02-22 12:08 - 05190279 ____R (Swearware) C:\Users\Juga\Downloads\ComboFix.exe
2014-03-14 17:39 - 2014-03-14 17:39 - 00987442 _____ () C:\Users\Juga\Downloads\SecurityCheck(1).exe
2014-03-14 16:54 - 2014-03-14 16:54 - 00000414 _____ () C:\Users\Juga\Desktop\Fixlist.txt.lnk
2014-03-14 11:48 - 2014-03-14 11:48 - 03105184 _____ () C:\Users\Juga\Downloads\BitDefender_Uninstall_Tool.exe
2014-03-14 11:34 - 2013-06-10 10:11 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-14 11:34 - 2013-06-10 10:11 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-03-13 17:18 - 2013-08-09 17:51 - 00000000 ____D () C:\Program Files (x86)\StarMoney 9.0
2014-03-12 19:08 - 2014-03-08 13:42 - 00000000 ____D () C:\Users\Juga\Desktop\Münze-
2014-03-11 22:52 - 2013-05-06 18:52 - 00000000 ___RD () C:\Users\Juga\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-03-11 19:47 - 2013-05-06 21:41 - 00003772 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-03-11 19:34 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\AUInstallAgent
2014-03-11 13:54 - 2014-03-11 13:54 - 00001249 _____ () C:\Users\Juga\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpywareBlaster.lnk
2014-03-11 07:05 - 2013-05-06 18:50 - 00000000 ____D () C:\Users\Juga
2014-03-11 00:04 - 2013-10-21 11:38 - 00000000 ____D () C:\Program Files (x86)\PDF Architect
2014-03-11 00:04 - 2013-10-20 21:46 - 00000000 ____D () C:\Users\Juga\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JonDoFox
2014-03-11 00:04 - 2013-09-30 17:11 - 00000000 ____D () C:\Users\Juga\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Total Commander
2014-03-11 00:04 - 2013-05-24 05:45 - 00000000 ____D () C:\Windows\Minidump
2014-03-11 00:04 - 2013-05-09 17:55 - 00000000 ____D () C:\ProgramData\DatacardService
2014-03-11 00:03 - 2012-08-02 14:28 - 00000000 ____D () C:\Users\Administrator
2014-03-10 23:58 - 2012-07-26 09:12 - 00000000 ___RD () C:\Windows\Offline Web Pages
2014-03-10 23:55 - 2012-11-15 20:03 - 00000000 ____D () C:\ProgramData\USBChargerPlus
2014-03-10 23:55 - 2012-11-15 19:47 - 00000000 ____D () C:\ProgramData\P4G
2014-03-10 23:55 - 2012-11-15 19:40 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-03-10 23:55 - 2012-08-02 14:28 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-03-10 23:55 - 2012-08-02 14:28 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-03-10 23:55 - 2012-08-02 14:28 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-03-10 23:55 - 2012-07-26 09:12 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-03-10 23:55 - 2012-07-26 09:12 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-03-10 23:55 - 2012-07-26 09:12 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-03-10 23:55 - 2012-07-26 09:12 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-03-10 23:51 - 2013-05-06 20:20 - 00000000 ___RD () C:\Windows\BrowserChoice
2014-03-10 23:51 - 2012-11-15 19:50 - 00000000 ____D () C:\Windows\ASUSProductDemoMovie
2014-03-10 23:51 - 2012-11-15 19:41 - 00000000 ____D () C:\Windows\SysWOW64\sda
2014-03-10 23:51 - 2012-11-15 19:41 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM
2014-03-10 23:51 - 2012-11-15 19:40 - 00000000 ___RD () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-03-10 23:51 - 2012-11-15 19:40 - 00000000 ___RD () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-03-10 23:51 - 2012-11-15 19:40 - 00000000 ___RD () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-03-10 23:51 - 2012-08-17 01:53 - 00000000 ____D () C:\ProgramData\ChangeFolderView
2014-03-10 23:51 - 2012-08-02 14:33 - 00000000 ____D () C:\Windows\Log
2014-03-10 23:51 - 2012-08-02 14:33 - 00000000 ____D () C:\Windows\ASUS
2014-03-10 23:51 - 2012-08-02 14:28 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-03-10 23:51 - 2012-08-02 14:28 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-03-10 23:51 - 2012-08-02 14:28 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-03-10 23:51 - 2012-07-26 09:12 - 00000000 __RSD () C:\Windows\Media
2014-03-10 23:51 - 2012-07-26 09:12 - 00000000 __RHD () C:\Users\Public\Libraries
2014-03-10 23:51 - 2012-07-26 09:12 - 00000000 ___RD () C:\Windows\ToastData
2014-03-10 23:51 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\SysWOW64\Recovery
2014-03-10 23:51 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\system32\WinMetadata
2014-03-10 23:50 - 2014-02-16 17:50 - 00000000 ____D () C:\Windows\SysWOW64\NV
2014-03-10 23:49 - 2012-07-26 06:38 - 00000000 ____D () C:\Windows\system32\Sysprep
2014-03-10 23:48 - 2014-02-16 17:50 - 00000000 ____D () C:\Windows\system32\NV
2014-03-10 23:35 - 2012-07-26 10:45 - 00000000 ____D () C:\Windows\ShellNew
2014-03-10 23:07 - 2014-02-22 12:08 - 00000000 ____D () C:\Windows\erdnt
2014-03-10 23:03 - 2013-12-29 14:30 - 00000000 ____D () C:\Users\Juga\Downloads\Office2007PIARedist
2014-03-10 23:03 - 2013-09-22 11:12 - 00000000 ____D () C:\Users\Juga\Documents\Gutenberg-DE - Edition 12
2014-03-10 23:03 - 2013-08-29 00:50 - 00000000 ____D () C:\Users\Juga\Documents\StreamTransport
2014-03-10 23:03 - 2013-06-02 22:17 - 00000000 ___RD () C:\Users\Juga\Dropbox
2014-03-10 23:02 - 2013-11-10 22:27 - 00000000 ____D () C:\Users\Juga\AppData\Roaming\xm1
2014-03-10 23:02 - 2013-11-10 13:00 - 00000000 ____D () C:\Users\Juga\Desktop\pib
2014-03-10 23:02 - 2013-10-21 13:16 - 00000000 ____D () C:\Users\Juga\Documents\Audible
2014-03-10 23:02 - 2013-10-21 11:46 - 00000000 ____D () C:\Users\Juga\AppData\Roaming\Scan2PDF
2014-03-10 23:02 - 2013-10-04 09:49 - 00000000 ____D () C:\Users\Juga\AppData\Roaming\tor
2014-03-10 23:02 - 2013-05-11 16:20 - 00000000 ____D () C:\Users\Juga\Documents\a702_1.2
2014-03-10 23:02 - 2013-05-06 19:00 - 00000000 ____D () C:\Users\Juga\AppData\Roaming\Thunderbird
2014-03-10 23:01 - 2014-02-13 09:58 - 00000000 ____D () C:\Users\Juga\AppData\Local\Tempfeb52be43e051bfaf4839a6935e00e42
2014-03-10 23:01 - 2014-02-13 09:57 - 00000000 ____D () C:\Users\Juga\AppData\Local\Temp14b5077f6956a3517aafd12a4b0ddc8f
2014-03-10 23:01 - 2013-09-30 17:11 - 00000000 ____D () C:\Users\Juga\AppData\Roaming\GHISLER
2014-03-10 23:01 - 2013-06-15 14:16 - 00000000 ____D () C:\Users\Juga\AppData\Roaming\dvdcss
2014-03-10 23:01 - 2013-05-06 18:52 - 00000000 ___RD () C:\Users\Juga\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-03-10 23:01 - 2013-05-06 18:50 - 00000000 ___RD () C:\Users\Juga\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-03-10 23:01 - 2013-05-06 18:50 - 00000000 ___RD () C:\Users\Juga\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-03-10 23:01 - 2013-05-06 18:50 - 00000000 ___RD () C:\Users\Juga\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-03-10 23:01 - 2013-05-06 18:50 - 00000000 ____D () C:\Users\Juga\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-03-10 23:00 - 2014-02-13 09:58 - 00000000 ____D () C:\Users\Juga\AppData\Local\Temp12e72473eede95c369de200ff0f01ceb
2014-03-10 22:52 - 2013-11-02 21:16 - 00000000 ____D () C:\ProgramData\Package Cache
2014-03-10 22:52 - 2013-09-30 17:11 - 00000000 ____D () C:\totalcmd
2014-03-10 22:52 - 2013-09-04 07:41 - 00000000 ____D () C:\Users\Juga\AppData\Local\gtk-2.0
2014-03-10 22:52 - 2013-08-19 19:14 - 00000000 __SHD () C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
2014-03-10 22:52 - 2013-05-18 10:02 - 00000000 ____D () C:\Users\Juga\AppData\Local\Downloaded Installations
2014-03-10 22:52 - 2013-05-09 10:21 - 00000000 ____D () C:\ProgramData\Skype
2014-03-10 22:52 - 2013-05-07 21:13 - 00000000 ____D () C:\Users\Juga\AppData\Local\Microsoft Help
2014-03-10 22:52 - 2013-05-06 18:50 - 00000000 ____D () C:\Users\Juga\AppData\Local\ASUS
2014-03-10 22:52 - 2012-11-15 19:48 - 00000000 ____D () C:\Users\Administrator\AppData\Local\ASUS
2014-03-10 22:52 - 2012-11-15 19:39 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-03-10 22:52 - 2012-07-26 09:12 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-03-10 22:52 - 2012-07-26 09:12 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-03-10 22:50 - 2014-02-27 19:57 - 00000000 ____D () C:\ProgramData\Licenses
2014-03-10 22:50 - 2013-05-06 18:51 - 00000000 ____D () C:\ProgramData\FolderView
2014-03-10 22:50 - 2012-11-15 19:50 - 00000000 ____D () C:\ProgramData\ASUSVibe
2014-03-10 22:50 - 2012-08-17 01:53 - 00000000 ____D () C:\ProgramData\McAfee
2014-03-10 22:50 - 2012-08-17 01:53 - 00000000 ____D () C:\ProgramData\ASUS WebStorage
2014-03-10 22:47 - 2013-09-29 19:33 - 00000000 ____D () C:\Program Files\WinDjView
2014-03-10 22:47 - 2012-11-15 19:39 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-03-10 22:44 - 2013-09-04 07:27 - 00000000 ____D () C:\Program Files\GIMP 2
2014-03-10 22:42 - 2014-02-16 22:06 - 00000000 ____D () C:\Program Files\CCleaner
2014-03-10 22:42 - 2014-01-08 10:52 - 00000000 ____D () C:\Program Files\Classic Shell
2014-03-10 22:42 - 2013-11-11 07:12 - 00000000 ____D () C:\Program Files (x86)\wGet
2014-03-10 22:42 - 2013-08-18 10:30 - 00000000 ____D () C:\Program Files\Common Files\logishrd
2014-03-10 22:42 - 2012-11-15 19:43 - 00000000 ____D () C:\Program Files\DIFX
2014-03-10 22:42 - 2012-07-26 09:12 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-03-10 22:41 - 2013-11-10 22:12 - 00000000 ____D () C:\Program Files (x86)\Texmaker
2014-03-10 22:41 - 2013-11-02 21:57 - 00000000 ____D () C:\Program Files (x86)\Tor Browser
2014-03-10 22:41 - 2013-10-04 09:49 - 00000000 ____D () C:\Program Files (x86)\Vidalia Relay Bundle
2014-03-10 22:41 - 2013-08-29 00:41 - 00000000 ____D () C:\Program Files (x86)\StreamTransport
2014-03-10 22:39 - 2014-02-20 09:42 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-03-10 22:39 - 2014-02-14 10:11 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-10 22:39 - 2014-02-05 13:45 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-03-10 22:39 - 2013-10-21 11:46 - 00000000 ____D () C:\Program Files (x86)\Scan2PDF
2014-03-10 22:39 - 2013-05-16 23:12 - 00000000 ____D () C:\Program Files (x86)\PDFCreator
2014-03-10 22:39 - 2013-05-06 18:55 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-03-10 22:39 - 2012-11-15 19:41 - 00000000 ____D () C:\Program Files (x86)\Realtek
2014-03-10 22:39 - 2012-11-15 19:39 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-03-10 22:38 - 2013-05-09 17:55 - 00000000 ____D () C:\Program Files (x86)\Mobile Partner
2014-03-10 22:35 - 2013-05-07 21:28 - 00000000 ____D () C:\Program Files (x86)\Microsoft Works
2014-03-10 22:35 - 2013-05-07 21:13 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-03-10 22:34 - 2013-10-20 21:34 - 00000000 ____D () C:\Program Files (x86)\JonDo
2014-03-10 22:33 - 2013-11-10 21:24 - 00000000 ____D () C:\Program Files (x86)\GnuWin32
2014-03-10 22:33 - 2013-08-27 18:02 - 00000000 ____D () C:\Program Files (x86)\FLV Player
2014-03-10 22:32 - 2013-09-14 22:45 - 00000000 ____D () C:\Program Files (x86)\Calibre2
2014-03-10 22:29 - 2013-10-21 13:16 - 00000000 ____D () C:\Program Files (x86)\Audible
2014-03-10 22:29 - 2013-09-17 22:17 - 00000000 ____D () C:\Program Files (x86)\Audiograbber
2014-03-10 22:29 - 2012-08-17 01:53 - 00000000 ____D () C:\Program Files (x86)\ASUS
2014-03-10 22:28 - 2013-09-28 14:18 - 00000000 ____D () C:\Program Files (x86)\7-Zip
2014-03-10 22:28 - 2013-08-15 10:47 - 00000000 ____D () C:\Fraps
2014-03-10 22:28 - 2012-11-15 19:35 - 00000000 ____D () C:\Intel
2014-03-10 22:22 - 2014-03-10 20:50 - 00000000 ____D () C:\Program Files (x86)\FreeCommander XE
2014-03-10 22:21 - 2014-03-08 18:49 - 00000000 ____D () C:\Program Files (x86)\IrfanView
2014-03-10 22:19 - 2014-03-09 23:08 - 00000000 ____D () C:\Program Files\Eraser
2014-03-10 22:15 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\registration
2014-03-10 21:00 - 2014-03-10 20:35 - 00000000 ____D () C:\3590F75ABA9E485486C100C1A9D4FF06ZZZZZ.Z.ZZ.Z...Z
2014-03-10 20:50 - 2014-03-10 20:50 - 00000000 ____D () C:\Users\Juga\AppData\Local\FreeCommanderXE
2014-03-10 20:47 - 2013-10-21 13:16 - 00000000 ____D () C:\Users\Public\Documents\Audible
2014-03-10 20:43 - 2014-02-19 21:24 - 00000000 ____D () C:\Program Files (x86)\Google
2014-03-10 20:43 - 2013-10-03 12:01 - 00000000 ____D () C:\Users\Juga\AppData\Local\Google
2014-03-10 20:14 - 2014-01-03 16:19 - 00000000 ____D () C:\Users\Juga\Desktop\pics
2014-03-10 07:00 - 2014-03-10 07:00 - 00000000 ____D () C:\Users\Juga\AppData\Local\Eraser 6
2014-03-08 22:24 - 2014-03-08 21:32 - 00010748 _____ () C:\Users\Juga\Documents\foto-langen.xlsx
2014-03-07 14:06 - 2014-03-07 13:35 - 00008570 _____ () C:\Users\Juga\Documents\Telefonkosten.xlsx
2014-03-06 18:43 - 2014-03-06 18:42 - 00000000 ____D () C:\Users\Juga\Desktop\Tor Browser
2014-03-04 23:52 - 2012-07-26 09:14 - 00694240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-04 23:52 - 2012-07-26 09:14 - 00078304 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-04 19:46 - 2014-03-04 17:23 - 00000000 ____D () C:\Users\Juga\Desktop\Münzbilder - test
2014-03-04 17:35 - 2014-03-04 13:36 - 00010867 _____ () C:\Users\Juga\Documents\Münzen.xlsx
2014-03-04 13:36 - 2014-03-04 13:36 - 00000165 ____H () C:\Users\Juga\Documents\~$Münzen.xlsx
2014-03-03 20:26 - 2013-08-26 18:00 - 00017974 _____ () C:\Users\Juga\Documents\DVD Liste.xlsx
2014-03-01 19:50 - 2014-02-26 13:59 - 00001283 _____ () C:\Users\Juga\Desktop\Bahnfahrt-Beschwerde.txt
2014-02-27 19:56 - 2014-02-27 19:56 - 04095448 _____ (BrightFort LLC ) C:\Users\Juga\Downloads\spywareblastersetup50.exe
2014-02-27 19:56 - 2014-02-27 19:56 - 04095448 _____ (BrightFort LLC ) C:\Users\Juga\Downloads\spywareblastersetup50(1).exe
2014-02-26 13:43 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\ELAMBKUP
2014-02-24 23:07 - 2014-02-24 23:07 - 00987425 _____ () C:\Users\Juga\Downloads\SecurityCheck.exe
2014-02-23 21:17 - 2014-02-23 21:17 - 00000000 ____D () C:\Windows\ERUNT
2014-02-23 12:16 - 2014-02-23 12:15 - 00000000 ____D () C:\Recovery
2014-02-23 12:10 - 2013-05-06 18:50 - 00066678 _____ () C:\Windows\diagwrn.xml
2014-02-23 12:10 - 2013-05-06 18:50 - 00066678 _____ () C:\Windows\diagerr.xml
2014-02-23 12:04 - 2013-08-18 10:30 - 00008713 _____ () C:\Windows\system32\lvcoinst.log
2014-02-23 09:13 - 2014-03-14 11:11 - 02241536 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-23 09:13 - 2014-03-14 11:11 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-23 09:13 - 2014-03-14 11:11 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2014-02-23 09:13 - 2014-03-14 11:11 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2014-02-23 09:13 - 2014-03-14 11:11 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-23 09:12 - 2014-03-14 11:11 - 19273216 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-23 09:12 - 2014-03-14 11:11 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-23 09:12 - 2014-03-14 11:11 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-23 09:11 - 2014-03-14 11:11 - 15404032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-23 09:11 - 2014-03-14 11:11 - 03960320 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-23 09:11 - 2014-03-14 11:11 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-23 09:11 - 2014-03-14 11:11 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-02-23 09:11 - 2014-03-14 11:11 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-02-23 09:11 - 2014-03-14 11:11 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-23 09:11 - 2014-03-14 11:11 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-23 09:11 - 2014-03-14 11:11 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-23 07:54 - 2014-03-14 11:11 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-23 07:54 - 2014-03-14 11:11 - 01140736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-23 07:54 - 2014-03-14 11:11 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2014-02-23 07:53 - 2014-03-14 11:11 - 14358016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-23 07:53 - 2014-03-14 11:11 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-23 07:53 - 2014-03-14 11:11 - 02877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-23 07:53 - 2014-03-14 11:11 - 02049024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-23 07:53 - 2014-03-14 11:11 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-02-23 07:53 - 2014-03-14 11:11 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-23 07:53 - 2014-03-14 11:11 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-23 07:53 - 2014-03-14 11:11 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-02-23 07:53 - 2014-03-14 11:11 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-23 07:53 - 2014-03-14 11:11 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-23 07:53 - 2014-03-14 11:11 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-23 07:35 - 2014-03-14 11:11 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-23 07:31 - 2014-03-14 11:11 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-23 05:06 - 2014-03-14 11:11 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2014-02-22 15:31 - 2013-12-29 14:33 - 00000285 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
2014-02-22 12:22 - 2012-07-26 06:37 - 00000000 __RHD () C:\Users\Default
2014-02-21 23:44 - 2014-02-21 23:44 - 00019926 _____ () C:\Users\Juga\Desktop\Bestätigung Ihrer Zahlung an Rove.design GmbH.eml
2014-02-20 20:39 - 2013-05-08 17:53 - 00000000 ____D () C:\Users\Juga\AppData\Local\Adobe
2014-02-20 16:22 - 2014-02-20 16:18 - 00002167 _____ () C:\Users\Public\Desktop\SteuerSparErklärung 2014.lnk
2014-02-20 16:19 - 2014-02-20 16:16 - 00000000 ____D () C:\Program Files (x86)\Akademische Arbeitsgemeinschaft
2014-02-20 16:19 - 2014-02-20 16:14 - 00000000 ____D () C:\ProgramData\AAV
2014-02-20 16:18 - 2014-02-20 16:18 - 00000000 ____D () C:\Users\Juga\AppData\Local\AAV
2014-02-20 14:28 - 2014-02-20 14:27 - 05631168 _____ (IvoSoft) C:\Users\Juga\Downloads\ClassicShellSetup_4_0_4.exe
2014-02-20 09:42 - 2014-02-20 09:42 - 01678496 _____ (Skype Technologies S.A.) C:\Users\Juga\Downloads\SkypeSetup(2).exe
2014-02-20 09:42 - 2014-02-20 09:42 - 00002699 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-02-20 09:40 - 2012-07-26 09:12 - 00000000 ____D () C:\Program Files\Windows Portable Devices
2014-02-20 09:39 - 2012-07-26 09:12 - 00000000 ___RD () C:\Windows\ImmersiveControlPanel
2014-02-20 09:39 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\WinStore
2014-02-20 09:39 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\SysWOW64\MSDRM
2014-02-20 09:39 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\system32\MSDRM
2014-02-20 09:39 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\rescache
2014-02-20 09:39 - 2012-07-26 06:37 - 00000000 ____D () C:\Windows\servicing
2014-02-20 09:38 - 2014-02-19 16:30 - 00000000 ____D () C:\Users\Juga\AppData\Roaming\Malwarebytes
2014-02-20 09:38 - 2014-02-19 16:30 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-02-20 09:38 - 2014-02-18 08:48 - 00000000 ____D () C:\Users\Juga\AppData\Local\Skype
2014-02-20 09:38 - 2013-04-02 14:25 - 00000000 ____D () C:\Users\Juga\AppData\Local\Packages
2014-02-20 09:38 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\Help
2014-02-20 09:37 - 2013-05-10 20:39 - 00000000 ____D () C:\Program Files (x86)\Java
2014-02-20 09:37 - 2012-11-15 19:35 - 00000000 ____D () C:\Program Files (x86)\Intel
2014-02-20 09:23 - 2013-05-08 06:20 - 00000000 ____D () C:\Users\Juga\AppData\Roaming\QuickScan
2014-02-19 23:36 - 2013-05-08 06:24 - 00000000 ____D () C:\ProgramData\BDLogging
2014-02-19 20:34 - 2014-02-19 20:34 - 00000000 ____D () C:\ProgramData\ClassicShell
2014-02-19 18:21 - 2014-02-19 18:21 - 00299776 _____ () C:\Windows\Minidump\021914-7500-01.dmp
2014-02-19 17:09 - 2014-02-19 17:09 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Juga\Downloads\mbam-consumer.exe
2014-02-19 16:29 - 2014-02-19 16:29 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Juga\Downloads\mbam-setup-1.75.0.1300.exe
2014-02-19 16:03 - 2014-02-19 16:03 - 00000470 _____ () C:\Windows\SysWOW64\defogger_disable.log
2014-02-19 15:51 - 2014-02-19 15:51 - 00296784 _____ () C:\Windows\Minidump\021914-7562-01.dmp
2014-02-19 15:44 - 2014-02-19 15:44 - 00299816 _____ () C:\Windows\Minidump\021914-7718-01.dmp
2014-02-19 12:46 - 2014-02-19 12:46 - 01141248 _____ (Farbar) C:\Users\Juga\Downloads\FRST.exe
2014-02-19 12:46 - 2014-02-19 12:46 - 00000000 _____ () C:\Users\Juga\defogger_reenable
2014-02-19 12:43 - 2013-07-26 23:49 - 00000101 _____ () C:\Users\Juga\AppData\Roaming\WB.CFG
2014-02-18 08:48 - 2014-02-18 08:48 - 00003142 _____ () C:\Windows\System32\Tasks\{CEEC242F-CB31-4B7C-BA41-759D23FC22A4}
2014-02-18 08:47 - 2014-02-18 08:47 - 01659552 _____ (Skype Technologies S.A.) C:\Users\Juga\Downloads\SkypeSetup(1).exe
2014-02-16 22:20 - 2013-05-06 18:51 - 00000000 ____D () C:\Users\Juga\AppData\Local\VirtualStore
2014-02-16 22:08 - 2012-08-02 23:24 - 00000000 ____D () C:\Windows\Panther
2014-02-16 22:06 - 2014-02-16 22:06 - 00002770 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-02-16 22:06 - 2014-02-16 22:05 - 03645064 _____ (Piriform Ltd) C:\Users\Juga\Downloads\ccsetup410_slim.exe
2014-02-16 12:59 - 2014-02-16 12:58 - 54537728 _____ () C:\Users\Juga\Downloads\calibre-1.24.0.msi
2014-02-15 20:19 - 2013-11-02 21:49 - 00001109 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-02-15 20:17 - 2014-02-15 20:17 - 24490112 _____ (Mozilla) C:\Users\Juga\Downloads\Firefox Setup 27.0.1.exe
2014-02-14 19:21 - 2012-07-26 06:26 - 00262144 ___SH () C:\Windows\system32\config\BBI(1020)

Some content of TEMP:
====================
C:\Users\Juga\AppData\Local\Temp\Quarantine.exe
C:\Users\Juga\AppData\Local\Temp\vlc-2.1.3-win32.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-03-08 10:57

==================== End Of Log ============================

--- --- ---

Soll ich nochmal irgendwelche Schritte von vorher wiederholen?

schrauber · 17.03.2014, 11:51

In welchem Browser?

jugajuga · 17.03.2014, 21:30

Danke für die Nachricht!

Es ist Firefox - mein Standardbrowser. Manchmal auch die Standardhilfeseiten von Word.
Besonders schlimm scheint es zu sein, wenn ich Thunderbird aufhabe. Dann werden manchmal plötzlich mehr als 50 Seiten geöffnet und ich kriege es nur noch über Task-Manager und Zwangsbeenden in den Griff.

Noch eine Anmerkung: Also oft tritt das Problem auf, wenn ich das Thunderbird mail programm geöffnet habe oder benutze. Dann öffnen sich plötzlich - für mich scheinbar unvermittelt - Hilfeseiten auf Firefox. Weiss nicht, ob as bei der Fehlerdiagnose hilft.
Das seltsame ist, dass es tatsächlich so etwa 1-2 Wochen weg war :-/.

schrauber · 18.03.2014, 12:17

Bevor wir jetzt tief graben mal ne ganz blöde Idee:

Ist das ein Desktop rechner oder Laptop? Keyboard intern oder extern via USB oder PS2 Anschluss?

jugajuga · 18.03.2014, 21:54

Stimmt, das ist eine gute Idee, sich das mal anzugucken danke!!

Ich habe ein Zenbook und benutze die interne Tastatur.

Ich weiss nicht, wie man in Windows die Taste zum Aufruf der "Hilfeseiten" umstellen kann, wenn man das per Software einstellen könnte, könnte man ja probieren, ob es ein Tastaturfehler ist oder?

Hallo,

ich habe folgendes gemacht:

Das Programm SharpKeys installiert, mit dem einzelne Tasten in der Registry überschreiben kann und die F1 Taste abgeschaltet...

Seitdem tritt der Fehler nicht mehr auf - das spricht doch für ein Hardewareproblem?

Das seltsame war allerdings bei dem Fehler, dass er nur manchmal auftrat vorher und bei einigen Programmen besonders häufig und die Taste auch nicht offensichtlich klemmte... seltsam.

Danke für den Tipp ... !!!

26.02.2014, 14:34	#8
schrauber /// the machine /// TB-Ausbilder	Windows 8: Hilfeseiten von Windows, Thunderbirg, Firefox etc. öffnen sich dauernd von selbst. FRST und die Antwort auf meine Frage fehlt noch __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

17.03.2014, 11:51	#12
schrauber /// the machine /// TB-Ausbilder	Windows 8: Hilfeseiten von Windows, Thunderbirg, Firefox etc. öffnen sich dauernd von selbst. In welchem Browser? __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

Windows 8: Hilfeseiten von Windows, Thunderbirg, Firefox etc. öffnen sich dauernd von selbst.

Log-Analyse und Auswertung: Windows 8: Hilfeseiten von Windows, Thunderbirg, Firefox etc. öffnen sich dauernd von selbst.