Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Browser stürzen ständig ab (https://www.trojaner-board.de/146570-browser-stuerzen-staendig-ab.html)

LuciLu 23.12.2013 11:58
Browser stürzen ständig ab
 
Meine beiden Browser Internet Explorer und Mozilla frieren ständig ein und stürzen ab.
Ich könnte hierbei etwas Hilfe gebrauchen.

Mein defogger-disable.log
Code:
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 11:31 on 23/12/2013 (Daniel)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-
mein FRST.txt

FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 22-12-2013 01
Ran by Daniel (administrator) on DANIEL-PC on 23-12-2013 11:24:50
Running from C:\Users\Daniel\Downloads
Windows 8 Pro (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Crawler.com) C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(Crawler.com) C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
(Crawler.com) C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
(Akamai Technologies, Inc.) C:\Users\Daniel\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\Daniel\AppData\Local\Akamai\netsession_win.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Movie Color Enhancer\MovieColorEnhancer.exe
(Samsung Electronics) C:\Program Files (x86)\Samsung\Samsung Update Plus\SUPBackground.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [ETDCtrl] - C:\Program Files\Elantech\ETDCtrl.exe [2817872 2012-04-25] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11106408 2010-08-04] (Realtek Semiconductor)
HKLM\...\Run: [IntelTBRunOnce] - C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs [4156 2010-04-16] ()
HKLM\...\Run: [SpywareTerminatorShield] - C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe [2777736 2013-04-03] (Crawler.com)
HKLM\...\Run: [SpywareTerminatorUpdater] - C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe [3684488 2013-04-03] (Crawler.com)
HKLM\...\Policies\Explorer: [HideRunAsVerb] 0
HKCU\...\Run: [swg] - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2012-11-18] (Google Inc.)
HKCU\...\Run: [Akamai NetSession Interface] - C:\Users\Daniel\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
HKCU\...\Policies\Explorer: [HideSCAHealth] 1
HKLM-x32\...\Run: [SDTray] - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [3830224 2013-05-16] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [20131121] - C:\Program Files\AVAST Software\Avast\Setup\emupdate\dd028084-6853-4a79-9158-5fe83532c9bb.exe [180184 2013-11-23] (AVAST Software)
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3764024 2013-12-22] (AVAST Software)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKLM-x32\...\Run: [DivXMediaServer] - C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-09-11] (DivX, LLC)
HKLM-x32\...\Run: [DivXUpdate] - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2013-08-29] ()
IFEO\AcroRd32.exe: [Debugger] "C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2013\TUAutoReactivator64.EXE"
IFEO\adobe air application installer.exe: [Debugger] "C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2013\TUAutoReactivator64.EXE"
IFEO\fantasticinst.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\gameconsole-wt.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\hpwucli.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\ilivid.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\kiesagent.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\labelprint.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\netzmanager.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\olrsubmission.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\power2go.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\power2goexpress.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\powerdvd8.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\realconverter.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\realplay.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\realtrimmer.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\rnxproc.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\skype.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\youcam.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/
URLSearchHook: ATTENTION ==> Default URLSearchHook is missing.
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Adblock IE - {667BEE43-20BD-4CE3-94AC-E63E04D4B191} - C:\Program Files\MGTEK\Adblock IE\adblockie.dll (MGTEK)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: WEB.DE MailCheck BHO - {BF42D4A8-016E-4fcd-B1EB-837659FD77C6} - C:\Program Files\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll (1und1 Mail und Media GmbH)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Browser Utility - {d9f8ec5f-18a3-4f95-b7a9-0cc9b9c87a44} - C:\Program Files (x86)\Browser Utility\browserutility.dll (Browser Utility)
Toolbar: HKLM - WEB.DE MailCheck - {C424171E-592A-415a-9EB1-DFD6D95D3530} - C:\Program Files\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll (1und1 Mail und Media GmbH)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM-x32 - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Toolbar: HKCU - WEB.DE MailCheck - {C424171E-592A-415A-9EB1-DFD6D95D3530} - C:\Program Files\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll (1und1 Mail und Media GmbH)
Toolbar: HKCU - No Name - {D40B90B4-D3B1-4D6B-A5D7-DC041C1B76C0} -  No File
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\toyw19d6.default
FF DefaultSearchEngine: StartWeb
FF SelectedSearchEngine: StartWeb
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\WINDOWS\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @real.com/nppl3260;version=15.0.4.53 - c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprjplug;version=15.0.4.53 - c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.4.53 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.4.53 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=15.0.4.53 - c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\3\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF SearchPlugin: C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\toyw19d6.default\searchplugins\divx-browser-bar-de-customized-web-search.xml
FF SearchPlugin: C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\toyw19d6.default\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\toyw19d6.default\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\toyw19d6.default\searchplugins\lastminute.xml
FF SearchPlugin: C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\toyw19d6.default\searchplugins\webde-suche.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\StartWeb.xml
FF Extension: No Name - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\toyw19d6.default\Extensions\122
FF Extension: pricealarm - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\toyw19d6.default\Extensions\EFGLQA@78ETGYN-0W7FN789T87.COM
FF Extension: HomeTab - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\toyw19d6.default\Extensions\{24532715-4abc-47ee-bd4f-a6774d0723d2}
FF Extension: FoxyDeal - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\toyw19d6.default\Extensions\{F58A62EB-38DC-43C4-A539-DC52E135208D}
FF Extension: Add to Amazon Wish List Button - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\toyw19d6.default\Extensions\amznUWL2@amazon.com.xpi
FF Extension: Adblock Plus - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\toyw19d6.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF HKLM-x32\...\Firefox\Extensions: [{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [{51c77233-c0ad-4220-8388-47c11c18b355}] - C:\Program Files (x86)\Browser Utility\browserutility.xpi
FF Extension: Browser Utility - C:\Program Files (x86)\Browser Utility\browserutility.xpi
FF Extension: Browser Utility - C:\Program Files (x86)\Browser Utility\browserutility.xpi

Chrome:
=======
CHR HomePage: hxxp://www.google.com/
CHR RestoreOnStartup: "hxxp://www.google.com/"
CHR DefaultSearchKeyword: google.de
CHR DefaultSearchProvider: Google
CHR DefaultSearchURL: {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR DefaultNewTabURL: {google:baseURL}_/chrome/newtab?{google:RLZ}{google:instantExtendedEnabledParameter}{google:ntpIsThemedParameter}ie={inputEncoding}
CHR Extension: (YouTube) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Browser Utility) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\eckmjheijoffjbjmkgggoclppgdlajfa\0.1_0
CHR Extension: (avast! Online Security) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2005.45_0
CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0
CHR Extension: (Skype Click to Call) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.3.0.11079_0
CHR Extension: (Google Wallet) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0
CHR Extension: (Gmail) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR HKLM-x32\...\Chrome\Extension: [eckmjheijoffjbjmkgggoclppgdlajfa] - C:\Program Files (x86)\Browser Utility\browserutility.crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx
CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx
CHR HKLM-x32\...\Chrome\Extension: [ommhmgednjnodcljhlljkaiidghdmikk] - C:\Users\Daniel\AppData\Local\Temp\ccex.crx
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2013-12-22] (AVAST Software)
R2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2246184 2011-12-15] (Broadcom Corporation.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 MSMQ; C:\Windows\system32\mqsvc.exe [25088 2012-07-26] (Microsoft Corporation)
S4 Netzmanager Service; C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe [2635776 2012-07-20] (Deutsche Telekom AG)
S4 PnkBstrA; C:\WINDOWS\SysWow64\PnkBstrA.exe [76888 2013-07-16] ()
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1817560 2013-05-16] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1033688 2013-05-16] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2013-05-15] (Safer-Networking Ltd.)
R2 ST2012_Svc; C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe [1149104 2013-04-03] (Crawler.com)
R2 TuneUp.UtilitiesSvc; C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2013\TUNEUPUTILITIESSERVICE64.EXE [2409272 2013-12-10] (TuneUp Software)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [471552 2012-07-26] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-02] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

R1 aswKbd; C:\Windows\System32\Drivers\aswKbd.sys [22600 2013-05-09] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [78648 2013-12-22] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [92544 2013-11-30] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-11-30] ()
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [1034464 2013-12-22] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [422216 2013-12-22] (AVAST Software)
R3 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [82744 2013-12-22] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [207904 2013-12-22] ()
S4 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [30568 2012-11-08] (AVG Technologies)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [5139968 2012-06-02] (Broadcom Corporation)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MQAC; C:\Windows\System32\drivers\mqac.sys [185856 2012-07-26] (Microsoft Corporation)
S3 rtport; C:\Windows\SysWOW64\drivers\rtport.sys [15144 2011-04-06] (Windows (R) 2003 DDK 3790 provider)
R2 sp_rsdrv2; C:\Windows\System32\DRIVERS\stflt.sys [51496 2013-07-28] (Windows (R) Win 7 DDK provider)
S3 TelekomNM6; C:\Program Files\Netzmanager\NMInfraIS2\Driver\TelekomNM6.sys [45664 2010-09-16] (Deutsche Telekom AG AG, Marmiko IT-Solutions GmbH)
R3 TuneUpUtilitiesDrv; C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2013\TuneUpUtilitiesDriver64.sys [11880 2012-09-19] (TuneUp Software)
R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13832 2010-04-16] ()
S3 wmbclass; C:\Windows\system32\DRIVERS\wmbclass.sys [230912 2013-04-09] (Microsoft Corporation)
R3 yukonw8; C:\Windows\system32\DRIVERS\yk63x64.sys [287232 2012-06-02] (Marvell)
U3 idsvc;

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-12-23 11:24 - 2013-12-23 11:25 - 00024120 _____ C:\Users\Daniel\Downloads\FRST.txt
2013-12-23 11:24 - 2013-12-23 11:24 - 00000000 ____D C:\FRST
2013-12-23 11:23 - 2013-12-23 11:24 - 01928280 _____ (Farbar) C:\Users\Daniel\Downloads\FRST64.exe
2013-12-23 11:21 - 2013-12-23 11:21 - 00000246 _____ C:\Users\Daniel\Downloads\defogger_enable.log
2013-12-23 11:21 - 2013-12-23 11:21 - 00000000 _____ C:\Users\Daniel\defogger_reenable
2013-12-23 11:20 - 2013-12-23 11:22 - 00000474 _____ C:\Users\Daniel\Downloads\defogger_disable.log
2013-12-23 11:19 - 2013-12-23 11:20 - 00050477 _____ C:\Users\Daniel\Desktop\Defogger.exe
2013-12-22 16:54 - 2013-12-22 16:54 - 00082744 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswstm.sys
2013-12-21 07:33 - 2013-12-21 07:34 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-18 05:55 - 2013-12-18 05:55 - 00000000 ____D C:\Program Files (x86)\Browser Utility
2013-12-16 17:17 - 2013-12-16 17:17 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2013-12-12 16:58 - 2013-12-12 16:58 - 00445632 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2013-12-11 16:38 - 2013-10-25 07:19 - 02241536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2013-12-11 16:38 - 2013-10-25 07:19 - 01365504 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2013-12-11 16:38 - 2013-10-25 07:18 - 19271168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2013-12-11 16:38 - 2013-10-25 07:18 - 00603136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2013-12-11 16:38 - 2013-10-25 07:17 - 15404032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2013-12-11 16:38 - 2013-10-25 07:17 - 03959808 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2013-12-11 16:38 - 2013-10-25 07:17 - 02648576 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2013-12-11 16:38 - 2013-10-25 07:17 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2013-12-11 16:38 - 2013-10-25 05:45 - 01767936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2013-12-11 16:38 - 2013-10-25 05:44 - 14356992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2013-12-11 16:38 - 2013-10-25 05:44 - 01140736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2013-12-11 16:38 - 2013-10-25 05:43 - 13761536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2013-12-11 16:38 - 2013-10-25 05:43 - 02877952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2013-12-11 16:38 - 2013-10-25 05:43 - 02049024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2013-12-11 16:38 - 2013-10-25 05:43 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2013-12-11 16:38 - 2013-10-25 05:43 - 00493056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2013-12-11 16:37 - 2013-11-23 07:43 - 00420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll
2013-12-11 16:37 - 2013-11-23 06:05 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll
2013-12-11 16:37 - 2013-11-07 00:18 - 04036608 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2013-12-11 16:37 - 2013-11-01 06:38 - 00312320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msieftp.dll
2013-12-11 16:37 - 2013-11-01 04:49 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msieftp.dll
2013-12-11 16:37 - 2013-10-25 07:19 - 00915968 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll
2013-12-11 16:37 - 2013-10-25 07:19 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2013-12-11 16:37 - 2013-10-19 06:45 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll
2013-12-11 16:37 - 2013-10-19 05:04 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll
2013-12-11 16:37 - 2013-10-10 10:32 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cscript.exe
2013-12-11 16:37 - 2013-10-10 10:30 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrobj.dll
2013-12-11 16:37 - 2013-10-10 10:30 - 00156160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrun.dll
2013-12-11 16:37 - 2013-10-10 10:24 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshom.ocx
2013-12-11 16:37 - 2013-10-10 10:23 - 00146944 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscript.exe
2013-12-11 16:37 - 2013-10-10 10:22 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrobj.dll
2013-12-11 16:37 - 2013-10-10 10:22 - 00194048 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll
2013-12-11 16:37 - 2013-09-28 04:35 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys
2013-12-10 18:43 - 2013-12-10 18:43 - 00000983 _____ C:\Users\Public\Desktop\WinRAR.lnk
2013-12-10 18:40 - 2013-12-10 18:39 - 00312744 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2013-12-10 18:40 - 2013-12-10 18:39 - 00189352 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2013-12-10 18:40 - 2013-12-10 18:39 - 00189352 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2013-12-10 18:40 - 2013-12-10 18:39 - 00108968 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2013-12-10 18:36 - 2013-12-10 18:36 - 00001131 _____ C:\Users\Public\Desktop\DivX Converter.lnk
2013-12-10 18:36 - 2013-12-10 18:36 - 00001066 _____ C:\Users\Public\Desktop\DivX Player.lnk
2013-12-09 19:21 - 2004-07-30 14:43 - 00000000 ____D C:\Users\Daniel\Downloads\WeightDiary
2013-12-09 19:13 - 2013-12-21 10:09 - 00000000 ____D C:\Users\Daniel\AppData\Local\SwvUpdater
2013-12-09 19:12 - 2013-12-18 05:54 - 00000000 ____D C:\Users\Daniel\AppData\Local\DownloadGuide
2013-12-09 19:12 - 2013-12-10 18:34 - 00000000 _____ C:\END
2013-12-09 19:12 - 2013-12-09 19:12 - 00000158 _____ C:\Users\Daniel\Desktop\100 Euro Guthaben.url
2013-12-08 20:30 - 2013-12-08 20:33 - 51415040 _____ (Microsoft Corporation) C:\Users\Daniel\Downloads\IE10-Windows6.1-x64-de-de_b16521.exe
2013-12-08 20:15 - 2013-10-09 02:33 - 00059416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2013-12-08 20:15 - 2013-10-08 23:30 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2013-12-08 20:15 - 2013-10-08 23:30 - 00126976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2013-12-08 20:15 - 2013-10-08 23:30 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2013-12-08 20:15 - 2013-10-08 23:30 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2013-12-08 20:15 - 2013-10-08 23:28 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2013-12-08 20:15 - 2013-10-08 23:27 - 03279872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2013-12-08 20:15 - 2013-10-08 23:27 - 01622016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2013-12-08 20:15 - 2013-10-08 23:27 - 00773120 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2013-12-08 20:15 - 2013-10-08 23:27 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2013-12-08 20:15 - 2013-10-08 23:27 - 00175104 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2013-12-08 20:15 - 2013-10-08 23:27 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2013-12-08 20:15 - 2013-10-08 23:27 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2013-12-08 20:15 - 2013-10-05 07:10 - 00285016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2013-12-08 20:15 - 2013-10-03 23:09 - 00385528 _____ C:\WINDOWS\system32\ApnDatabase.xml
2013-12-08 20:15 - 2013-10-02 03:50 - 00447320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2013-12-08 20:15 - 2013-09-28 06:48 - 00778752 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2013-12-08 20:15 - 2013-09-28 04:58 - 00551424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2013-12-08 20:15 - 2013-09-19 08:32 - 01455448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2013-12-08 20:15 - 2013-08-30 06:19 - 00626688 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2013-12-08 20:15 - 2013-08-30 06:18 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2013-12-08 20:15 - 2013-08-30 00:48 - 00488960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2013-12-08 20:15 - 2013-08-30 00:47 - 00302080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2013-12-06 14:57 - 2013-12-06 14:57 - 00000037 ___SH C:\Users\Daniel\AppData\Local\70149b02515b3bb20dd492.47983420
2013-12-06 14:57 - 2013-12-06 14:57 - 00000000 ____D C:\Users\Daniel\AppData\Local\MetaGeek,_LLC
2013-12-06 14:57 - 2013-12-06 14:57 - 00000000 ____D C:\Users\Daniel\AppData\Local\IsolatedStorage
2013-12-06 14:55 - 2013-12-06 14:56 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MetaGeek
2013-12-06 14:55 - 2013-12-06 14:55 - 00000000 ____D C:\Program Files (x86)\MetaGeek
2013-12-04 06:50 - 2013-12-04 06:50 - 00001783 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-12-04 06:50 - 2013-12-04 06:50 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-12-04 06:50 - 2013-12-04 06:50 - 00000000 ____D C:\Program Files\iTunes
2013-12-04 06:50 - 2013-12-04 06:50 - 00000000 ____D C:\Program Files\iPod
2013-12-04 06:50 - 2013-12-04 06:50 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-12-02 16:20 - 2013-12-02 16:20 - 00000000 ____D C:\Users\Daniel\AppData\Local\Akamai
2013-12-02 16:09 - 2012-07-06 14:52 - 00052876 _____ C:\Users\Daniel\Downloads\apps.diagcab
2013-11-30 19:36 - 2013-11-30 19:36 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\AVAST Software
2013-11-30 16:38 - 2013-11-30 16:38 - 00000000 _____ C:\WINDOWS\SysWOW64\config.nt

==================== One Month Modified Files and Folders =======

2013-12-23 11:25 - 2013-12-23 11:24 - 00024120 _____ C:\Users\Daniel\Downloads\FRST.txt
2013-12-23 11:24 - 2013-12-23 11:24 - 00000000 ____D C:\FRST
2013-12-23 11:24 - 2013-12-23 11:23 - 01928280 _____ (Farbar) C:\Users\Daniel\Downloads\FRST64.exe
2013-12-23 11:24 - 2012-07-26 06:37 - 00000000 __RHD C:\Users\Default
2013-12-23 11:22 - 2013-12-23 11:20 - 00000474 _____ C:\Users\Daniel\Downloads\defogger_disable.log
2013-12-23 11:21 - 2013-12-23 11:21 - 00000246 _____ C:\Users\Daniel\Downloads\defogger_enable.log
2013-12-23 11:21 - 2013-12-23 11:21 - 00000000 _____ C:\Users\Daniel\defogger_reenable
2013-12-23 11:21 - 2012-11-16 20:30 - 00000000 ____D C:\Users\Daniel
2013-12-23 11:20 - 2013-12-23 11:19 - 00050477 _____ C:\Users\Daniel\Desktop\Defogger.exe
2013-12-23 11:20 - 2013-06-23 12:46 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2013-12-23 11:04 - 2013-06-21 15:09 - 00004182 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2013-12-23 11:02 - 2012-07-26 08:22 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2013-12-23 09:00 - 2012-07-26 09:12 - 00000000 ____D C:\WINDOWS\system32\sru
2013-12-22 16:54 - 2013-12-22 16:54 - 00082744 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswstm.sys
2013-12-22 16:54 - 2013-07-24 15:36 - 00001966 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2013-12-22 16:54 - 2013-06-21 15:09 - 01034464 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2013-12-22 16:54 - 2013-06-21 15:09 - 00422216 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2013-12-22 16:54 - 2013-06-21 15:09 - 00334136 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2013-12-22 16:54 - 2013-06-21 15:09 - 00207904 _____ C:\WINDOWS\system32\Drivers\aswVmm.sys
2013-12-22 16:54 - 2013-06-21 15:09 - 00078648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2013-12-22 16:54 - 2013-06-21 15:08 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2013-12-22 13:18 - 2012-07-26 06:26 - 00008192 ___SH C:\WINDOWS\system32\config\BBI
2013-12-22 08:54 - 2013-09-19 05:46 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\vlc
2013-12-22 08:18 - 2013-07-10 17:49 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-12-21 17:56 - 2012-11-16 21:51 - 00000000 ____D C:\Users\DefaultAppPool
2013-12-21 10:09 - 2013-12-09 19:13 - 00000000 ____D C:\Users\Daniel\AppData\Local\SwvUpdater
2013-12-21 07:34 - 2013-12-21 07:33 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-21 06:48 - 2011-09-26 08:25 - 00000000 ____D C:\Users\Daniel\AppData\Local\Mozilla
2013-12-21 06:08 - 2012-07-26 09:12 - 00000000 ____D C:\WINDOWS\AUInstallAgent
2013-12-21 05:57 - 2013-07-28 07:57 - 00000000 ____D C:\ProgramData\Spyware Terminator
2013-12-18 05:55 - 2013-12-18 05:55 - 00000000 ____D C:\Program Files (x86)\Browser Utility
2013-12-18 05:55 - 2012-01-21 11:05 - 00001181 _____ C:\Users\Public\Desktop\YouTube Song Downloader.lnk
2013-12-18 05:55 - 2012-01-21 11:05 - 00000000 ____D C:\Users\Daniel\AppData\Local\Abelssoft
2013-12-18 05:55 - 2012-01-21 11:05 - 00000000 ____D C:\Program Files (x86)\YouTube Song Downloader
2013-12-18 05:55 - 2012-01-21 11:05 - 00000000 ____D C:\Program Files (x86)\K-Lite Codec Pack
2013-12-18 05:54 - 2013-12-09 19:12 - 00000000 ____D C:\Users\Daniel\AppData\Local\DownloadGuide
2013-12-17 06:00 - 2013-01-18 17:36 - 00000000 ____D C:\Program Files (x86)\TuneUp Utilities 2013
2013-12-16 17:17 - 2013-12-16 17:17 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2013-12-16 17:17 - 2010-10-25 03:52 - 00000000 ____D C:\ProgramData\NVIDIA
2013-12-16 06:04 - 2013-08-14 06:42 - 00000000 ____D C:\WINDOWS\system32\MRT
2013-12-16 06:02 - 2011-09-26 05:40 - 90708896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2013-12-16 05:58 - 2010-10-25 02:43 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2013-12-15 16:07 - 2012-03-26 17:41 - 00003696 _____ C:\WINDOWS\System32\Tasks\Adobe-Online-Aktualisierungsprogramm
2013-12-15 15:05 - 2012-07-26 11:27 - 00879766 _____ C:\WINDOWS\system32\perfh007.dat
2013-12-15 15:05 - 2012-07-26 11:27 - 00203372 _____ C:\WINDOWS\system32\perfc007.dat
2013-12-15 15:05 - 2012-07-26 08:28 - 02069812 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2013-12-13 20:10 - 2013-09-19 05:46 - 00001070 _____ C:\Users\Public\Desktop\VLC media player.lnk
2013-12-12 16:58 - 2013-12-12 16:58 - 00445632 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2013-12-11 20:11 - 2012-07-26 09:12 - 00000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2013-12-11 18:39 - 2012-07-26 09:12 - 00000000 ____D C:\WINDOWS\rescache
2013-12-11 16:43 - 2011-10-01 16:13 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-12-11 16:40 - 2012-07-26 06:38 - 00000000 ____D C:\WINDOWS\system32\oobe
2013-12-11 16:30 - 2012-05-18 18:30 - 00000000 ____D C:\Users\Daniel\Desktop\Media
2013-12-11 06:07 - 2012-11-16 21:07 - 00003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1252512109-3750120672-4145686215-1001
2013-12-10 19:20 - 2013-06-23 12:46 - 00003772 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2013-12-10 18:44 - 2013-07-10 17:49 - 00001151 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-12-10 18:43 - 2013-12-10 18:43 - 00000983 _____ C:\Users\Public\Desktop\WinRAR.lnk
2013-12-10 18:43 - 2013-10-20 10:49 - 00022328 _____ (TuneUp Software) C:\WINDOWS\SysWOW64\authuitu.dll
2013-12-10 18:43 - 2013-06-22 18:21 - 00000000 ____D C:\Program Files\WinRAR
2013-12-10 18:43 - 2013-01-18 17:42 - 00038200 _____ (TuneUp Software) C:\WINDOWS\system32\uxtuneup.dll
2013-12-10 18:43 - 2013-01-18 17:42 - 00030520 _____ (TuneUp Software) C:\WINDOWS\SysWOW64\uxtuneup.dll
2013-12-10 18:43 - 2013-01-18 17:36 - 00035640 _____ (TuneUp Software) C:\WINDOWS\system32\TURegOpt.exe
2013-12-10 18:43 - 2013-01-18 17:36 - 00026936 _____ (TuneUp Software) C:\WINDOWS\system32\authuitu.dll
2013-12-10 18:43 - 2011-12-11 14:00 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2013-12-10 18:40 - 2013-09-19 05:23 - 00000000 ____D C:\ProgramData\Oracle
2013-12-10 18:40 - 2013-07-20 14:49 - 00002251 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-12-10 18:39 - 2013-12-10 18:40 - 00312744 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2013-12-10 18:39 - 2013-12-10 18:40 - 00189352 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2013-12-10 18:39 - 2013-12-10 18:40 - 00189352 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2013-12-10 18:39 - 2013-12-10 18:40 - 00108968 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2013-12-10 18:36 - 2013-12-10 18:36 - 00001131 _____ C:\Users\Public\Desktop\DivX Converter.lnk
2013-12-10 18:36 - 2013-12-10 18:36 - 00001066 _____ C:\Users\Public\Desktop\DivX Player.lnk
2013-12-10 18:36 - 2013-06-22 18:15 - 00001615 _____ C:\Users\Daniel\Desktop\DivX Movies.lnk
2013-12-10 18:36 - 2012-04-08 09:25 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\DivX
2013-12-10 18:36 - 2012-04-08 09:24 - 00000000 ____D C:\Program Files (x86)\DivX
2013-12-10 18:36 - 2012-04-08 09:23 - 00000000 ____D C:\ProgramData\DivX
2013-12-10 18:35 - 2012-04-08 09:24 - 00000000 ____D C:\Program Files\DivX
2013-12-10 18:34 - 2013-12-09 19:12 - 00000000 _____ C:\END
2013-12-10 18:34 - 2013-08-30 09:11 - 00000000 ____D C:\Users\Administrator
2013-12-09 19:24 - 2012-10-07 09:02 - 00000000 ____D C:\Users\Daniel\Desktop\Dokumente
2013-12-09 19:12 - 2013-12-09 19:12 - 00000158 _____ C:\Users\Daniel\Desktop\100 Euro Guthaben.url
2013-12-08 20:33 - 2013-12-08 20:30 - 51415040 _____ (Microsoft Corporation) C:\Users\Daniel\Downloads\IE10-Windows6.1-x64-de-de_b16521.exe
2013-12-06 16:17 - 2012-12-14 06:11 - 00000000 ____D C:\Musik
2013-12-06 14:57 - 2013-12-06 14:57 - 00000037 ___SH C:\Users\Daniel\AppData\Local\70149b02515b3bb20dd492.47983420
2013-12-06 14:57 - 2013-12-06 14:57 - 00000000 ____D C:\Users\Daniel\AppData\Local\MetaGeek,_LLC
2013-12-06 14:57 - 2013-12-06 14:57 - 00000000 ____D C:\Users\Daniel\AppData\Local\IsolatedStorage
2013-12-06 14:56 - 2013-12-06 14:55 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MetaGeek
2013-12-06 14:55 - 2013-12-06 14:55 - 00000000 ____D C:\Program Files (x86)\MetaGeek
2013-12-04 06:50 - 2013-12-04 06:50 - 00001783 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-12-04 06:50 - 2013-12-04 06:50 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-12-04 06:50 - 2013-12-04 06:50 - 00000000 ____D C:\Program Files\iTunes
2013-12-04 06:50 - 2013-12-04 06:50 - 00000000 ____D C:\Program Files\iPod
2013-12-04 06:50 - 2013-12-04 06:50 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-12-04 01:53 - 2013-09-12 04:55 - 00694240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2013-12-04 01:53 - 2013-09-12 04:55 - 00078304 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2013-12-02 16:20 - 2013-12-02 16:20 - 00000000 ____D C:\Users\Daniel\AppData\Local\Akamai
2013-11-30 19:36 - 2013-11-30 19:36 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\AVAST Software
2013-11-30 16:39 - 2013-06-21 15:09 - 00092544 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2013-11-30 16:39 - 2013-06-21 15:09 - 00065776 _____ C:\WINDOWS\system32\Drivers\aswRvrt.sys
2013-11-30 16:38 - 2013-11-30 16:38 - 00000000 _____ C:\WINDOWS\SysWOW64\config.nt
2013-11-30 16:38 - 2013-06-21 15:07 - 00000000 ____D C:\ProgramData\AVAST Software
2013-11-29 19:47 - 2013-09-04 16:31 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\AccurateRip
2013-11-29 19:47 - 2013-08-28 15:02 - 00000000 ____D C:\Users\Daniel\Documents\gothic3
2013-11-29 19:47 - 2012-01-07 10:03 - 00000000 ____D C:\Program Files (x86)\Steam
2013-11-29 19:24 - 2013-07-13 06:44 - 00002563 _____ C:\Users\Public\Desktop\Free System Utilities.lnk
2013-11-23 07:43 - 2013-12-11 16:37 - 00420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll
2013-11-23 06:05 - 2013-12-11 16:37 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll

Some content of TEMP:
====================
C:\Users\Daniel\AppData\Local\Temp\WEB.DE_Toolbar_IE_Setup.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-12-23 09:27

==================== End Of Log ============================
--- --- ---

--- --- ---



mein Addition.txt
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-12-2013 01
Ran by Daniel at 2013-12-23 11:25:45
Running from C:\Users\Daniel\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

„Messenger“ pagalbinė priemonė (x32 Version: 15.4.3502.0922)
„Windows Live Essentials“ (x32 Version: 15.4.3502.0922)
„Windows Live Mail“ (x32 Version: 15.4.3502.0922)
„Windows Live Messenger“ (x32 Version: 15.4.3502.0922)
„Windows Live“ fotogalerija (x32 Version: 15.4.3502.0922)
64 Bit HP CIO Components Installer (Version: 7.2.8)
Adblock IE 2.3 (Version: 2.3.1756)
Adobe AIR (x32 Version: 3.9.0.1380)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.170)
Adobe Reader X (10.1.8) - Deutsch (x32 Version: 10.1.8)
Agatha Christie - Death on the Nile (x32 Version: 2.2.0.82)
AIO_CDA_ProductContext (x32 Version: 140.0.425.000)
AIO_CDA_Software (x32 Version: 140.0.428.000)
AIO_Scan (x32 Version: 130.0.421.000)
Akamai NetSession Interface (HKCU)
Amazon Kindle (HKCU)
Amazon MP3-Downloader 1.0.9 (x32)
Apple Application Support (x32 Version: 2.3.6)
Apple Mobile Device Support (Version: 7.0.0.117)
Apple Software Update (x32 Version: 2.1.3.127)
avast! Free Antivirus (x32 Version: 9.0.2011)
BatteryLifeExtender (x32 Version: 1.0.6)
BBI USB WIRELESS CONTROLLER (x32 Version: 2005.12.02)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95)
Big Fish Games: Game Manager (x32 Version: 3.0.1.60)
Bing Rewards Client Installer (x32 Version: 16.0.345.0)
Bonjour (Version: 3.0.0.10)
Broadcom 802.11 Network Adapter (Version: 5.60.48.55)
Browser Utility (x32)
BufferChm (x32 Version: 140.0.298.000)
Build-a-lot (x32 Version: 2.2.0.82)
C5100 (x32 Version: 140.0.425.000)
c5100_Help (x32 Version: 82.0.256.000)
Casino at bet365 (HKCU)
CCleaner (Version: 3.24)
Chuzzle Deluxe (x32 Version: 2.2.0.82)
Complément Messenger (x32 Version: 15.4.3502.0922)
Complemento Messenger (x32 Version: 15.4.3502.0922)
Copy (x32 Version: 140.0.298.000)
Creation Kit (x32)
CVE-2012-4969
D3DX10 (x32 Version: 15.4.2368.0902)
Dark Tales: Das vorzeitige Begräbnis von Edgar Allan Poe Sammleredition (x32)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (x32)
Destinations (x32 Version: 140.0.253.000)
DeviceDiscovery (x32 Version: 140.0.298.000)
Diablo III (x32)
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.82)
DivX-Setup (x32 Version: 2.6.1.87)
DocProc (x32 Version: 140.0.185.000)
Doplnok programu Messenger (x32 Version: 15.4.3502.0922)
Drakensang - Am Fluss der Zeit (x32)
Drakensang (x32)
Drakensang Online (x32)
EasyBatteryManager (x32 Version: 4.0.0.4)
ETDWare PS/2-X64 10.7.14.12_WHQL (Version: 10.7.14.12)
Exact Audio Copy 1.0beta3 (x32 Version: 1.0beta3)
Farm Frenzy (x32 Version: 2.2.0.82)
Fast Start (x32 Version: 2.2.0.0)
Fax (x32 Version: 140.0.307.000)
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922)
FoxTab FLV Player (HKCU) <==== ATTENTION
FoxTab PDF Creator (HKCU) <==== ATTENTION
Free System Utilities (x32 Version: 1.1.0.95)
Free SystemUtilities (x32 Version: 1.1.0.95)
FuzeZip (HKCU Version: 1.0.0.133556)
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922)
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922)
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922)
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922)
Galerie foto Windows Live (x32 Version: 15.4.3502.0922)
Google Chrome (x32 Version: 31.0.1650.63)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0)
Google Toolbar for Internet Explorer (x32 Version: 7.5.4601.54)
Google Update Helper (x32 Version: 1.3.21.145)
Gothic III - Forsaken Gods (x32 Version: 1.0.0)
Gothic III (x32 Version: 1.00.0000)
GPBaseService2 (x32 Version: 140.0.297.000)
HP Customer Participation Program 14.0 (Version: 14.0)
HP Imaging Device Functions 14.0 (Version: 14.0)
HP Photosmart All-In-One Driver Software (Version: 14.0)
HP Solution Center 14.0 (Version: 14.0)
HP Update (x32 Version: 5.002.006.003)
HPPhotoGadget (x32 Version: 140.0.524.000)
HPProductAssistant (x32 Version: 140.0.298.000)
HPSSupply (x32 Version: 140.0.297.000)
Iminent (x32 Version: 6.27.21.0) <==== ATTENTION
Insaniquarium Deluxe (x32 Version: 2.2.0.82)
inSSIDer 3 (x32 Version: 3.0.7.48)
Intel(R) Management Engine Components (x32 Version: 6.0.0.1179)
Intel(R) Rapid Storage Technology (x32 Version: 9.6.3.1001)
Intel(R) Turbo Boost Technology Driver (x32 Version: 01.02.00.1002)
iTunes (Version: 11.1.3.8)
Java 7 Update 25 (x32 Version: 7.0.250)
Java 7 Update 45 (64-bit) (Version: 7.0.450)
Java Auto Updater (x32 Version: 2.1.9.5)
John Deere Drive Green (x32 Version: 2.2.0.82)
Junk Mail filter update (x32 Version: 15.4.3502.0922)
K-Lite Codec Pack 6.0.4 (Basic) (x32 Version: 6.0.4)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300)
MarketResearch (x32 Version: 140.0.299.000)
Marvell Miniport Driver (x32 Version: 11.29.1.3)
Mesh Runtime (x32 Version: 15.4.5722.2)
Messenger Assistent (x32 Version: 15.4.3502.0922)
Messenger Companion (x32 Version: 15.4.3502.0922)
Messenger kísérő (x32 Version: 15.4.3502.0922)
Messenger Pratilac (x32 Version: 15.4.3502.0922)
Messenger Suradnik (x32 Version: 15.4.3502.0922)
Messenger 사이트 공유 (x32 Version: 15.4.3502.0922)
Messenger 分享元件 (x32 Version: 15.4.3502.0922)
Messenger 浏览器插件 (x32 Version: 15.4.3502.0922)
Messenger-kumppani (x32 Version: 15.4.3502.0922)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Games for Windows - LIVE Redistributable (x32 Version: 3.5.88.0)
Microsoft Office 2010 (x32 Version: 14.0.4763.1000)
Microsoft Office 2010 Service Pack 1 (SP1) (x32)
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Home and Student 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000)
Microsoft Office Klick-und-Los 2010 (x32 Version: 14.0.4763.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Single Image 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Starter 2010 - Deutsch (x32 Version: 14.0.4763.1000)
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Silverlight (Version: 5.1.20913.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.50727.42)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft WSE 3.0 Runtime (x32 Version: 3.0.5305.0)
Microsoft_VC100_CRT_x86 (x32 Version: 1.0.0)
MixPad (x32 Version: 3.43)
Movie Color Enhancer (x32 Version: 1.0)
Mozilla Firefox 26.0 (x86 en-US) (x32 Version: 26.0)
Mozilla Maintenance Service (x32 Version: 26.0)
MSVCRT (x32 Version: 15.4.2862.0708)
MSVCRT_amd64 (x32 Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)
MultimediaPOP (x32 Version: 1.1)
NCH Tone Generator (x32 Version: 3.07)
Network Stumbler 0.4.0 (remove only) (x32)
Network64 (Version: 140.0.306.000)
Netzmanager (Version: 1.071)
NVIDIA Grafiktreiber 327.02 (Version: 327.02)
NVIDIA HD-Audiotreiber 1.3.26.4 (Version: 1.3.26.4)
NVIDIA Install Application (Version: 2.1002.133.889)
NVIDIA PhysX (x32 Version: 9.12.0213)
NVIDIA PhysX-Systemsoftware 9.12.0213 (Version: 9.12.0213)
NVIDIA Systemsteuerung 327.02 (Version: 327.02)
NVIDIA Update 1.14.17 (Version: 1.14.17)
NVIDIA Update Components (Version: 1.14.17)
OCR Software by I.R.I.S. 14.0 (Version: 14.0)
Origin (x32 Version: 8.6.0.357)
Pando Media Booster (x32 Version: 2.6.0.7)
Peggle (x32 Version: 2.2.0.82)
Penguins! (x32 Version: 2.2.0.82)
Plants vs. Zombies (x32 Version: 2.2.0.82)
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922)
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922)
Polar Golfer (x32 Version: 2.2.0.82)
Pomocnik Messenger (x32 Version: 15.4.3502.0922)
Pošta Windows Live (x32 Version: 15.4.3502.0922)
Power Tab Editor 1.7 (x32 Version: 1.7.0)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922)
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0)
RealPlayer (x32 Version: 15.0.4)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6171)
RealUpgrade 1.1 (x32 Version: 1.1.0)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.4.0)
Samsung AnyWeb Print (x32 Version: 1.0)
Samsung Kies (x32 Version: 2.5.0.12094_28)
Samsung Universal Print Driver (x32 Version: 2.01.06.00:16)
Samsung Universal Scan Driver (x32 Version: 1.2.1.0)
Samsung Update Plus (x32 Version: 3.0.1.17)
SAMSUNG USB Driver for Mobile Phones (Version: 1.5.15.0)
Scan (x32 Version: 140.0.253.000)
Shop for HP Supplies (Version: 14.0)
Skat-Online V9 (HKCU)
Skype Click to Call (x32 Version: 6.3.11079)
Skype™ 5.10 (x32 Version: 5.10.116)
SmartPCFixer 4.2 (Version: 4.2) <==== ATTENTION
Software Version Updater (x32 Version: 1.1.3.8) <==== ATTENTION
SolutionCenter (x32 Version: 140.0.299.000)
Spremljevalec Messenger (x32 Version: 15.4.3502.0922)
Spybot - Search & Destroy (x32 Version: 2.1.20)
Spyware Terminator 2012 (x32 Version: 3.0.0.82)
SpywareBlaster 5.0 (x32 Version: 5.0.0)
SRS Premium Sound Control Panel (Version: 1.8.8100)
Status (x32 Version: 140.0.342.000)
Steam (x32 Version: 1.0.0.0)
The Elder Scrolls V: Skyrim (x32)
Toolbox (x32 Version: 140.0.596.000)
TrayApp (x32 Version: 140.0.297.000)
TuneUp Utilities 2013 (x32 Version: 13.0.4000.179)
TuneUp Utilities Language Pack (de-DE) (x32 Version: 12.0.3600.73)
TuneUp Utilities Language Pack (de-DE) (x32 Version: 13.0.4000.179)
Überwachungstool für die Intel® Turbo-Boost-Technik (Version: 1.0.400.4)
Uninstall 1.0.0.1 (x32)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (x32)
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2494150) (x32)
Update for Microsoft Office 2010 (KB2553065) (x32)
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2566458) (x32)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (x32)
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition (x32)
Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition (x32)
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition (x32)
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition (x32)
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (x32)
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition (x32)
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (x32)
Update for Microsoft Word 2010 (KB2837593) 32-Bit Edition (x32)
Update Installer for WildTangent Games App (x32)
User Guide (x32 Version: 1.0)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0)
VLC media player 2.1.2 (x32 Version: 2.1.2)
WavePad Sound Editor (x32 Version: 5.55)
WEB.DE Internet Explorer Addon (x32 Version: 1.0.1.0)
WEB.DE MailCheck für Internet Explorer (x32 Version: 1.8.1.0)
WEB.DE MailCheck für Mozilla Firefox (x32 Version: 2.1.4.1420)
WEB.DE Softwareaktualisierung (x32 Version: 3.0.0.55)
WebReg (x32 Version: 140.0.297.017)
WildTangent Games (x32 Version: 1.0.1.5)
WildTangent Games App (x32 Version: 4.0.10.17)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3502.0922)
Windows Live fotoattēlu galerija (x32 Version: 15.4.3502.0922)
Windows Live Fotogaléria (x32 Version: 15.4.3502.0922)
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922)
Windows Live Foto-galerija (x32 Version: 15.4.3502.0922)
Windows Live Fotogalleri (x32 Version: 15.4.3502.0922)
Windows Live Fotoğraf Galerisi (x32 Version: 15.4.3502.0922)
Windows Live Fotótár (x32 Version: 15.4.3502.0922)
Windows Live Galeria de Fotos (x32 Version: 15.4.3502.0922)
Windows Live Galerija fotografija (x32 Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (x32 Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3502.0922)
Windows Live Mail (x32 Version: 15.4.3502.0922)
Windows Live Mesh (x32 Version: 15.4.3502.0922)
Windows Live Messenger (x32 Version: 15.4.3502.0922)
Windows Live Messenger Companion Core (x32 Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (x32 Version: 15.4.3502.0922)
Windows Live Photo Common (x32 Version: 15.4.3502.0922)
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922)
Windows Live PIMT Platform (x32 Version: 15.4.3502.0922)
Windows Live Pošta (x32 Version: 15.4.3502.0922)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (x32 Version: 15.4.3502.0922)
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922)
Windows Live Temel Parçalar (x32 Version: 15.4.3502.0922)
Windows Live UX Platform (x32 Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (x32 Version: 15.4.3502.0922)
Windows Live Writer (x32 Version: 15.4.3502.0922)
Windows Live Writer Resources (x32 Version: 15.4.3502.0922)
Windows Live 메일 (x32 Version: 15.4.3502.0922)
Windows Live 사진 갤러리 (x32 Version: 15.4.3502.0922)
Windows Live 필수 패키지 (x32 Version: 15.4.3502.0922)
Windows Live 影像中心 (x32 Version: 15.4.3502.0922)
Windows Live 照片库 (x32 Version: 15.4.3502.0922)
Windows Live 程式集 (x32 Version: 15.4.3502.0922)
Windows Live 软件包 (x32 Version: 15.4.3502.0922)
Windows Liven asennustyökalu (x32 Version: 15.4.3502.0922)
Windows Liven sähköposti (x32 Version: 15.4.3502.0922)
Windows Liven valokuvavalikoima (x32 Version: 15.4.3502.0922)
Windows Utils (x32)
WinRAR 4.01 (32-Bit) (x32 Version: 4.01.0)
WinRAR 5.01 (64-Bit) (Version: 5.01.0)
YouTube Song Downloader (x32 Version: 8.2)
Zip Uncompressor (HKCU)
Zuma Deluxe (x32 Version: 2.2.0.95)
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922)
Компаньон Messenger (x32 Version: 15.4.3502.0922)
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922)
Помощник на Messenger (x32 Version: 15.4.3502.0922)
Почта Windows Live (x32 Version: 15.4.3502.0922)
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922)
Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922)
גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922)
מסייע Messenger (x32 Version: 15.4.3502.0922)
بريد Windows Live (x32 Version: 15.4.3502.0922)
معرض صور Windows Live (x32 Version: 15.4.3502.0922)

==================== Restore Points  =========================

10-12-2013 17:38:38 Installed Java 7 Update 45 (64-bit)
13-12-2013 15:16:43 avast! antivirus system restore point
21-12-2013 07:55:50 Geplanter Prüfpunkt
22-12-2013 15:52:03 avast! antivirus system restore point

==================== Hosts content: ==========================

2012-07-26 06:26 - 2012-07-26 06:26 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {06261A46-731C-41A3-9BB4-1B0C4EFE91F4} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2013-12-22] (AVAST Software)
Task: {0C3D4DFF-0FA3-42BB-A0EB-4563720CE3C5} - System32\Tasks\Freemium1ClickMaint => C:\Users\Daniel\Downloads\1Click.exe
Task: {0DD4C0E1-F55F-4A71-B9CA-A0C0F7FD8C51} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDImmunize.exe
Task: {130FFDFE-FCD5-4F00-B08C-B76AE5444053} - System32\Tasks\Real Player-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe [2012-06-11] (RealNetworks, Inc.)
Task: {16DBA24B-6B6E-4146-AE7A-9ED9AFCACE50} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {185C1432-19CF-48B4-B46C-CC4842ABBFED} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {1D0FCC3C-0165-460A-A651-C9EBC38A4F4A} - System32\Tasks\BatteryLifeExtender => C:\Program Files (x86)\Samsung\BatteryLifeExtender\BatteryLifeExtender.exe [2010-08-12] (Samsung Electronics. Co. Ltd.)
Task: {1F6A66F1-A8E3-41E6-AEE7-537FFB8549FF} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {2F4BF0A5-BE69-4B72-82AD-D2B5F994AE5A} - System32\Tasks\SidebarExecute => C:\Program Files\Windows Sidebar\sidebar.exe
Task: {30A39DFA-DC24-4020-8880-34BEB6ADF6F7} - System32\Tasks\1und1 Konfiguration => C:\ProgramData\1und1InternetExplorerAddon\ConfigTask.exe [2011-04-19] (1und1 Mail und Media GmbH)
Task: {41E8E4EA-87C9-49EF-8AF4-6E15BB88499E} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe
Task: {4C8811BD-0D34-47AC-98FD-241960E40683} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDScan.exe
Task: {4F23E053-9467-4904-A240-CDD89976861E} - System32\Tasks\ProtectedSearch\Protected Search => C:\Program Files (x86)\HomeTab\ProtectedSearch.exe
Task: {51F97A20-E480-425B-AAFF-B3FC0649B56D} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {586BDE07-4055-4467-94E3-F0B501A48D8C} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {64ADFB50-0DA6-4711-A4D2-AE79CACE7A57} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe
Task: {68564ACC-B1DA-4F44-872B-E57920A6E504} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04] (Adobe Systems Incorporated)
Task: {6A4A7A4E-EC5D-4A6F-AEC2-F9145042026D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2012-10-24] (Piriform Ltd)
Task: {6D5030DC-98F9-41D8-AD8E-A9882A100516} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {6F6EAFC6-EB11-4440-A895-771D00D2208C} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
Task: {70D02B60-8BBA-48EA-B48D-96F54B30258A} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-1252512109-3750120672-4145686215-1001 => C:\Program Files (x86)\Real\RealUpgrade\realupgrade.exe [2012-04-30] (RealNetworks, Inc.)
Task: {7E392510-1A4E-42C6-BF0F-A2DCD3969AC4} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-03-12] (Oracle Corporation)
Task: {824042B9-125D-434F-8346-9B8855B31547} - System32\Tasks\MovieColorEnhancer => C:\Program Files (x86)\Samsung\Movie Color Enhancer\MovieColorEnhancer.exe [2010-08-19] (Samsung Electronics Co., Ltd.)
Task: {85740EB5-5C3D-4EFE-8052-2ED8803E99EA} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {868C21BA-5541-472B-A94C-026E79FB3134} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe
Task: {88453497-4FA8-4782-9C46-3274391AE15E} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
Task: {884B0483-ACC6-482D-9EA0-5BD3733A7196} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe
Task: {8C4DA8E0-4158-4D6E-9BFC-657A3470C983} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {97221228-A20C-4C39-A64E-91E6BB7DAB03} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
Task: {9A77704E-3EC4-4448-A898-C90F56AD8575} - System32\Tasks\Scheduled Update for Ask Toolbar => C:\Program Files (x86)\Ask.com\UpdateTask.exe
Task: {9F9EC330-C7BA-4C0B-85C0-E95AC2863479} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\System32\NotificationUI.exe [2013-08-16] (Microsoft Corporation)
Task: {A0E16638-6A12-4DD1-BDA8-20A369A3AE02} - System32\Tasks\Registration 1und1 Task => C:\Program Files (x86)\1und1Softwareaktualisierung\cdsupdclient.exe [2013-06-18] (1&1 Mail & Media GmbH)
Task: {A23AA37F-F01C-401D-A293-FAC9F81BF83E} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-1252512109-3750120672-4145686215-1001 => C:\Program Files (x86)\Real\RealUpgrade\realupgrade.exe [2012-04-30] (RealNetworks, Inc.)
Task: {A4C380CB-D8B1-4EC4-992B-5A5097727673} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-10] (Adobe Systems Incorporated)
Task: {A6E5FDC1-F8EA-4933-9FBD-E84B6B7BD79A} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {AE26AB62-C098-4417-B6C6-2BCA8A7E7C82} - System32\Tasks\EasyBatteryManager => C:\Program Files (x86)\Samsung\EasyBatteryManager\EasyBatteryMgr4.exe [2010-07-20] (SAMSUNG Electronics co., LTD.)
Task: {AE98152B-61B8-4857-8883-BE617E92A027} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {B014F3FC-B6B8-482F-8E42-C281CADF1CA3} - System32\Tasks\Software Updater => C:\Program Files (x86)\SoftwareUpdater\SoftwareUpdater.Bootstrapper.exe
Task: {B4F82F9E-F1C4-4E5F-BFBF-05D0DD063496} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe
Task: {BCBA4863-D29F-40EE-B4AB-A489F6EC3678} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDUpdate.exe
Task: {BD890FD7-44D2-4EC0-8EE0-C2331BC7B185} - System32\Tasks\Software Updater Ui => C:\Program Files (x86)\SoftwareUpdater\SoftwareUpdater.Ui.exe
Task: {C0B2B14E-481D-4202-A35F-78261F073DA6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-10-01] (Google Inc.)
Task: {C40F0EC9-C241-42E2-BCF7-6DF16518D827} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {CA351C29-B5C0-4B80-8395-17ADF7C45E89} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe
Task: {D197758F-58A9-480A-A927-C19B5824D69D} - System32\Tasks\SUPBackground => C:\Program Files (x86)\Samsung\Samsung Update Plus\SUPBackground.exe [2011-12-20] (Samsung Electronics)
Task: {D46B1456-4888-4FA7-B578-AE972520F114} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe
Task: {DE2360B8-7E9A-4315-9E6A-C32D81583282} - System32\Tasks\HP-Online-Aktualisierungsprogramm => C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe [2010-06-09] (Hewlett-Packard)
Task: {E6CE5B74-6D53-4E69-B3E9-1E91887654D5} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2013\OneClick.exe [2013-12-10] (TuneUp Software)
Task: {EB30C407-F092-4020-BC21-B788E573BB11} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {EBC8F349-FC83-4441-ADA4-0EB1081C1927} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {F0E422C8-F22D-4F15-9D51-CCCF0217AC36} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-10-01] (Google Inc.)
Task: {F5E483E0-2416-4D35-9464-EA6B7DDDF1B8} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-12-22 20:52 - 2013-12-22 17:58 - 02154496 _____ () C:\Program Files\AVAST Software\Avast\defs\13122201\algo.dll
2012-11-28 14:13 - 2012-11-28 14:13 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2012-11-28 14:13 - 2012-11-28 14:13 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-07-28 08:49 - 2013-05-16 09:55 - 00113496 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2013-07-28 08:49 - 2013-05-16 09:55 - 00161112 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2013-07-28 08:49 - 2013-05-16 09:55 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2013-07-28 08:49 - 2012-08-23 09:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2013-07-28 08:49 - 2012-04-03 16:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2013-11-30 16:39 - 2013-11-30 16:39 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2010-10-25 03:01 - 2010-07-05 11:42 - 00203776 _____ () C:\Program Files (x86)\Samsung\Movie Color Enhancer\WinCRT.dll
2013-12-21 07:33 - 2013-12-21 07:34 - 03559024 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\Temp:5C321E34
AlternateDataStreams: C:\ProgramData\Temp:AFC732F7

==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============

Name: Photosmart C5100 series
Description: Photosmart C5100 series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (12/23/2013 11:24:24 AM) (Source: Microsoft-Windows-User Profiles Service) (User: NT-AUTORITÄT)
Description: Die Klassenregistrierungsdatei kann nicht geladen werden.
 DETAIL - Die Datenbank der Konfigurationsregistrierung ist beschädigt.

Error: (12/23/2013 11:24:24 AM) (Source: Microsoft-Windows-User Profiles Service) (User: NT-AUTORITÄT)
Description: Die Registrierung konnte nicht geladen werden. Dieses Problem wird oft durch zuwenig Arbeitsspeicher oder nicht ausreichende Sicherheitsberechtigungen verursacht.

 Details - Die Datenbank der Konfigurationsregistrierung ist beschädigt.
 for C:\Users\Daniel\AppData\Local\Microsoft\Windows\\UsrClass.dat

Error: (12/23/2013 11:24:24 AM) (Source: Microsoft-Windows-User Profiles Service) (User: NT-AUTORITÄT)
Description: Die Klassenregistrierungsdatei kann nicht geladen werden.
 DETAIL - Die Datenbank der Konfigurationsregistrierung ist beschädigt.

Error: (12/23/2013 11:24:24 AM) (Source: Microsoft-Windows-User Profiles Service) (User: NT-AUTORITÄT)
Description: Die Registrierung konnte nicht geladen werden. Dieses Problem wird oft durch zuwenig Arbeitsspeicher oder nicht ausreichende Sicherheitsberechtigungen verursacht.

 Details - Die Datenbank der Konfigurationsregistrierung ist beschädigt.
 for C:\Users\Daniel\AppData\Local\Microsoft\Windows\\UsrClass.dat

Error: (12/23/2013 11:21:59 AM) (Source: Microsoft-Windows-User Profiles Service) (User: NT-AUTORITÄT)
Description: Die Klassenregistrierungsdatei kann nicht geladen werden.
 DETAIL - Die Datenbank der Konfigurationsregistrierung ist beschädigt.

Error: (12/23/2013 11:21:59 AM) (Source: Microsoft-Windows-User Profiles Service) (User: NT-AUTORITÄT)
Description: Die Registrierung konnte nicht geladen werden. Dieses Problem wird oft durch zuwenig Arbeitsspeicher oder nicht ausreichende Sicherheitsberechtigungen verursacht.

 Details - Die Datenbank der Konfigurationsregistrierung ist beschädigt.
 for C:\Users\Daniel\AppData\Local\Microsoft\Windows\\UsrClass.dat

Error: (12/23/2013 11:21:58 AM) (Source: Microsoft-Windows-User Profiles Service) (User: NT-AUTORITÄT)
Description: Die Klassenregistrierungsdatei kann nicht geladen werden.
 DETAIL - Die Datenbank der Konfigurationsregistrierung ist beschädigt.

Error: (12/23/2013 11:21:58 AM) (Source: Microsoft-Windows-User Profiles Service) (User: NT-AUTORITÄT)
Description: Die Registrierung konnte nicht geladen werden. Dieses Problem wird oft durch zuwenig Arbeitsspeicher oder nicht ausreichende Sicherheitsberechtigungen verursacht.

 Details - Die Datenbank der Konfigurationsregistrierung ist beschädigt.
 for C:\Users\Daniel\AppData\Local\Microsoft\Windows\\UsrClass.dat

Error: (12/23/2013 11:21:32 AM) (Source: Microsoft-Windows-User Profiles Service) (User: NT-AUTORITÄT)
Description: Die Klassenregistrierungsdatei kann nicht geladen werden.
 DETAIL - Die Datenbank der Konfigurationsregistrierung ist beschädigt.

Error: (12/23/2013 11:21:32 AM) (Source: Microsoft-Windows-User Profiles Service) (User: NT-AUTORITÄT)
Description: Die Registrierung konnte nicht geladen werden. Dieses Problem wird oft durch zuwenig Arbeitsspeicher oder nicht ausreichende Sicherheitsberechtigungen verursacht.

 Details - Die Datenbank der Konfigurationsregistrierung ist beschädigt.
 for C:\Users\Daniel\AppData\Local\Microsoft\Windows\\UsrClass.dat


System errors:
=============
Error: (12/23/2013 11:03:50 AM) (Source: Microsoft-Windows-WHEA-Logger) (User: NT-AUTORITÄT)
Description: Schwerwiegender Hardwarefehler.

Gemeldet von Komponente: Prozessorkern
Fehlerquelle: 3
Fehlertyp: 9
Prozessor-APIC-ID: 0

Die Detailansicht dieses Eintrags beinhaltet weitere Informationen.

Error: (12/23/2013 11:03:35 AM) (Source: Service Control Manager) (User: )
Description: Der Aufruf "LoadUserProfile" ist aufgrund folgenden Fehlers fehlgeschlagen:
%%1009

Error: (12/23/2013 11:03:09 AM) (Source: Service Control Manager) (User: )
Description: Der Aufruf "LoadUserProfile" ist aufgrund folgenden Fehlers fehlgeschlagen:
%%1009

Error: (12/23/2013 11:02:53 AM) (Source: Service Control Manager) (User: )
Description: Der Aufruf "LoadUserProfile" ist aufgrund folgenden Fehlers fehlgeschlagen:
%%1009

Error: (12/23/2013 11:02:53 AM) (Source: Service Control Manager) (User: )
Description: Der Aufruf "LoadUserProfile" ist aufgrund folgenden Fehlers fehlgeschlagen:
%%1009

Error: (12/23/2013 11:02:50 AM) (Source: Service Control Manager) (User: )
Description: Der Aufruf "LoadUserProfile" ist aufgrund folgenden Fehlers fehlgeschlagen:
%%1009

Error: (12/23/2013 11:02:27 AM) (Source: Service Control Manager) (User: )
Description: Der Aufruf "LoadUserProfile" ist aufgrund folgenden Fehlers fehlgeschlagen:
%%1009

Error: (12/23/2013 11:02:19 AM) (Source: Service Control Manager) (User: )
Description: Der Aufruf "LoadUserProfile" ist aufgrund folgenden Fehlers fehlgeschlagen:
%%1009

Error: (12/23/2013 11:02:18 AM) (Source: Service Control Manager) (User: )
Description: Der Aufruf "LoadUserProfile" ist aufgrund folgenden Fehlers fehlgeschlagen:
%%1009

Error: (12/23/2013 11:01:57 AM) (Source: Microsoft-Windows-Kernel-General) (User: NT-AUTORITÄT)
Description: 0xc000014d0


Microsoft Office Sessions:
=========================
Error: (12/23/2013 11:24:24 AM) (Source: Microsoft-Windows-User Profiles Service)(User: NT-AUTORITÄT)
Description: Die Datenbank der Konfigurationsregistrierung ist beschädigt.

Error: (12/23/2013 11:24:24 AM) (Source: Microsoft-Windows-User Profiles Service)(User: NT-AUTORITÄT)
Description: Die Datenbank der Konfigurationsregistrierung ist beschädigt.
C:\Users\Daniel\AppData\Local\Microsoft\Windows\\UsrClass.dat

Error: (12/23/2013 11:24:24 AM) (Source: Microsoft-Windows-User Profiles Service)(User: NT-AUTORITÄT)
Description: Die Datenbank der Konfigurationsregistrierung ist beschädigt.

Error: (12/23/2013 11:24:24 AM) (Source: Microsoft-Windows-User Profiles Service)(User: NT-AUTORITÄT)
Description: Die Datenbank der Konfigurationsregistrierung ist beschädigt.
C:\Users\Daniel\AppData\Local\Microsoft\Windows\\UsrClass.dat

Error: (12/23/2013 11:21:59 AM) (Source: Microsoft-Windows-User Profiles Service)(User: NT-AUTORITÄT)
Description: Die Datenbank der Konfigurationsregistrierung ist beschädigt.

Error: (12/23/2013 11:21:59 AM) (Source: Microsoft-Windows-User Profiles Service)(User: NT-AUTORITÄT)
Description: Die Datenbank der Konfigurationsregistrierung ist beschädigt.
C:\Users\Daniel\AppData\Local\Microsoft\Windows\\UsrClass.dat

Error: (12/23/2013 11:21:58 AM) (Source: Microsoft-Windows-User Profiles Service)(User: NT-AUTORITÄT)
Description: Die Datenbank der Konfigurationsregistrierung ist beschädigt.

Error: (12/23/2013 11:21:58 AM) (Source: Microsoft-Windows-User Profiles Service)(User: NT-AUTORITÄT)
Description: Die Datenbank der Konfigurationsregistrierung ist beschädigt.
C:\Users\Daniel\AppData\Local\Microsoft\Windows\\UsrClass.dat

Error: (12/23/2013 11:21:32 AM) (Source: Microsoft-Windows-User Profiles Service)(User: NT-AUTORITÄT)
Description: Die Datenbank der Konfigurationsregistrierung ist beschädigt.

Error: (12/23/2013 11:21:32 AM) (Source: Microsoft-Windows-User Profiles Service)(User: NT-AUTORITÄT)
Description: Die Datenbank der Konfigurationsregistrierung ist beschädigt.
C:\Users\Daniel\AppData\Local\Microsoft\Windows\\UsrClass.dat


CodeIntegrity Errors:
===================================
  Date: 2013-10-11 18:24:17.931
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll with signing level Unsigned while the system requires signing level Microsoft or better to load.

  Date: 2013-10-11 18:24:17.766
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll with signing level Unsigned while the system requires signing level Microsoft or better to load.

  Date: 2013-10-11 18:24:17.623
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll with signing level Unsigned while the system requires signing level Microsoft or better to load.

  Date: 2013-10-11 18:24:17.372
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll with signing level Unsigned while the system requires signing level Microsoft or better to load.

  Date: 2013-10-11 18:24:17.296
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll with signing level Unsigned while the system requires signing level Microsoft or better to load.

  Date: 2013-10-11 18:24:17.103
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll with signing level Unsigned while the system requires signing level Microsoft or better to load.

  Date: 2013-10-11 17:56:44.224
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll with signing level Unsigned while the system requires signing level Microsoft or better to load.

  Date: 2013-10-11 17:56:43.976
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll with signing level Unsigned while the system requires signing level Microsoft or better to load.

  Date: 2013-10-11 17:56:43.784
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll with signing level Unsigned while the system requires signing level Microsoft or better to load.

  Date: 2013-10-11 17:56:43.511
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll with signing level Unsigned while the system requires signing level Microsoft or better to load.


==================== Memory info ===========================

Percentage of memory in use: 28%
Total physical RAM: 6076.41 MB
Available physical RAM: 4326.15 MB
Total Pagefile: 12220.41 MB
Available Pagefile: 10331.36 MB
Total Virtual: 8192 MB
Available Virtual: 8191.75 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:231 GB) (Free:63.62 GB) NTFS
Drive d: () (Fixed) (Total:344.18 GB) (Free:303.86 GB) NTFS
Drive f: (TOSHIBA EXT) (Fixed) (Total:931.41 GB) (Free:767.59 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 596 GB) (Disk ID: 7BA3F2D1)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=231 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=344 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=21 GB) - (Type=12)

========================================================
Disk: 1 (MBR Code: Windows 7 or Vista) (Size: 932 GB) (Disk ID: 2067C1CD)
Partition 1: (Not Active) - (Size=931 GB) - (Type=07 NTFS)

==================== End Of Log ============================
GMER.log

Code:
GMER 2.1.19163 - hxxp://www.gmer.net
Rootkit scan 2013-12-23 11:53:04
Windows 6.2.9200  x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 SAMSUNG_ rev.2AJ1 596,17GB
Running: gmer_2.1.19163.exe; Driver: C:\Users\Daniel\AppData\Local\Temp\uwdyrpod.sys


---- User code sections - GMER 2.1 ----

.text  C:\WINDOWS\system32\csrss.exe[676] C:\WINDOWS\SYSTEM32\kernel32.dll!GetBinaryTypeW + 163                                                      000007fbee4bf7eb 1 byte [62]
.text  C:\WINDOWS\system32\wininit.exe[764] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 163                                                    000007fbee4bf7eb 1 byte [62]
.text  C:\WINDOWS\system32\csrss.exe[784] C:\WINDOWS\SYSTEM32\kernel32.dll!GetBinaryTypeW + 163                                                      000007fbee4bf7eb 1 byte [62]
.text  C:\WINDOWS\system32\winlogon.exe[840] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 163                                                  000007fbee4bf7eb 1 byte [62]
.text  C:\WINDOWS\SYSTEM32\SERVICES.EXE[872] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 163                                                  000007fbee4bf7eb 1 byte [62]
.text  C:\WINDOWS\SYSTEM32\LSASS.EXE[880] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 163                                                      000007fbee4bf7eb 1 byte [62]
.text  C:\WINDOWS\SYSTEM32\SVCHOST.EXE[984] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 163                                                    000007fbee4bf7eb 1 byte [62]
.text  C:\WINDOWS\system32\nvvsvc.exe[380] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 163                                                    000007fbee4bf7eb 1 byte [62]
.text  C:\WINDOWS\system32\svchost.exe[396] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 163                                                    000007fbee4bf7eb 1 byte [62]
.text  C:\WINDOWS\SYSTEM32\SVCHOST.EXE[604] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 163                                                    000007fbee4bf7eb 1 byte [62]
.text  C:\WINDOWS\SYSTEM32\DWM.EXE[592] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 163                                                        000007fbee4bf7eb 1 byte [62]
.text  C:\WINDOWS\SYSTEM32\DWM.EXE[592] C:\WINDOWS\system32\PSAPI.DLL!GetProcessImageFileNameA + 306                                                000007fbed18177a 4 bytes [18, ED, FB, 07]
.text  C:\WINDOWS\SYSTEM32\DWM.EXE[592] C:\WINDOWS\system32\PSAPI.DLL!GetProcessImageFileNameA + 314                                                000007fbed181782 4 bytes [18, ED, FB, 07]
.text  C:\WINDOWS\SYSTEM32\SVCHOST.EXE[688] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 163                                                    000007fbee4bf7eb 1 byte [62]
.text  C:\WINDOWS\system32\svchost.exe[780] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 163                                                    000007fbee4bf7eb 1 byte [62]
.text  C:\WINDOWS\SYSTEM32\SVCHOST.EXE[1084] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 163                                                  000007fbee4bf7eb 1 byte [62]
.text  C:\PROGRAM FILES\NVIDIA CORPORATION\DISPLAY\NVXDSYNC.EXE[1136] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 163                          000007fbee4bf7eb 1 byte [62]
.text  C:\PROGRAM FILES\NVIDIA CORPORATION\DISPLAY\NVXDSYNC.EXE[1136] C:\WINDOWS\SYSTEM32\MSIMG32.dll!GradientFill + 690                            000007fbe7091532 4 bytes [09, E7, FB, 07]
.text  C:\PROGRAM FILES\NVIDIA CORPORATION\DISPLAY\NVXDSYNC.EXE[1136] C:\WINDOWS\SYSTEM32\MSIMG32.dll!GradientFill + 698                            000007fbe709153a 4 bytes [09, E7, FB, 07]
.text  C:\PROGRAM FILES\NVIDIA CORPORATION\DISPLAY\NVXDSYNC.EXE[1136] C:\WINDOWS\SYSTEM32\MSIMG32.dll!TransparentBlt + 246                          000007fbe709165a 4 bytes [09, E7, FB, 07]
.text  C:\WINDOWS\system32\nvvsvc.exe[1144] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 163                                                    000007fbee4bf7eb 1 byte [62]
.text  C:\WINDOWS\system32\nvvsvc.exe[1144] C:\WINDOWS\system32\MSIMG32.dll!GradientFill + 690                                                      000007fbe7091532 4 bytes [09, E7, FB, 07]
.text  C:\WINDOWS\system32\nvvsvc.exe[1144] C:\WINDOWS\system32\MSIMG32.dll!GradientFill + 698                                                      000007fbe709153a 4 bytes [09, E7, FB, 07]
.text  C:\WINDOWS\system32\nvvsvc.exe[1144] C:\WINDOWS\system32\MSIMG32.dll!TransparentBlt + 246                                                    000007fbe709165a 4 bytes [09, E7, FB, 07]
.text  C:\WINDOWS\system32\nvvsvc.exe[1144] C:\WINDOWS\system32\PSAPI.DLL!GetProcessImageFileNameA + 306                                            000007fbed18177a 4 bytes [18, ED, FB, 07]
.text  C:\WINDOWS\system32\nvvsvc.exe[1144] C:\WINDOWS\system32\PSAPI.DLL!GetProcessImageFileNameA + 314                                            000007fbed181782 4 bytes [18, ED, FB, 07]
.text  C:\WINDOWS\SYSTEM32\SVCHOST.EXE[1240] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 163                                                  000007fbee4bf7eb 1 byte [62]
.text  C:\WINDOWS\SYSTEM32\SVCHOST.EXE[1276] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 163                                                  000007fbee4bf7eb 1 byte [62]
.text  C:\WINDOWS\SYSTEM32\SPOOLSV.EXE[1684] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 163                                                  000007fbee4bf7eb 1 byte [62]
.text  C:\WINDOWS\system32\svchost.exe[1892] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 163                                                  000007fbee4bf7eb 1 byte [62]
.text  C:\WINDOWS\system32\BtwRSupportService.exe[2056] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 163                                        000007fbee4bf7eb 1 byte [62]
.text  C:\WINDOWS\system32\BtwRSupportService.exe[2056] C:\WINDOWS\system32\MSIMG32.dll!GradientFill + 690                                          000007fbe7091532 4 bytes [09, E7, FB, 07]
.text  C:\WINDOWS\system32\BtwRSupportService.exe[2056] C:\WINDOWS\system32\MSIMG32.dll!GradientFill + 698                                          000007fbe709153a 4 bytes [09, E7, FB, 07]
.text  C:\WINDOWS\system32\BtwRSupportService.exe[2056] C:\WINDOWS\system32\MSIMG32.dll!TransparentBlt + 246                                        000007fbe709165a 4 bytes [09, E7, FB, 07]
.text  C:\WINDOWS\system32\svchost.exe[2092] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 163                                                  000007fbee4bf7eb 1 byte [62]
.text  C:\WINDOWS\SYSTEM32\DASHOST.EXE[2196] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 163                                                  000007fbee4bf7eb 1 byte [62]
.text  C:\WINDOWS\system32\mqsvc.exe[2304] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 163                                                    000007fbee4bf7eb 1 byte [62]
.text  C:\WINDOWS\system32\mqsvc.exe[2304] C:\WINDOWS\system32\WSOCK32.dll!recvfrom + 742                                                            000007fbe3861b32 4 bytes [86, E3, FB, 07]
.text  C:\WINDOWS\system32\mqsvc.exe[2304] C:\WINDOWS\system32\WSOCK32.dll!recvfrom + 750                                                            000007fbe3861b3a 4 bytes [86, E3, FB, 07]
.text  C:\WINDOWS\System32\svchost.exe[2332] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 163                                                  000007fbee4bf7eb 1 byte [62]
.text  C:\WINDOWS\System32\svchost.exe[2332] c:\windows\system32\WSOCK32.dll!recvfrom + 742                                                          000007fbe3861b32 4 bytes [86, E3, FB, 07]
.text  C:\WINDOWS\System32\svchost.exe[2332] c:\windows\system32\WSOCK32.dll!recvfrom + 750                                                          000007fbe3861b3a 4 bytes [86, E3, FB, 07]
.text  C:\WINDOWS\System32\svchost.exe[2548] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 163                                                  000007fbee4bf7eb 1 byte [62]
.text  C:\WINDOWS\System32\svchost.exe[2548] c:\windows\system32\WSOCK32.dll!recvfrom + 742                                                          000007fbe3861b32 4 bytes [86, E3, FB, 07]
.text  C:\WINDOWS\System32\svchost.exe[2548] c:\windows\system32\WSOCK32.dll!recvfrom + 750                                                          000007fbe3861b3a 4 bytes [86, E3, FB, 07]
.text  C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe[2732] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 163                          000007fbee4bf7eb 1 byte [62]
.text  C:\WINDOWS\system32\svchost.exe[2752] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 163                                                  000007fbee4bf7eb 1 byte [62]
.text  C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2013\TUNEUPUTILITIESSERVICE64.EXE[1664] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 163        000007fbee4bf7eb 1 byte [62]
.text  C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2013\TUNEUPUTILITIESSERVICE64.EXE[1664] C:\WINDOWS\system32\PSAPI.DLL!GetProcessImageFileNameA + 306  000007fbed18177a 4 bytes [18, ED, FB, 07]
.text  C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2013\TUNEUPUTILITIESSERVICE64.EXE[1664] C:\WINDOWS\system32\PSAPI.DLL!GetProcessImageFileNameA + 314  000007fbed181782 4 bytes [18, ED, FB, 07]
.text  C:\WINDOWS\system32\svchost.exe[3084] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 163                                                  000007fbee4bf7eb 1 byte [62]
.text  C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe[3328] C:\WINDOWS\system32\KERNEL32.dll!GetBinaryTypeW + 163                    000007fbee4bf7eb 1 byte [62]
.text  C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe[3928] C:\WINDOWS\system32\KERNEL32.dll!GetBinaryTypeW + 163                    000007fbee4bf7eb 1 byte [62]
.text  C:\WINDOWS\SYSTEM32\TASKHOSTEX.EXE[4152] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 163                                                000007fbee4bf7eb 1 byte [62]
.text  C:\WINDOWS\EXPLORER.EXE[4216] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 163                                                          000007fbee4bf7eb 1 byte [62]
.text  C:\WINDOWS\EXPLORER.EXE[4216] C:\WINDOWS\system32\PSAPI.DLL!GetProcessImageFileNameA + 306                                                    000007fbed18177a 4 bytes [18, ED, FB, 07]
.text  C:\WINDOWS\EXPLORER.EXE[4216] C:\WINDOWS\system32\PSAPI.DLL!GetProcessImageFileNameA + 314                                                    000007fbed181782 4 bytes [18, ED, FB, 07]
.text  C:\PROGRAM FILES\NVIDIA CORPORATION\DISPLAY\NVTRAY.EXE[4776] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 163                            000007fbee4bf7eb 1 byte [62]
.text  C:\PROGRAM FILES\NVIDIA CORPORATION\DISPLAY\NVTRAY.EXE[4776] C:\WINDOWS\SYSTEM32\MSIMG32.dll!GradientFill + 690                              000007fbe7091532 4 bytes [09, E7, FB, 07]
.text  C:\PROGRAM FILES\NVIDIA CORPORATION\DISPLAY\NVTRAY.EXE[4776] C:\WINDOWS\SYSTEM32\MSIMG32.dll!GradientFill + 698                              000007fbe709153a 4 bytes [09, E7, FB, 07]
.text  C:\PROGRAM FILES\NVIDIA CORPORATION\DISPLAY\NVTRAY.EXE[4776] C:\WINDOWS\SYSTEM32\MSIMG32.dll!TransparentBlt + 246                            000007fbe709165a 4 bytes [09, E7, FB, 07]
.text  C:\WINDOWS\SYSTEM32\SVCHOST.EXE[4256] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 163                                                  000007fbee4bf7eb 1 byte [62]
.text  C:\WINDOWS\system32\svchost.exe[5476] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 163                                                  000007fbee4bf7eb 1 byte [62]
.text  C:\WINDOWS\SYSTEM32\TASKENG.EXE[5764] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 163                                                  000007fbee4bf7eb 1 byte [62]
.text  C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2013\TuneUpUtilitiesApp64.EXE[5864] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 163            000007fbee4bf7eb 1 byte [62]
.text  C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2013\TuneUpUtilitiesApp64.EXE[5864] C:\WINDOWS\system32\PSAPI.DLL!GetProcessImageFileNameA + 306      000007fbed18177a 4 bytes [18, ED, FB, 07]
.text  C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2013\TuneUpUtilitiesApp64.EXE[5864] C:\WINDOWS\system32\PSAPI.DLL!GetProcessImageFileNameA + 314      000007fbed181782 4 bytes [18, ED, FB, 07]
.text  C:\WINDOWS\SYSTEM32\SEARCHINDEXER.EXE[2936] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 163                                            000007fbee4bf7eb 1 byte [62]
.text  C:\WINDOWS\SYSTEM32\TASKENG.EXE[3860] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 163                                                  000007fbee4bf7eb 1 byte [62]
.text  C:\WINDOWS\SYSTEM32\SEARCHPROTOCOLHOST.EXE[968] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 163                                        000007fbee4bf7eb 1 byte [62]
.text  C:\WINDOWS\SYSTEM32\AUDIODG.EXE[6108] C:\WINDOWS\SYSTEM32\KERNEL32.DLL!GetBinaryTypeW + 163                                                  000007fbee4bf7eb 1 byte [62]

---- Threads - GMER 2.1 ----

Thread  C:\WINDOWS\system32\csrss.exe [784:808]                                                                                                      fffff960009a75e8

---- Registry - GMER 2.1 ----

Reg    HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Kernel\RNG@RNGAuxiliarySeed                                                            57209402
Reg    HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\b4749f66f08d                                                                 
Reg    HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Upgrade\LocalRadioSettings                                                                   

---- Disk sectors - GMER 2.1 ----

Disk    \Device\Harddisk0\DR0                                                                                                                        unknown MBR code

---- EOF - GMER 2.1 ----
Danke im voraus

schrauber 23.12.2013 19:23
hi,
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!
Downloade dir bitte Combofix vom folgenden Downloadspiegel

Link 1


WICHTIG - Speichere Combofix auf deinem Desktop
  • Deaktiviere bitte all deine Anti Viren sowie Anti Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören.
Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort.


Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

LuciLu 24.12.2013 00:14
Hier ist die txt Datei

Code:
ComboFix 13-12-23.01 - Daniel 23.12.2013  23:58:58.1.8 - x64
Microsoft Windows 8 Pro  6.2.9200.0.1252.49.1031.18.6076.4696 [GMT 1:00]
ausgeführt von:: c:\users\Daniel\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Spybot - Search and Destroy *Disabled/Outdated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((  Dateien erstellt von 2013-11-23 bis 2013-12-23  ))))))))))))))))))))))))))))))
.
.
2013-12-23 23:09 . 2013-12-23 23:09        --------        d-----w-        c:\users\UpdatusUser\AppData\Local\temp
2013-12-23 23:09 . 2013-12-23 23:09        --------        d-----w-        c:\users\DefaultAppPool\AppData\Local\temp
2013-12-23 23:09 . 2013-12-23 23:09        --------        d-----w-        c:\users\Default\AppData\Local\temp
2013-12-23 23:09 . 2013-12-23 23:09        --------        d-----w-        c:\users\Administrator\AppData\Local\temp
2013-12-23 12:24 . 2013-12-23 12:24        --------        d-----w-        c:\program files\Defraggler
2013-12-23 10:24 . 2013-12-23 10:24        --------        d-----w-        C:\FRST
2013-12-22 15:54 . 2013-12-22 15:54        82744        ----a-w-        c:\windows\system32\drivers\aswstm.sys
2013-12-18 04:55 . 2013-12-23 14:36        --------        d-----w-        c:\program files (x86)\Browser Utility
2013-12-16 16:17 . 2013-12-16 16:17        --------        d-----w-        c:\windows\LastGood.Tmp
2013-12-15 13:25 . 2013-11-01 01:45        23350272        ----a-w-        c:\program files\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll
2013-12-15 13:25 . 2013-11-01 01:16        22615040        ----a-w-        c:\program files (x86)\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll
2013-12-11 15:37 . 2013-10-25 06:19        51712        ----a-w-        c:\windows\system32\ie4uinit.exe
2013-12-10 17:40 . 2013-12-10 17:39        312744        ----a-w-        c:\windows\system32\javaws.exe
2013-12-10 17:40 . 2013-12-10 17:39        108968        ----a-w-        c:\windows\system32\WindowsAccessBridge-64.dll
2013-12-10 17:40 . 2013-12-10 17:39        189352        ----a-w-        c:\windows\system32\javaw.exe
2013-12-10 17:40 . 2013-12-10 17:39        189352        ----a-w-        c:\windows\system32\java.exe
2013-12-09 18:13 . 2013-12-21 09:09        --------        d-----w-        c:\users\Daniel\AppData\Local\SwvUpdater
2013-12-09 18:12 . 2013-12-18 04:54        --------        d-----w-        c:\users\Daniel\AppData\Local\DownloadGuide
2013-12-06 13:57 . 2013-12-06 13:57        --------        d-----w-        c:\users\Daniel\AppData\Local\MetaGeek,_LLC
2013-12-06 13:57 . 2013-12-06 13:57        --------        d-----w-        c:\users\Daniel\AppData\Local\IsolatedStorage
2013-12-06 13:57 . 2013-12-06 13:57        --------        d-sh--w-        c:\users\Daniel\AppData\Local\ms-drivers
2013-12-06 13:55 . 2013-12-06 13:55        --------        d-----w-        c:\program files (x86)\MetaGeek
2013-12-04 05:50 . 2013-12-04 05:50        --------        d-----w-        c:\program files\iPod
2013-12-04 05:50 . 2013-12-04 05:50        --------        d-----w-        c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-12-04 05:50 . 2013-12-04 05:50        --------        d-----w-        c:\program files\iTunes
2013-12-04 05:50 . 2013-12-04 05:50        --------        d-----w-        c:\program files (x86)\iTunes
2013-12-02 15:20 . 2013-12-02 15:20        --------        d-----w-        c:\users\Daniel\AppData\Local\Akamai
2013-11-30 18:36 . 2013-11-30 18:36        --------        d-----w-        c:\users\Daniel\AppData\Roaming\AVAST Software
.
.
.
((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-12-23 22:53 . 2012-11-16 19:29        4194304        ----a-w-        c:\windows\ServiceProfiles\NetworkService\msmqlog.bin
2013-12-22 15:54 . 2013-06-21 14:09        422216        ----a-w-        c:\windows\system32\drivers\aswSP.sys
2013-12-22 15:54 . 2013-06-21 14:09        78648        ----a-w-        c:\windows\system32\drivers\aswMonFlt.sys
2013-12-22 15:54 . 2013-06-21 14:09        334136        ----a-w-        c:\windows\system32\aswBoot.exe
2013-12-22 15:54 . 2013-06-21 14:09        207904        ----a-w-        c:\windows\system32\drivers\aswVmm.sys
2013-12-22 15:54 . 2013-06-21 14:09        1034464        ----a-w-        c:\windows\system32\drivers\aswSnx.sys
2013-12-22 15:54 . 2013-06-21 14:08        43152        ----a-w-        c:\windows\avastSS.scr
2013-12-16 05:02 . 2011-09-26 04:40        90708896        ----a-w-        c:\windows\system32\MRT.exe
2013-12-10 17:43 . 2013-01-18 16:36        35640        ----a-w-        c:\windows\system32\TURegOpt.exe
2013-12-10 17:43 . 2013-10-20 09:49        22328        ----a-w-        c:\windows\SysWow64\authuitu.dll
2013-12-10 17:43 . 2013-01-18 16:42        38200        ----a-w-        c:\windows\system32\uxtuneup.dll
2013-12-10 17:43 . 2013-01-18 16:42        30520        ----a-w-        c:\windows\SysWow64\uxtuneup.dll
2013-12-10 17:43 . 2013-01-18 16:36        26936        ----a-w-        c:\windows\system32\authuitu.dll
2013-12-04 00:53 . 2013-09-12 03:55        78304        ----a-w-        c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-12-04 00:53 . 2013-09-12 03:55        694240        ----a-w-        c:\windows\SysWow64\FlashPlayerApp.exe
2013-11-30 15:39 . 2013-06-21 14:09        92544        ----a-w-        c:\windows\system32\drivers\aswRdr2.sys
2013-11-30 15:39 . 2013-06-21 14:09        65776        ----a-w-        c:\windows\system32\drivers\aswRvrt.sys
2013-10-10 11:53 . 2013-11-14 05:47        96600        ----a-w-        c:\windows\system32\drivers\wfplwfs.sys
2013-10-10 09:21 . 2013-11-14 05:47        1160192        ----a-w-        c:\windows\system32\IKEEXT.DLL
2013-10-10 09:20 . 2013-11-14 05:47        723968        ----a-w-        c:\windows\system32\BFE.DLL
2013-10-02 23:25 . 2013-11-14 05:47        1300992        ----a-w-        c:\windows\system32\gdi32.dll
2013-10-01 23:37 . 2013-11-14 05:43        1569280        ----a-w-        c:\windows\SysWow64\crypt32.dll
2013-10-01 23:37 . 2013-11-14 05:22        2035712        ----a-w-        c:\windows\SysWow64\authui.dll
2013-10-01 23:26 . 2013-11-14 05:43        1890816        ----a-w-        c:\windows\system32\crypt32.dll
2013-10-01 23:26 . 2013-11-14 05:22        2304512        ----a-w-        c:\windows\system32\authui.dll
2013-10-01 22:22 . 2013-11-14 05:47        1022976        ----a-w-        c:\windows\SysWow64\gdi32.dll
.
.
((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}"= "c:\program files\AVAST Software\Avast\aswWebRepIE.dll" [2013-12-22 1138536]
.
[HKEY_CLASSES_ROOT\clsid\{cc1a175a-e45b-41ed-a30c-c9b1d7a0c02f}]
[HKEY_CLASSES_ROOT\TypeLib\{6B795924-95E7-4D31-8521-407360C3AA0B}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2012-11-18 39408]
"Akamai NetSession Interface"="c:\users\Daniel\AppData\Local\Akamai\netsession_win.exe" [2013-06-05 4489472]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-21 59720]
"20131121"="c:\program files\AVAST Software\Avast\setup\emupdate\dd028084-6853-4a79-9158-5fe83532c9bb.exe" [2013-11-23 180184]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2013-12-22 3764024]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-11-01 152392]
"DivXMediaServer"="c:\program files (x86)\DivX\DivX Media Server\DivXMediaServer.exe" [2013-09-11 450560]
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2013-08-29 1861968]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableCursorSuppression"= 1 (0x1)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableSecureUIAPath"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"HideRunAsVerb"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute        REG_MULTI_SZ          autocheck autochk *\0sdnclean64.exe
.
R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\System32\Drivers\ssadadb.sys;c:\windows\SYSNATIVE\Drivers\ssadadb.sys [x]
R3 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
R3 btwampfl;Bluetooth AMP USB Filter;c:\windows\system32\drivers\btwampfl.sys;c:\windows\SYSNATIVE\drivers\btwampfl.sys [x]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\System32\drivers\ssadbus.sys;c:\windows\SYSNATIVE\drivers\ssadbus.sys [x]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdfl.sys [x]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdm.sys [x]
R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\DRIVERS\ssadserd.sys;c:\windows\SYSNATIVE\DRIVERS\ssadserd.sys [x]
R3 TelekomNM6;Telekom Netzmanager Packet Filter Driver;c:\program files\Netzmanager\NMInfraIS2\Driver\TelekomNM6.sys;c:\program files\Netzmanager\NMInfraIS2\Driver\TelekomNM6.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\System32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 wmbclass;Generischer Adapter für das mobile Breitband;c:\windows\system32\DRIVERS\wmbclass.sys;c:\windows\SYSNATIVE\DRIVERS\wmbclass.sys [x]
R3 WUDFWpdMtp;WUDFWpdMtp;c:\windows\system32\DRIVERS\WUDFRd.sys;c:\windows\SYSNATIVE\DRIVERS\WUDFRd.sys [x]
R4 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys;c:\windows\SYSNATIVE\drivers\avgtpx64.sys [x]
R4 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [x]
R4 Netzmanager Service;Netzmanager Infrastruktur Informationssystem Dienst;c:\program files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe ;c:\program files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe  [x]
R4 Samsung UPD Service;Samsung UPD Service;c:\windows\System32\SUPDSvc.exe;c:\windows\SYSNATIVE\SUPDSvc.exe [x]
R4 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [x]
R4 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R4 TurboBoost;Intel(R) Turbo Boost Technology Monitor;c:\program files\Intel\TurboBoost\TurboBoost.exe;c:\program files\Intel\TurboBoost\TurboBoost.exe [x]
R4 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S1 aswKbd;aswKbd; [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 SABI;SAMSUNG Kernel Driver For Windows 7;c:\windows\system32\Drivers\SABI.sys;c:\windows\SYSNATIVE\Drivers\SABI.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 BcmBtRSupport;Bluetooth Radio Control Service;c:\windows\system32\BtwRSupportService.exe;c:\windows\SYSNATIVE\BtwRSupportService.exe [x]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [x]
S2 sp_rsdrv2;Spyware Terminator Driver Filter;c:\windows\system32\DRIVERS\stflt.sys;c:\windows\SYSNATIVE\DRIVERS\stflt.sys [x]
S2 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service;c:\program files (x86)\Spyware Terminator\st_rsser64.exe;c:\program files (x86)\Spyware Terminator\st_rsser64.exe [x]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TUNEUP UTILITIES 2013\TUNEUPUTILITIESSERVICE64.EXE;c:\program files (x86)\TUNEUP UTILITIES 2013\TUNEUPUTILITIESSERVICE64.EXE [x]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys;c:\windows\SYSNATIVE\DRIVERS\TurboB.sys [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\System32\drivers\ETD.sys;c:\windows\SYSNATIVE\drivers\ETD.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\System32\drivers\HECIx64.sys;c:\windows\SYSNATIVE\drivers\HECIx64.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [x]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TUNEUP UTILITIES 2013\TuneUpUtilitiesDriver64.sys;c:\program files (x86)\TUNEUP UTILITIES 2013\TuneUpUtilitiesDriver64.sys [x]
S3 yukonw8;NDIS 6.3-Miniporttreiber für Marvell Yukon-Ethernetcontroller;c:\windows\system32\DRIVERS\yk63x64.sys;c:\windows\SYSNATIVE\DRIVERS\yk63x64.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
apphost        REG_MULTI_SZ          apphostsvc
iissvcs        REG_MULTI_SZ          w3svc was
hpdevmgmt        REG_MULTI_SZ          hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-12-10 17:40        1210320        ----a-w-        c:\program files (x86)\Google\Chrome\Application\31.0.1650.63\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2013-12-23 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-17 18:20]
.
2013-06-24 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-10-01 10:35]
.
2013-06-24 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-10-01 10:35]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}"= "c:\program files\AVAST Software\Avast\aswWebRepIE64.dll" [2013-12-22 1372864]
.
[HKEY_CLASSES_ROOT\CLSID\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-12-22 15:54        287280        ----a-w-        c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-08-04 11106408]
"IntelTBRunOnce"="wscript.exe" [2012-07-26 160256]
"SpywareTerminatorShield"="c:\program files (x86)\Spyware Terminator\SpywareTerminatorShield.exe" [2013-04-03 2777736]
"SpywareTerminatorUpdater"="c:\program files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe" [2013-04-03 3684488]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcs
UxTuneUp
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SYSTEM32\blank.htm
uInternet Settings,ProxyOverride = <local>
mSearchAssistant =
TCP: DhcpNameServer = 192.168.2.1
TCP: Interfaces\{527B6E75-985E-4498-AC1B-91A03DFCDFF2}: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\toyw19d6.default\
FF - prefs.js: browser.search.selectedEngine - StartWeb
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
WebBrowser-{D40B90B4-D3B1-4D6B-A5D7-DC041C1B76C0} - (no file)
HKLM-Run-ETDCtrl - c:\program files (x86)\Elantech\ETDCtrl.exe
AddRemove-FoxTab FLV Player - c:\program files (x86)\FoxTabFLVPlayer\Uninstall\Uninstall.exe
AddRemove-FoxTab PDF Creator - c:\program files (x86)\FoxTabPDFConverter\Uninstall\Uninstall.exe
AddRemove-Zip Uncompressor - c:\users\Daniel\Zip Uncompressor\Uninstall\Uninstall.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
@SACL=(02 0000)
.
Zeit der Fertigstellung: 2013-12-24  00:11:48
ComboFix-quarantined-files.txt  2013-12-23 23:11
.
Vor Suchlauf: 18 Verzeichnis(se), 74.088.398.848 Bytes frei
Nach Suchlauf: 24 Verzeichnis(se), 74.167.595.008 Bytes frei
.
- - End Of File - - 3DAD7347EA1554D7C43E651D2C4C6F1D

schrauber 24.12.2013 11:24
Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.

LuciLu 24.12.2013 15:57
Hi, hier sind die logs

Anti malware

Code:
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2013.12.24.03

Windows 8 x64 NTFS
Internet Explorer 10.0.9200.16750
Daniel :: DANIEL-PC [Administrator]

24.12.2013 12:23:48
mbam-log-2013-12-24 (12-23-48).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 306062
Laufzeit: 6 Minute(n), 17 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 4
HKCR\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17} (PUP.Optional.Wajam.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9} (PUP.Software.Updater) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\Updater.AmiUpd.1 (PUP.Software.Updater) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\Updater.AmiUpd (PUP.Software.Updater) -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 5
C:\Users\Daniel\AppData\Local\DownloadGuide\mconduitinstaller.exe (PUP.Optional.Conduit.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Daniel\AppData\Local\DownloadGuide\wajam_download.exe (PUP.Optional.Wajam) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Daniel\AppData\Local\DownloadGuide\Offers\launcher.exe (PUP.Optional.Monetizer) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Daniel\AppData\Local\DownloadGuide\Offers\mconduitinstaller.exe (PUP.Optional.Conduit.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Daniel\AppData\Local\DownloadGuide\Offers\wajam_download.exe (PUP.Optional.Wajam) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)
adwcleaner

Code:
# AdwCleaner v3.016 - Bericht erstellt am 24/12/2013 um 12:58:24
# Aktualisiert 23/12/2013 von Xplode
# Betriebssystem : Windows 8 Pro  (64 bits)
# Benutzername : Daniel - DANIEL-PC
# Gestartet von : C:\Users\Daniel\Desktop\adwcleaner.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\NCH Software
Ordner Gelöscht : C:\ProgramData\Uniblue\DriverScanner
Ordner Gelöscht : C:\Program Files (x86)\NCH Software
Ordner Gelöscht : C:\WINDOWS\Installer\{5CDCDBCD-119A-4AE1-9C55-B816DBBE4245}
Ordner Gelöscht : C:\Users\Daniel\Qtrax
Ordner Gelöscht : C:\Users\Daniel\AppData\Local\DownloadGuide
Ordner Gelöscht : C:\Users\Daniel\AppData\Local\SwvUpdater
Ordner Gelöscht : C:\Users\Daniel\AppData\LocalLow\boost_interprocess
Ordner Gelöscht : C:\Users\Daniel\AppData\Roaming\NCH Software
Ordner Gelöscht : C:\Users\Daniel\AppData\Roaming\SeeSimilar02
Ordner Gelöscht : C:\Users\Daniel\AppData\Roaming\Windows Net Data
Ordner Gelöscht : C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\toyw19d6.default\Extensions\{24532715-4abc-47ee-bd4f-a6774d0723d2}
Ordner Gelöscht : C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\toyw19d6.default\Extensions\EFGLQA@78ETGYN-0W7FN789T87.COM
Datei Gelöscht : C:\END
Datei Gelöscht : C:\WINDOWS\System32\roboot64.exe
Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\nsprotector.js
Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\browser\nsprotector.js
Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\StartWeb.xml
Datei Gelöscht : C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorage
Datei Gelöscht : C:\WINDOWS\System32\Tasks\NCH Software
Datei Gelöscht : C:\WINDOWS\System32\Tasks\ProtectedSearch
Datei Gelöscht : C:\WINDOWS\System32\Tasks\Scheduled Update for Ask Toolbar
Datei Gelöscht : C:\WINDOWS\System32\Tasks\Software Updater Ui
Datei Gelöscht : C:\WINDOWS\System32\Tasks\Software Updater

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\HomeTab_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\HomeTab_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{8D5CFE57-B0FD-4396-97A2-DFD0B7DA935B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C424171E-592A-415A-9EB1-DFD6D95D3530}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C424171E-592A-415A-9EB1-DFD6D95D3530}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C424171E-592A-415A-9EB1-DFD6D95D3530}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3614D305-2DBB-4991-9297-750DD60FFC73}
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{C424171E-592A-415A-9EB1-DFD6D95D3530}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{C424171E-592A-415A-9EB1-DFD6D95D3530}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{0AFD55C8-ADF8-4A33-A6E1-DEDB7A36AEB4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Wert Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{C424171E-592A-415A-9EB1-DFD6D95D3530}]
Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\NCH Software
Schlüssel Gelöscht : HKCU\Software\simplytech
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\simplytech
Schlüssel Gelöscht : HKLM\Software\Conduit
Schlüssel Gelöscht : HKLM\Software\NCH Software
Schlüssel Gelöscht : HKLM\Software\Uniblue
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{15B291FD-AA72-4D0B-BD6E-604F24C5D14C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{421d35e3-d4bd-47a6-b6aa-d21ade07cf32}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{5CDCDBCD-119A-4AE1-9C55-B816DBBE4245}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\DivX\Install\Setup\WizardLayout\ConduitToolbar

***** [ Browser ] *****

-\\ Internet Explorer v10.0.9200.16537


-\\ Mozilla Firefox v26.0 (en-US)

[ Datei : C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\toyw19d6.default\prefs.js ]

Zeile gelöscht : user_pref("extentions.webcake.defaultEnableAppsList", "layers,brain/features,newOffers/wc");
Zeile gelöscht : user_pref("extentions.webcake.installId", "4be99e23-5552-4f39-93e2-0c34753b25b0");

-\\ Google Chrome v31.0.1650.63

[ Datei : C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [5826 octets] - [24/12/2013 12:57:30]
AdwCleaner[S0].txt - [5396 octets] - [24/12/2013 12:58:24]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [5456 octets] ##########
JRT.txt

Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Windows 8 Pro x64
Ran by Daniel on 24.12.2013 at 13:07:34,37
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1252512109-3750120672-4145686215-1001\Software\sweetim
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\covus freemium gmbh



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Users\Daniel\appdata\local\cre"
Successfully deleted: [Folder] "C:\Users\Daniel\music\qtrax media library"



~~~ FireFox

Successfully deleted: [Folder] C:\Users\Daniel\AppData\Roaming\mozilla\firefox\profiles\toyw19d6.default\extensions\122



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 24.12.2013 at 13:13:43,48
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Viele Grüße und frohes Fest

LuciLu

Ah ja, hier ist noch das FRST


FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 23-12-2013
Ran by Daniel (administrator) on DANIEL-PC on 24-12-2013 15:54:40
Running from C:\Users\Daniel\Desktop\Schutz software
Windows 8 Pro (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Crawler.com) C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(Crawler.com) C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
(Akamai Technologies, Inc.) C:\Users\Daniel\AppData\Local\Akamai\netsession_win.exe
(Crawler.com) C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
(Akamai Technologies, Inc.) C:\Users\Daniel\AppData\Local\Akamai\netsession_win.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Movie Color Enhancer\MovieColorEnhancer.exe
(Samsung Electronics) C:\Program Files (x86)\Samsung\Samsung Update Plus\SUPBackground.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Google Inc.) C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [ETDCtrl] - C:\Program Files\Elantech\ETDCtrl.exe [2817872 2012-04-25] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11106408 2010-08-04] (Realtek Semiconductor)
HKLM\...\Run: [IntelTBRunOnce] - C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs [4156 2010-04-16] ()
HKLM\...\Run: [SpywareTerminatorShield] - C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe [2777736 2013-04-03] (Crawler.com)
HKLM\...\Run: [SpywareTerminatorUpdater] - C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe [3684488 2013-04-03] (Crawler.com)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [20131121] - C:\Program Files\AVAST Software\Avast\Setup\emupdate\dd028084-6853-4a79-9158-5fe83532c9bb.exe [180184 2013-11-23] (AVAST Software)
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3764024 2013-12-22] (AVAST Software)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKLM-x32\...\Run: [DivXMediaServer] - C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-09-11] (DivX, LLC)
HKLM-x32\...\Run: [DivXUpdate] - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2013-08-29] ()
HKLM\...\Policies\Explorer: [HideRunAsVerb] 0
HKCU\...\Run: [swg] - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2012-11-18] (Google Inc.)
HKCU\...\Run: [Akamai NetSession Interface] - C:\Users\Daniel\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Adblock IE - {667BEE43-20BD-4CE3-94AC-E63E04D4B191} - C:\Program Files\MGTEK\Adblock IE\adblockie.dll (MGTEK)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: WEB.DE MailCheck BHO - {BF42D4A8-016E-4fcd-B1EB-837659FD77C6} - C:\Program Files\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll (1und1 Mail und Media GmbH)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM-x32 - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Toolbar: HKCU - No Name - {D40B90B4-D3B1-4D6B-A5D7-DC041C1B76C0} -  No File
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\toyw19d6.default
FF DefaultSearchEngine: StartWeb
FF SelectedSearchEngine: StartWeb
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\WINDOWS\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @real.com/nppl3260;version=15.0.4.53 - c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprjplug;version=15.0.4.53 - c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.4.53 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.4.53 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=15.0.4.53 - c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\3\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF SearchPlugin: C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\toyw19d6.default\searchplugins\divx-browser-bar-de-customized-web-search.xml
FF SearchPlugin: C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\toyw19d6.default\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\toyw19d6.default\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\toyw19d6.default\searchplugins\lastminute.xml
FF SearchPlugin: C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\toyw19d6.default\searchplugins\webde-suche.xml
FF Extension: FoxyDeal - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\toyw19d6.default\Extensions\{F58A62EB-38DC-43C4-A539-DC52E135208D}
FF Extension: Add to Amazon Wish List Button - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\toyw19d6.default\Extensions\amznUWL2@amazon.com.xpi
FF Extension: Adblock Plus - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\toyw19d6.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF HKLM-x32\...\Firefox\Extensions: [{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF

Chrome:
=======
CHR HomePage: hxxp://www.google.com/
CHR RestoreOnStartup: "hxxp://www.google.com/"
CHR Extension: (YouTube) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Browser Utility) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\eckmjheijoffjbjmkgggoclppgdlajfa\0.1_0
CHR Extension: (avast! Online Security) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2005.45_0
CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0
CHR Extension: (Skype Click to Call) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.3.0.11079_0
CHR Extension: (Google Wallet) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0
CHR Extension: (Gmail) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx
CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx
CHR HKLM-x32\...\Chrome\Extension: [ommhmgednjnodcljhlljkaiidghdmikk] - C:\Users\Daniel\AppData\Local\Temp\ccex.crx
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2013-12-22] (AVAST Software)
R2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2246184 2011-12-15] (Broadcom Corporation.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 MSMQ; C:\Windows\system32\mqsvc.exe [25088 2012-07-26] (Microsoft Corporation)
S4 Netzmanager Service; C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe [2635776 2012-07-20] (Deutsche Telekom AG)
S4 PnkBstrA; C:\WINDOWS\SysWow64\PnkBstrA.exe [76888 2013-07-16] ()
R2 ST2012_Svc; C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe [1149104 2013-04-03] (Crawler.com)
R2 TuneUp.UtilitiesSvc; C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2013\TUNEUPUTILITIESSERVICE64.EXE [2409272 2013-12-10] (TuneUp Software)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [471552 2012-07-26] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-02] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

R1 aswKbd; C:\Windows\System32\Drivers\aswKbd.sys [22600 2013-05-09] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [78648 2013-12-22] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [92544 2013-11-30] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-11-30] ()
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [1034464 2013-12-22] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [422216 2013-12-22] (AVAST Software)
R3 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [82744 2013-12-22] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [207904 2013-12-22] ()
S4 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [30568 2012-11-08] (AVG Technologies)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [5139968 2012-06-02] (Broadcom Corporation)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MQAC; C:\Windows\System32\drivers\mqac.sys [185856 2012-07-26] (Microsoft Corporation)
S3 rtport; C:\Windows\SysWOW64\drivers\rtport.sys [15144 2011-04-06] (Windows (R) 2003 DDK 3790 provider)
R2 sp_rsdrv2; C:\Windows\System32\DRIVERS\stflt.sys [51496 2013-07-28] (Windows (R) Win 7 DDK provider)
S3 TelekomNM6; C:\Program Files\Netzmanager\NMInfraIS2\Driver\TelekomNM6.sys [45664 2010-09-16] (Deutsche Telekom AG AG, Marmiko IT-Solutions GmbH)
R3 TuneUpUtilitiesDrv; C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2013\TuneUpUtilitiesDriver64.sys [11880 2012-09-19] (TuneUp Software)
R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13832 2010-04-16] ()
S3 wmbclass; C:\Windows\system32\DRIVERS\wmbclass.sys [230912 2013-04-09] (Microsoft Corporation)
R3 yukonw8; C:\Windows\system32\DRIVERS\yk63x64.sys [287232 2012-06-02] (Marvell)
U3 idsvc;

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-12-24 13:13 - 2013-12-24 13:13 - 00001323 _____ C:\Users\Daniel\Desktop\JRT.txt
2013-12-24 13:01 - 2013-12-24 15:54 - 00000000 ____D C:\Users\Daniel\Desktop\Schutz software
2013-12-24 12:57 - 2013-12-24 12:58 - 00000000 ____D C:\AdwCleaner
2013-12-24 12:52 - 2013-12-24 12:59 - 00002624 _____ C:\WINDOWS\setupact.log
2013-12-24 12:52 - 2013-12-24 12:52 - 00001490 _____ C:\WINDOWS\PFRO.log
2013-12-24 12:52 - 2013-12-24 12:52 - 00000000 _____ C:\WINDOWS\setuperr.log
2013-12-24 00:11 - 2013-12-24 00:11 - 00018708 _____ C:\ComboFix.txt
2013-12-23 23:51 - 2013-12-23 23:51 - 00000085 _____ C:\WINDOWS\wininit.ini
2013-12-23 23:40 - 2011-06-26 07:45 - 00256000 _____ C:\WINDOWS\PEV.exe
2013-12-23 23:40 - 2010-11-07 18:20 - 00208896 _____ C:\WINDOWS\MBR.exe
2013-12-23 23:40 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\WINDOWS\NIRCMD.exe
2013-12-23 23:40 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\WINDOWS\SWREG.exe
2013-12-23 23:40 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\WINDOWS\SWSC.exe
2013-12-23 23:40 - 2000-08-31 01:00 - 00212480 _____ (SteelWerX) C:\WINDOWS\SWXCACLS.exe
2013-12-23 23:40 - 2000-08-31 01:00 - 00098816 _____ C:\WINDOWS\sed.exe
2013-12-23 23:40 - 2000-08-31 01:00 - 00080412 _____ C:\WINDOWS\grep.exe
2013-12-23 23:40 - 2000-08-31 01:00 - 00068096 _____ C:\WINDOWS\zip.exe
2013-12-23 23:39 - 2013-12-24 00:11 - 00000000 ____D C:\Qoobox
2013-12-23 23:39 - 2013-12-24 00:10 - 00000000 ____D C:\WINDOWS\erdnt
2013-12-23 15:19 - 2013-12-24 14:22 - 00115762 _____ C:\WINDOWS\WindowsUpdate.log
2013-12-23 13:24 - 2013-12-23 13:24 - 00001724 _____ C:\Users\Public\Desktop\Defraggler.lnk
2013-12-23 13:24 - 2013-12-23 13:24 - 00000000 ____D C:\Program Files\Defraggler
2013-12-23 11:25 - 2013-12-23 11:26 - 00043357 _____ C:\Users\Daniel\Downloads\Addition.txt
2013-12-23 11:24 - 2013-12-24 15:54 - 00000000 ____D C:\FRST
2013-12-23 11:24 - 2013-12-23 11:26 - 00045223 _____ C:\Users\Daniel\Downloads\FRST.txt
2013-12-23 11:21 - 2013-12-23 11:21 - 00000246 _____ C:\Users\Daniel\Downloads\defogger_enable.log
2013-12-23 11:21 - 2013-12-23 11:21 - 00000000 _____ C:\Users\Daniel\defogger_reenable
2013-12-23 11:20 - 2013-12-23 11:22 - 00000474 _____ C:\Users\Daniel\Downloads\defogger_disable.log
2013-12-22 16:54 - 2013-12-22 16:54 - 00082744 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswstm.sys
2013-12-21 07:33 - 2013-12-24 12:58 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-18 05:55 - 2013-12-23 15:36 - 00000000 ____D C:\Program Files (x86)\Browser Utility
2013-12-16 17:17 - 2013-12-16 17:17 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2013-12-12 16:58 - 2013-12-12 16:58 - 00445632 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2013-12-11 16:38 - 2013-10-25 07:19 - 02241536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2013-12-11 16:38 - 2013-10-25 07:19 - 01365504 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2013-12-11 16:38 - 2013-10-25 07:18 - 19271168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2013-12-11 16:38 - 2013-10-25 07:18 - 00603136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2013-12-11 16:38 - 2013-10-25 07:17 - 15404032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2013-12-11 16:38 - 2013-10-25 07:17 - 03959808 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2013-12-11 16:38 - 2013-10-25 07:17 - 02648576 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2013-12-11 16:38 - 2013-10-25 07:17 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2013-12-11 16:38 - 2013-10-25 05:45 - 01767936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2013-12-11 16:38 - 2013-10-25 05:44 - 14356992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2013-12-11 16:38 - 2013-10-25 05:44 - 01140736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2013-12-11 16:38 - 2013-10-25 05:43 - 13761536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2013-12-11 16:38 - 2013-10-25 05:43 - 02877952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2013-12-11 16:38 - 2013-10-25 05:43 - 02049024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2013-12-11 16:38 - 2013-10-25 05:43 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2013-12-11 16:38 - 2013-10-25 05:43 - 00493056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2013-12-11 16:37 - 2013-11-23 07:43 - 00420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll
2013-12-11 16:37 - 2013-11-23 06:05 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll
2013-12-11 16:37 - 2013-11-07 00:18 - 04036608 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2013-12-11 16:37 - 2013-11-01 06:38 - 00312320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msieftp.dll
2013-12-11 16:37 - 2013-11-01 04:49 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msieftp.dll
2013-12-11 16:37 - 2013-10-25 07:19 - 00915968 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll
2013-12-11 16:37 - 2013-10-25 07:19 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2013-12-11 16:37 - 2013-10-19 06:45 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll
2013-12-11 16:37 - 2013-10-19 05:04 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll
2013-12-11 16:37 - 2013-10-10 10:32 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cscript.exe
2013-12-11 16:37 - 2013-10-10 10:30 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrobj.dll
2013-12-11 16:37 - 2013-10-10 10:30 - 00156160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrun.dll
2013-12-11 16:37 - 2013-10-10 10:24 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshom.ocx
2013-12-11 16:37 - 2013-10-10 10:23 - 00146944 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscript.exe
2013-12-11 16:37 - 2013-10-10 10:22 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrobj.dll
2013-12-11 16:37 - 2013-10-10 10:22 - 00194048 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll
2013-12-11 16:37 - 2013-09-28 04:35 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys
2013-12-10 18:43 - 2013-12-10 18:43 - 00000983 _____ C:\Users\Public\Desktop\WinRAR.lnk
2013-12-10 18:40 - 2013-12-10 18:39 - 00312744 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2013-12-10 18:40 - 2013-12-10 18:39 - 00189352 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2013-12-10 18:40 - 2013-12-10 18:39 - 00189352 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2013-12-10 18:40 - 2013-12-10 18:39 - 00108968 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2013-12-10 18:36 - 2013-12-10 18:36 - 00001131 _____ C:\Users\Public\Desktop\DivX Converter.lnk
2013-12-10 18:36 - 2013-12-10 18:36 - 00001066 _____ C:\Users\Public\Desktop\DivX Player.lnk
2013-12-09 19:21 - 2004-07-30 14:43 - 00000000 ____D C:\Users\Daniel\Downloads\WeightDiary
2013-12-09 19:12 - 2013-12-09 19:12 - 00000158 _____ C:\Users\Daniel\Desktop\100 Euro Guthaben.url
2013-12-08 20:30 - 2013-12-08 20:33 - 51415040 _____ (Microsoft Corporation) C:\Users\Daniel\Downloads\IE10-Windows6.1-x64-de-de_b16521.exe
2013-12-08 20:15 - 2013-10-09 02:33 - 00059416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2013-12-08 20:15 - 2013-10-08 23:30 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2013-12-08 20:15 - 2013-10-08 23:30 - 00126976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2013-12-08 20:15 - 2013-10-08 23:30 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2013-12-08 20:15 - 2013-10-08 23:30 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2013-12-08 20:15 - 2013-10-08 23:28 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2013-12-08 20:15 - 2013-10-08 23:27 - 03279872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2013-12-08 20:15 - 2013-10-08 23:27 - 01622016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2013-12-08 20:15 - 2013-10-08 23:27 - 00773120 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2013-12-08 20:15 - 2013-10-08 23:27 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2013-12-08 20:15 - 2013-10-08 23:27 - 00175104 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2013-12-08 20:15 - 2013-10-08 23:27 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2013-12-08 20:15 - 2013-10-08 23:27 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2013-12-08 20:15 - 2013-10-05 07:10 - 00285016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2013-12-08 20:15 - 2013-10-03 23:09 - 00385528 _____ C:\WINDOWS\system32\ApnDatabase.xml
2013-12-08 20:15 - 2013-10-02 03:50 - 00447320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2013-12-08 20:15 - 2013-09-28 06:48 - 00778752 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2013-12-08 20:15 - 2013-09-28 04:58 - 00551424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2013-12-08 20:15 - 2013-09-19 08:32 - 01455448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2013-12-08 20:15 - 2013-08-30 06:19 - 00626688 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2013-12-08 20:15 - 2013-08-30 06:18 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2013-12-08 20:15 - 2013-08-30 00:48 - 00488960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2013-12-08 20:15 - 2013-08-30 00:47 - 00302080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2013-12-06 14:57 - 2013-12-06 14:57 - 00000037 ___SH C:\Users\Daniel\AppData\Local\70149b02515b3bb20dd492.47983420
2013-12-06 14:57 - 2013-12-06 14:57 - 00000000 ____D C:\Users\Daniel\AppData\Local\MetaGeek,_LLC
2013-12-06 14:57 - 2013-12-06 14:57 - 00000000 ____D C:\Users\Daniel\AppData\Local\IsolatedStorage
2013-12-06 14:55 - 2013-12-06 14:56 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MetaGeek
2013-12-06 14:55 - 2013-12-06 14:55 - 00000000 ____D C:\Program Files (x86)\MetaGeek
2013-12-04 06:50 - 2013-12-04 06:50 - 00001783 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-12-04 06:50 - 2013-12-04 06:50 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-12-04 06:50 - 2013-12-04 06:50 - 00000000 ____D C:\Program Files\iTunes
2013-12-04 06:50 - 2013-12-04 06:50 - 00000000 ____D C:\Program Files\iPod
2013-12-04 06:50 - 2013-12-04 06:50 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-12-02 16:20 - 2013-12-02 16:20 - 00000000 ____D C:\Users\Daniel\AppData\Local\Akamai
2013-12-02 16:09 - 2012-07-06 14:52 - 00052876 _____ C:\Users\Daniel\Downloads\apps.diagcab
2013-11-30 19:36 - 2013-11-30 19:36 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\AVAST Software
2013-11-30 16:38 - 2013-11-30 16:38 - 00000000 _____ C:\WINDOWS\SysWOW64\config.nt

==================== One Month Modified Files and Folders =======

2013-12-24 15:54 - 2013-12-24 13:01 - 00000000 ____D C:\Users\Daniel\Desktop\Schutz software
2013-12-24 15:54 - 2013-12-23 11:24 - 00000000 ____D C:\FRST
2013-12-24 15:20 - 2013-06-23 12:46 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2013-12-24 15:00 - 2012-07-26 09:12 - 00000000 ____D C:\WINDOWS\system32\sru
2013-12-24 14:22 - 2013-12-23 15:19 - 00115762 _____ C:\WINDOWS\WindowsUpdate.log
2013-12-24 14:05 - 2013-07-13 06:44 - 00002563 _____ C:\Users\Public\Desktop\Free System Utilities.lnk
2013-12-24 13:13 - 2013-12-24 13:13 - 00001323 _____ C:\Users\Daniel\Desktop\JRT.txt
2013-12-24 13:00 - 2012-07-26 08:22 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2013-12-24 12:59 - 2013-12-24 12:52 - 00002624 _____ C:\WINDOWS\setupact.log
2013-12-24 12:58 - 2013-12-24 12:57 - 00000000 ____D C:\AdwCleaner
2013-12-24 12:58 - 2013-12-21 07:33 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-24 12:58 - 2013-07-13 13:37 - 00000000 ____D C:\WINDOWS\System32\Tasks\ProtectedSearch
2013-12-24 12:58 - 2012-11-16 20:30 - 00000000 ____D C:\Users\Daniel
2013-12-24 12:58 - 2012-11-14 15:56 - 00000000 ____D C:\ProgramData\Uniblue
2013-12-24 12:55 - 2012-07-26 09:12 - 00000000 ____D C:\WINDOWS\system32\NDF
2013-12-24 12:52 - 2013-12-24 12:52 - 00001490 _____ C:\WINDOWS\PFRO.log
2013-12-24 12:52 - 2013-12-24 12:52 - 00000000 _____ C:\WINDOWS\setuperr.log
2013-12-24 00:11 - 2013-12-24 00:11 - 00018708 _____ C:\ComboFix.txt
2013-12-24 00:11 - 2013-12-23 23:39 - 00000000 ____D C:\Qoobox
2013-12-24 00:11 - 2012-07-26 06:37 - 00000000 __RHD C:\Users\Default
2013-12-24 00:11 - 2009-07-14 04:20 - 00000000 ____D C:\Users\Default.migrated
2013-12-24 00:10 - 2013-12-23 23:39 - 00000000 ____D C:\WINDOWS\erdnt
2013-12-24 00:09 - 2012-07-26 06:26 - 00000215 _____ C:\WINDOWS\system.ini
2013-12-23 23:51 - 2013-12-23 23:51 - 00000085 _____ C:\WINDOWS\wininit.ini
2013-12-23 23:50 - 2013-07-28 08:49 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2013-12-23 15:36 - 2013-12-18 05:55 - 00000000 ____D C:\Program Files (x86)\Browser Utility
2013-12-23 13:24 - 2013-12-23 13:24 - 00001724 _____ C:\Users\Public\Desktop\Defraggler.lnk
2013-12-23 13:24 - 2013-12-23 13:24 - 00000000 ____D C:\Program Files\Defraggler
2013-12-23 11:26 - 2013-12-23 11:25 - 00043357 _____ C:\Users\Daniel\Downloads\Addition.txt
2013-12-23 11:26 - 2013-12-23 11:24 - 00045223 _____ C:\Users\Daniel\Downloads\FRST.txt
2013-12-23 11:22 - 2013-12-23 11:20 - 00000474 _____ C:\Users\Daniel\Downloads\defogger_disable.log
2013-12-23 11:21 - 2013-12-23 11:21 - 00000246 _____ C:\Users\Daniel\Downloads\defogger_enable.log
2013-12-23 11:21 - 2013-12-23 11:21 - 00000000 _____ C:\Users\Daniel\defogger_reenable
2013-12-23 11:04 - 2013-06-21 15:09 - 00004182 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2013-12-22 16:54 - 2013-12-22 16:54 - 00082744 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswstm.sys
2013-12-22 16:54 - 2013-06-21 15:09 - 01034464 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2013-12-22 16:54 - 2013-06-21 15:09 - 00422216 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2013-12-22 16:54 - 2013-06-21 15:09 - 00334136 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2013-12-22 16:54 - 2013-06-21 15:09 - 00207904 _____ C:\WINDOWS\system32\Drivers\aswVmm.sys
2013-12-22 16:54 - 2013-06-21 15:09 - 00078648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2013-12-22 16:54 - 2013-06-21 15:08 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2013-12-22 13:18 - 2012-07-26 06:26 - 00008192 ___SH C:\WINDOWS\system32\config\BBI
2013-12-22 08:54 - 2013-09-19 05:46 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\vlc
2013-12-21 17:56 - 2012-11-16 21:51 - 00000000 ____D C:\Users\DefaultAppPool
2013-12-21 06:48 - 2011-09-26 08:25 - 00000000 ____D C:\Users\Daniel\AppData\Local\Mozilla
2013-12-21 06:08 - 2012-07-26 09:12 - 00000000 ____D C:\WINDOWS\AUInstallAgent
2013-12-21 05:57 - 2013-07-28 07:57 - 00000000 ____D C:\ProgramData\Spyware Terminator
2013-12-18 05:55 - 2012-01-21 11:05 - 00001181 _____ C:\Users\Public\Desktop\YouTube Song Downloader.lnk
2013-12-18 05:55 - 2012-01-21 11:05 - 00000000 ____D C:\Users\Daniel\AppData\Local\Abelssoft
2013-12-18 05:55 - 2012-01-21 11:05 - 00000000 ____D C:\Program Files (x86)\YouTube Song Downloader
2013-12-17 06:00 - 2013-01-18 17:36 - 00000000 ____D C:\Program Files (x86)\TuneUp Utilities 2013
2013-12-16 17:17 - 2013-12-16 17:17 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2013-12-16 17:17 - 2010-10-25 03:52 - 00000000 ____D C:\ProgramData\NVIDIA
2013-12-16 06:04 - 2013-08-14 06:42 - 00000000 ____D C:\WINDOWS\system32\MRT
2013-12-16 06:02 - 2011-09-26 05:40 - 90708896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2013-12-16 05:58 - 2010-10-25 02:43 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2013-12-15 16:07 - 2012-03-26 17:41 - 00003696 _____ C:\WINDOWS\System32\Tasks\Adobe-Online-Aktualisierungsprogramm
2013-12-15 15:05 - 2012-07-26 11:27 - 00879766 _____ C:\WINDOWS\system32\perfh007.dat
2013-12-15 15:05 - 2012-07-26 11:27 - 00203372 _____ C:\WINDOWS\system32\perfc007.dat
2013-12-15 15:05 - 2012-07-26 08:28 - 02069812 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2013-12-13 20:10 - 2013-09-19 05:46 - 00001070 _____ C:\Users\Public\Desktop\VLC media player.lnk
2013-12-12 16:58 - 2013-12-12 16:58 - 00445632 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2013-12-11 20:11 - 2012-07-26 09:12 - 00000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2013-12-11 18:39 - 2012-07-26 09:12 - 00000000 ____D C:\WINDOWS\rescache
2013-12-11 16:43 - 2011-10-01 16:13 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-12-11 16:40 - 2012-07-26 06:38 - 00000000 ____D C:\WINDOWS\system32\oobe
2013-12-11 16:30 - 2012-05-18 18:30 - 00000000 ____D C:\Users\Daniel\Desktop\Media
2013-12-11 06:07 - 2012-11-16 21:07 - 00003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1252512109-3750120672-4145686215-1001
2013-12-10 19:20 - 2013-06-23 12:46 - 00003772 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2013-12-10 18:44 - 2013-07-10 17:49 - 00001151 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-12-10 18:43 - 2013-12-10 18:43 - 00000983 _____ C:\Users\Public\Desktop\WinRAR.lnk
2013-12-10 18:43 - 2013-10-20 10:49 - 00022328 _____ (TuneUp Software) C:\WINDOWS\SysWOW64\authuitu.dll
2013-12-10 18:43 - 2013-06-22 18:21 - 00000000 ____D C:\Program Files\WinRAR
2013-12-10 18:43 - 2013-01-18 17:42 - 00038200 _____ (TuneUp Software) C:\WINDOWS\system32\uxtuneup.dll
2013-12-10 18:43 - 2013-01-18 17:42 - 00030520 _____ (TuneUp Software) C:\WINDOWS\SysWOW64\uxtuneup.dll
2013-12-10 18:43 - 2013-01-18 17:36 - 00035640 _____ (TuneUp Software) C:\WINDOWS\system32\TURegOpt.exe
2013-12-10 18:43 - 2013-01-18 17:36 - 00026936 _____ (TuneUp Software) C:\WINDOWS\system32\authuitu.dll
2013-12-10 18:43 - 2011-12-11 14:00 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2013-12-10 18:40 - 2013-09-19 05:23 - 00000000 ____D C:\ProgramData\Oracle
2013-12-10 18:40 - 2013-07-20 14:49 - 00002251 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-12-10 18:39 - 2013-12-10 18:40 - 00312744 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2013-12-10 18:39 - 2013-12-10 18:40 - 00189352 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2013-12-10 18:39 - 2013-12-10 18:40 - 00189352 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2013-12-10 18:39 - 2013-12-10 18:40 - 00108968 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2013-12-10 18:36 - 2013-12-10 18:36 - 00001131 _____ C:\Users\Public\Desktop\DivX Converter.lnk
2013-12-10 18:36 - 2013-12-10 18:36 - 00001066 _____ C:\Users\Public\Desktop\DivX Player.lnk
2013-12-10 18:36 - 2013-06-22 18:15 - 00001615 _____ C:\Users\Daniel\Desktop\DivX Movies.lnk
2013-12-10 18:36 - 2012-04-08 09:25 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\DivX
2013-12-10 18:36 - 2012-04-08 09:24 - 00000000 ____D C:\Program Files (x86)\DivX
2013-12-10 18:36 - 2012-04-08 09:23 - 00000000 ____D C:\ProgramData\DivX
2013-12-10 18:35 - 2012-04-08 09:24 - 00000000 ____D C:\Program Files\DivX
2013-12-10 18:34 - 2013-08-30 09:11 - 00000000 ____D C:\Users\Administrator
2013-12-09 19:24 - 2012-10-07 09:02 - 00000000 ____D C:\Users\Daniel\Desktop\Dokumente
2013-12-09 19:12 - 2013-12-09 19:12 - 00000158 _____ C:\Users\Daniel\Desktop\100 Euro Guthaben.url
2013-12-08 20:33 - 2013-12-08 20:30 - 51415040 _____ (Microsoft Corporation) C:\Users\Daniel\Downloads\IE10-Windows6.1-x64-de-de_b16521.exe
2013-12-06 16:17 - 2012-12-14 06:11 - 00000000 ____D C:\Musik
2013-12-06 14:57 - 2013-12-06 14:57 - 00000037 ___SH C:\Users\Daniel\AppData\Local\70149b02515b3bb20dd492.47983420
2013-12-06 14:57 - 2013-12-06 14:57 - 00000000 ____D C:\Users\Daniel\AppData\Local\MetaGeek,_LLC
2013-12-06 14:57 - 2013-12-06 14:57 - 00000000 ____D C:\Users\Daniel\AppData\Local\IsolatedStorage
2013-12-06 14:56 - 2013-12-06 14:55 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MetaGeek
2013-12-06 14:55 - 2013-12-06 14:55 - 00000000 ____D C:\Program Files (x86)\MetaGeek
2013-12-04 06:50 - 2013-12-04 06:50 - 00001783 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-12-04 06:50 - 2013-12-04 06:50 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-12-04 06:50 - 2013-12-04 06:50 - 00000000 ____D C:\Program Files\iTunes
2013-12-04 06:50 - 2013-12-04 06:50 - 00000000 ____D C:\Program Files\iPod
2013-12-04 06:50 - 2013-12-04 06:50 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-12-04 01:53 - 2013-09-12 04:55 - 00694240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2013-12-04 01:53 - 2013-09-12 04:55 - 00078304 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2013-12-02 16:20 - 2013-12-02 16:20 - 00000000 ____D C:\Users\Daniel\AppData\Local\Akamai
2013-11-30 19:36 - 2013-11-30 19:36 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\AVAST Software
2013-11-30 16:39 - 2013-06-21 15:09 - 00092544 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2013-11-30 16:39 - 2013-06-21 15:09 - 00065776 _____ C:\WINDOWS\system32\Drivers\aswRvrt.sys
2013-11-30 16:38 - 2013-11-30 16:38 - 00000000 _____ C:\WINDOWS\SysWOW64\config.nt
2013-11-30 16:38 - 2013-06-21 15:07 - 00000000 ____D C:\ProgramData\AVAST Software
2013-11-29 19:47 - 2013-09-04 16:31 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\AccurateRip
2013-11-29 19:47 - 2013-08-28 15:02 - 00000000 ____D C:\Users\Daniel\Documents\gothic3
2013-11-29 19:47 - 2012-01-07 10:03 - 00000000 ____D C:\Program Files (x86)\Steam

Some content of TEMP:
====================
C:\Users\Daniel\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-12-24 12:31

==================== End Of Log ============================
--- --- ---

--- --- ---


Grüße LuciLu

schrauber 25.12.2013 14:34

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme? :)

LuciLu 25.12.2013 18:39
Hi, also die Browser stürzen nicht mehr ab, sind dafür aber noch ein bisschen langsam im Aufbau der Seiten.

Eset
Code:
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=18642e6d5d40174faad58a65a98a7f79
# engine=16400
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-12-25 05:26:50
# local_time=2013-12-25 06:26:50 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.2.9200 NT
# compatibility_mode=774 16777213 85 77 206910 268377 0 0
# compatibility_mode=5893 16776574 100 94 11525210 16985878 0 0
# compatibility_mode=7937 16777214 28 75 12997709 22203736 0 0
# scanned=389292
# found=2
# cleaned=0
# scan_time=11236
sh=2D2D02C683A2DCBF5F9900378410F2D96CE15C6E ft=0 fh=0000000000000000 vn="multiple threats" ac=I fn="C:\Users\Daniel\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\2\206f7642-28c5d042"
sh=2D2D02C683A2DCBF5F9900378410F2D96CE15C6E ft=0 fh=0000000000000000 vn="multiple threats" ac=I fn="C:\Users\Daniel\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\2\206f7642-52294aec"
checkup.txt

Code:
Results of screen317's Security Check version 0.99.77 
  x64 (UAC is enabled) 
 Internet Explorer 10 Out of date!
``````````````Antivirus/Firewall Check:``````````````
Windows Defender 
avast! Antivirus 
 Antivirus up to date! 
`````````Anti-malware/Other Utilities Check:`````````
 SpywareBlaster 5.0   
 Spyware Terminator 2012 
 Malwarebytes Anti-Malware Version 1.75.0.1300 
 TuneUp Utilities 2013 
 TuneUp Utilities Language Pack (de-DE)
 Java 7 Update 25 
 Java version out of Date!
 Adobe Flash Player        11.9.900.170 
 Adobe Reader 10.1.8 Adobe Reader out of Date! 
 Mozilla Firefox (26.0)
 Google Chrome 22.0.1229.95 
 Google Chrome 31.0.1650.63 
````````Process Check: objlist.exe by Laurent```````` 
 Malwarebytes Anti-Malware mbamservice.exe 
 Malwarebytes Anti-Malware mbamgui.exe 
 Malwarebytes' Anti-Malware mbamscheduler.exe 
 AVAST Software Avast AvastSvc.exe 
 AVAST Software Avast AvastUI.exe 
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C:  %
````````````````````End of Log``````````````````````
und FRST


FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-12-2013
Ran by Daniel (administrator) on DANIEL-PC on 25-12-2013 18:35:36
Running from C:\Users\Daniel\Desktop\Schutz software
Windows 8 Pro (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Crawler.com) C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Crawler.com) C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
(Crawler.com) C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
(Akamai Technologies, Inc.) C:\Users\Daniel\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\Daniel\AppData\Local\Akamai\netsession_win.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Movie Color Enhancer\MovieColorEnhancer.exe
(Samsung Electronics) C:\Program Files (x86)\Samsung\Samsung Update Plus\SUPBackground.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [ETDCtrl] - C:\Program Files\Elantech\ETDCtrl.exe [2817872 2012-04-25] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11106408 2010-08-04] (Realtek Semiconductor)
HKLM\...\Run: [IntelTBRunOnce] - C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs [4156 2010-04-16] ()
HKLM\...\Run: [SpywareTerminatorShield] - C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe [2777736 2013-04-03] (Crawler.com)
HKLM\...\Run: [SpywareTerminatorUpdater] - C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe [3684488 2013-04-03] (Crawler.com)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [20131121] - C:\Program Files\AVAST Software\Avast\Setup\emupdate\dd028084-6853-4a79-9158-5fe83532c9bb.exe [180184 2013-11-23] (AVAST Software)
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3764024 2013-12-22] (AVAST Software)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKLM-x32\...\Run: [DivXMediaServer] - C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-09-11] (DivX, LLC)
HKLM-x32\...\Run: [DivXUpdate] - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2013-08-29] ()
HKLM\...\Policies\Explorer: [HideRunAsVerb] 0
HKCU\...\Run: [swg] - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2012-11-18] (Google Inc.)
HKCU\...\Run: [Akamai NetSession Interface] - C:\Users\Daniel\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Adblock IE - {667BEE43-20BD-4CE3-94AC-E63E04D4B191} - C:\Program Files\MGTEK\Adblock IE\adblockie.dll (MGTEK)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: WEB.DE MailCheck BHO - {BF42D4A8-016E-4fcd-B1EB-837659FD77C6} - C:\Program Files\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll (1und1 Mail und Media GmbH)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM-x32 - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Toolbar: HKCU - No Name - {D40B90B4-D3B1-4D6B-A5D7-DC041C1B76C0} -  No File
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\toyw19d6.default
FF DefaultSearchEngine: StartWeb
FF SelectedSearchEngine: StartWeb
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\WINDOWS\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @real.com/nppl3260;version=15.0.4.53 - c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprjplug;version=15.0.4.53 - c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.4.53 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.4.53 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=15.0.4.53 - c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\3\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF SearchPlugin: C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\toyw19d6.default\searchplugins\divx-browser-bar-de-customized-web-search.xml
FF SearchPlugin: C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\toyw19d6.default\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\toyw19d6.default\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\toyw19d6.default\searchplugins\lastminute.xml
FF SearchPlugin: C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\toyw19d6.default\searchplugins\webde-suche.xml
FF Extension: FoxyDeal - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\toyw19d6.default\Extensions\{F58A62EB-38DC-43C4-A539-DC52E135208D}
FF Extension: Add to Amazon Wish List Button - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\toyw19d6.default\Extensions\amznUWL2@amazon.com.xpi
FF Extension: Adblock Plus - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\toyw19d6.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF HKLM-x32\...\Firefox\Extensions: [{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF

Chrome:
=======
CHR HomePage: hxxp://www.google.com/
CHR RestoreOnStartup: "hxxp://www.google.com/"
CHR Extension: (YouTube) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Browser Utility) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\eckmjheijoffjbjmkgggoclppgdlajfa\0.1_0
CHR Extension: (avast! Online Security) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2005.45_0
CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0
CHR Extension: (Skype Click to Call) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.3.0.11079_0
CHR Extension: (Google Wallet) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0
CHR Extension: (Gmail) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx
CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx
CHR HKLM-x32\...\Chrome\Extension: [ommhmgednjnodcljhlljkaiidghdmikk] - C:\Users\Daniel\AppData\Local\Temp\ccex.crx
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2013-12-22] (AVAST Software)
R2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2246184 2011-12-15] (Broadcom Corporation.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 MSMQ; C:\Windows\system32\mqsvc.exe [25088 2012-07-26] (Microsoft Corporation)
S4 Netzmanager Service; C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe [2635776 2012-07-20] (Deutsche Telekom AG)
S4 PnkBstrA; C:\WINDOWS\SysWow64\PnkBstrA.exe [76888 2013-07-16] ()
R2 ST2012_Svc; C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe [1149104 2013-04-03] (Crawler.com)
R2 TuneUp.UtilitiesSvc; C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2013\TUNEUPUTILITIESSERVICE64.EXE [2409272 2013-12-10] (TuneUp Software)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [471552 2012-07-26] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-02] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

R1 aswKbd; C:\Windows\System32\Drivers\aswKbd.sys [22600 2013-05-09] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [78648 2013-12-22] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [92544 2013-11-30] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-11-30] ()
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [1034464 2013-12-22] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [422216 2013-12-22] (AVAST Software)
R3 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [82744 2013-12-22] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [207904 2013-12-22] ()
S4 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [30568 2012-11-08] (AVG Technologies)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [5139968 2012-06-02] (Broadcom Corporation)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MQAC; C:\Windows\System32\drivers\mqac.sys [185856 2012-07-26] (Microsoft Corporation)
S3 rtport; C:\Windows\SysWOW64\drivers\rtport.sys [15144 2011-04-06] (Windows (R) 2003 DDK 3790 provider)
R2 sp_rsdrv2; C:\Windows\System32\DRIVERS\stflt.sys [51496 2013-07-28] (Windows (R) Win 7 DDK provider)
S3 TelekomNM6; C:\Program Files\Netzmanager\NMInfraIS2\Driver\TelekomNM6.sys [45664 2010-09-16] (Deutsche Telekom AG AG, Marmiko IT-Solutions GmbH)
R3 TuneUpUtilitiesDrv; C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2013\TuneUpUtilitiesDriver64.sys [11880 2012-09-19] (TuneUp Software)
R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13832 2010-04-16] ()
S3 wmbclass; C:\Windows\system32\DRIVERS\wmbclass.sys [230912 2013-04-09] (Microsoft Corporation)
R3 yukonw8; C:\Windows\system32\DRIVERS\yk63x64.sys [287232 2012-06-02] (Marvell)
U3 idsvc;

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-12-25 18:31 - 2013-12-25 18:32 - 00891200 _____ C:\Users\Daniel\Downloads\SecurityCheck.exe
2013-12-24 13:13 - 2013-12-24 13:13 - 00001323 _____ C:\Users\Daniel\Desktop\JRT.txt
2013-12-24 13:01 - 2013-12-25 18:35 - 00000000 ____D C:\Users\Daniel\Desktop\Schutz software
2013-12-24 12:57 - 2013-12-24 12:58 - 00000000 ____D C:\AdwCleaner
2013-12-24 12:52 - 2013-12-25 17:33 - 00009184 _____ C:\WINDOWS\setupact.log
2013-12-24 12:52 - 2013-12-24 12:52 - 00001490 _____ C:\WINDOWS\PFRO.log
2013-12-24 12:52 - 2013-12-24 12:52 - 00000000 _____ C:\WINDOWS\setuperr.log
2013-12-24 00:11 - 2013-12-24 00:11 - 00018708 _____ C:\ComboFix.txt
2013-12-23 23:51 - 2013-12-23 23:51 - 00000085 _____ C:\WINDOWS\wininit.ini
2013-12-23 23:40 - 2011-06-26 07:45 - 00256000 _____ C:\WINDOWS\PEV.exe
2013-12-23 23:40 - 2010-11-07 18:20 - 00208896 _____ C:\WINDOWS\MBR.exe
2013-12-23 23:40 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\WINDOWS\NIRCMD.exe
2013-12-23 23:40 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\WINDOWS\SWREG.exe
2013-12-23 23:40 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\WINDOWS\SWSC.exe
2013-12-23 23:40 - 2000-08-31 01:00 - 00212480 _____ (SteelWerX) C:\WINDOWS\SWXCACLS.exe
2013-12-23 23:40 - 2000-08-31 01:00 - 00098816 _____ C:\WINDOWS\sed.exe
2013-12-23 23:40 - 2000-08-31 01:00 - 00080412 _____ C:\WINDOWS\grep.exe
2013-12-23 23:40 - 2000-08-31 01:00 - 00068096 _____ C:\WINDOWS\zip.exe
2013-12-23 23:39 - 2013-12-24 00:11 - 00000000 ____D C:\Qoobox
2013-12-23 23:39 - 2013-12-24 00:10 - 00000000 ____D C:\WINDOWS\erdnt
2013-12-23 15:19 - 2013-12-25 18:28 - 00259926 _____ C:\WINDOWS\WindowsUpdate.log
2013-12-23 13:24 - 2013-12-23 13:24 - 00001724 _____ C:\Users\Public\Desktop\Defraggler.lnk
2013-12-23 13:24 - 2013-12-23 13:24 - 00000000 ____D C:\Program Files\Defraggler
2013-12-23 11:25 - 2013-12-23 11:26 - 00043357 _____ C:\Users\Daniel\Downloads\Addition.txt
2013-12-23 11:24 - 2013-12-25 18:34 - 00000000 ____D C:\FRST
2013-12-23 11:24 - 2013-12-23 11:26 - 00045223 _____ C:\Users\Daniel\Downloads\FRST.txt
2013-12-23 11:21 - 2013-12-23 11:21 - 00000246 _____ C:\Users\Daniel\Downloads\defogger_enable.log
2013-12-23 11:21 - 2013-12-23 11:21 - 00000000 _____ C:\Users\Daniel\defogger_reenable
2013-12-23 11:20 - 2013-12-23 11:22 - 00000474 _____ C:\Users\Daniel\Downloads\defogger_disable.log
2013-12-22 16:54 - 2013-12-22 16:54 - 00082744 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswstm.sys
2013-12-21 07:33 - 2013-12-24 12:58 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-18 05:55 - 2013-12-23 15:36 - 00000000 ____D C:\Program Files (x86)\Browser Utility
2013-12-16 17:17 - 2013-12-16 17:17 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2013-12-12 16:58 - 2013-12-12 16:58 - 00445632 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2013-12-11 16:38 - 2013-10-25 07:19 - 02241536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2013-12-11 16:38 - 2013-10-25 07:19 - 01365504 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2013-12-11 16:38 - 2013-10-25 07:18 - 19271168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2013-12-11 16:38 - 2013-10-25 07:18 - 00603136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2013-12-11 16:38 - 2013-10-25 07:17 - 15404032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2013-12-11 16:38 - 2013-10-25 07:17 - 03959808 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2013-12-11 16:38 - 2013-10-25 07:17 - 02648576 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2013-12-11 16:38 - 2013-10-25 07:17 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2013-12-11 16:38 - 2013-10-25 05:45 - 01767936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2013-12-11 16:38 - 2013-10-25 05:44 - 14356992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2013-12-11 16:38 - 2013-10-25 05:44 - 01140736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2013-12-11 16:38 - 2013-10-25 05:43 - 13761536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2013-12-11 16:38 - 2013-10-25 05:43 - 02877952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2013-12-11 16:38 - 2013-10-25 05:43 - 02049024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2013-12-11 16:38 - 2013-10-25 05:43 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2013-12-11 16:38 - 2013-10-25 05:43 - 00493056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2013-12-11 16:37 - 2013-11-23 07:43 - 00420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll
2013-12-11 16:37 - 2013-11-23 06:05 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll
2013-12-11 16:37 - 2013-11-07 00:18 - 04036608 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2013-12-11 16:37 - 2013-11-01 06:38 - 00312320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msieftp.dll
2013-12-11 16:37 - 2013-11-01 04:49 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msieftp.dll
2013-12-11 16:37 - 2013-10-25 07:19 - 00915968 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll
2013-12-11 16:37 - 2013-10-25 07:19 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2013-12-11 16:37 - 2013-10-19 06:45 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll
2013-12-11 16:37 - 2013-10-19 05:04 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll
2013-12-11 16:37 - 2013-10-10 10:32 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cscript.exe
2013-12-11 16:37 - 2013-10-10 10:30 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrobj.dll
2013-12-11 16:37 - 2013-10-10 10:30 - 00156160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrun.dll
2013-12-11 16:37 - 2013-10-10 10:24 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshom.ocx
2013-12-11 16:37 - 2013-10-10 10:23 - 00146944 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscript.exe
2013-12-11 16:37 - 2013-10-10 10:22 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrobj.dll
2013-12-11 16:37 - 2013-10-10 10:22 - 00194048 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll
2013-12-11 16:37 - 2013-09-28 04:35 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys
2013-12-10 18:43 - 2013-12-10 18:43 - 00000983 _____ C:\Users\Public\Desktop\WinRAR.lnk
2013-12-10 18:40 - 2013-12-10 18:39 - 00312744 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2013-12-10 18:40 - 2013-12-10 18:39 - 00189352 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2013-12-10 18:40 - 2013-12-10 18:39 - 00189352 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2013-12-10 18:40 - 2013-12-10 18:39 - 00108968 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2013-12-10 18:36 - 2013-12-10 18:36 - 00001131 _____ C:\Users\Public\Desktop\DivX Converter.lnk
2013-12-10 18:36 - 2013-12-10 18:36 - 00001066 _____ C:\Users\Public\Desktop\DivX Player.lnk
2013-12-09 19:21 - 2004-07-30 14:43 - 00000000 ____D C:\Users\Daniel\Downloads\WeightDiary
2013-12-09 19:12 - 2013-12-09 19:12 - 00000158 _____ C:\Users\Daniel\Desktop\100 Euro Guthaben.url
2013-12-08 20:30 - 2013-12-08 20:33 - 51415040 _____ (Microsoft Corporation) C:\Users\Daniel\Downloads\IE10-Windows6.1-x64-de-de_b16521.exe
2013-12-08 20:15 - 2013-10-09 02:33 - 00059416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2013-12-08 20:15 - 2013-10-08 23:30 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2013-12-08 20:15 - 2013-10-08 23:30 - 00126976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2013-12-08 20:15 - 2013-10-08 23:30 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2013-12-08 20:15 - 2013-10-08 23:30 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2013-12-08 20:15 - 2013-10-08 23:28 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2013-12-08 20:15 - 2013-10-08 23:27 - 03279872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2013-12-08 20:15 - 2013-10-08 23:27 - 01622016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2013-12-08 20:15 - 2013-10-08 23:27 - 00773120 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2013-12-08 20:15 - 2013-10-08 23:27 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2013-12-08 20:15 - 2013-10-08 23:27 - 00175104 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2013-12-08 20:15 - 2013-10-08 23:27 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2013-12-08 20:15 - 2013-10-08 23:27 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2013-12-08 20:15 - 2013-10-05 07:10 - 00285016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2013-12-08 20:15 - 2013-10-03 23:09 - 00385528 _____ C:\WINDOWS\system32\ApnDatabase.xml
2013-12-08 20:15 - 2013-10-02 03:50 - 00447320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2013-12-08 20:15 - 2013-09-28 06:48 - 00778752 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2013-12-08 20:15 - 2013-09-28 04:58 - 00551424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2013-12-08 20:15 - 2013-09-19 08:32 - 01455448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2013-12-08 20:15 - 2013-08-30 06:19 - 00626688 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2013-12-08 20:15 - 2013-08-30 06:18 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2013-12-08 20:15 - 2013-08-30 00:48 - 00488960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2013-12-08 20:15 - 2013-08-30 00:47 - 00302080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2013-12-06 14:57 - 2013-12-06 14:57 - 00000037 ___SH C:\Users\Daniel\AppData\Local\70149b02515b3bb20dd492.47983420
2013-12-06 14:57 - 2013-12-06 14:57 - 00000000 ____D C:\Users\Daniel\AppData\Local\MetaGeek,_LLC
2013-12-06 14:57 - 2013-12-06 14:57 - 00000000 ____D C:\Users\Daniel\AppData\Local\IsolatedStorage
2013-12-06 14:55 - 2013-12-06 14:56 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MetaGeek
2013-12-06 14:55 - 2013-12-06 14:55 - 00000000 ____D C:\Program Files (x86)\MetaGeek
2013-12-04 06:50 - 2013-12-04 06:50 - 00001783 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-12-04 06:50 - 2013-12-04 06:50 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-12-04 06:50 - 2013-12-04 06:50 - 00000000 ____D C:\Program Files\iTunes
2013-12-04 06:50 - 2013-12-04 06:50 - 00000000 ____D C:\Program Files\iPod
2013-12-04 06:50 - 2013-12-04 06:50 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-12-02 16:20 - 2013-12-02 16:20 - 00000000 ____D C:\Users\Daniel\AppData\Local\Akamai
2013-12-02 16:09 - 2012-07-06 14:52 - 00052876 _____ C:\Users\Daniel\Downloads\apps.diagcab
2013-11-30 19:36 - 2013-11-30 19:36 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\AVAST Software
2013-11-30 16:38 - 2013-11-30 16:38 - 00000000 _____ C:\WINDOWS\SysWOW64\config.nt

==================== One Month Modified Files and Folders =======

2013-12-25 18:35 - 2013-12-24 13:01 - 00000000 ____D C:\Users\Daniel\Desktop\Schutz software
2013-12-25 18:34 - 2013-12-23 11:24 - 00000000 ____D C:\FRST
2013-12-25 18:32 - 2013-12-25 18:31 - 00891200 _____ C:\Users\Daniel\Downloads\SecurityCheck.exe
2013-12-25 18:28 - 2013-12-23 15:19 - 00259926 _____ C:\WINDOWS\WindowsUpdate.log
2013-12-25 18:20 - 2013-06-23 12:46 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2013-12-25 18:02 - 2012-07-26 09:12 - 00000000 ____D C:\WINDOWS\system32\sru
2013-12-25 17:33 - 2013-12-24 12:52 - 00009184 _____ C:\WINDOWS\setupact.log
2013-12-25 17:24 - 2013-09-19 05:46 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\vlc
2013-12-25 15:17 - 2012-07-26 11:27 - 00879766 _____ C:\WINDOWS\system32\perfh007.dat
2013-12-25 15:17 - 2012-07-26 11:27 - 00203372 _____ C:\WINDOWS\system32\perfc007.dat
2013-12-25 15:17 - 2012-07-26 08:28 - 02069812 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2013-12-25 15:13 - 2012-07-26 08:22 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2013-12-24 22:28 - 2013-06-21 15:09 - 00004182 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2013-12-24 14:05 - 2013-07-13 06:44 - 00002563 _____ C:\Users\Public\Desktop\Free System Utilities.lnk
2013-12-24 13:13 - 2013-12-24 13:13 - 00001323 _____ C:\Users\Daniel\Desktop\JRT.txt
2013-12-24 12:58 - 2013-12-24 12:57 - 00000000 ____D C:\AdwCleaner
2013-12-24 12:58 - 2013-12-21 07:33 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-24 12:58 - 2013-07-13 13:37 - 00000000 ____D C:\WINDOWS\System32\Tasks\ProtectedSearch
2013-12-24 12:58 - 2012-11-16 20:30 - 00000000 ____D C:\Users\Daniel
2013-12-24 12:58 - 2012-11-14 15:56 - 00000000 ____D C:\ProgramData\Uniblue
2013-12-24 12:55 - 2012-07-26 09:12 - 00000000 ____D C:\WINDOWS\system32\NDF
2013-12-24 12:52 - 2013-12-24 12:52 - 00001490 _____ C:\WINDOWS\PFRO.log
2013-12-24 12:52 - 2013-12-24 12:52 - 00000000 _____ C:\WINDOWS\setuperr.log
2013-12-24 00:11 - 2013-12-24 00:11 - 00018708 _____ C:\ComboFix.txt
2013-12-24 00:11 - 2013-12-23 23:39 - 00000000 ____D C:\Qoobox
2013-12-24 00:11 - 2012-07-26 06:37 - 00000000 __RHD C:\Users\Default
2013-12-24 00:11 - 2009-07-14 04:20 - 00000000 ____D C:\Users\Default.migrated
2013-12-24 00:10 - 2013-12-23 23:39 - 00000000 ____D C:\WINDOWS\erdnt
2013-12-24 00:09 - 2012-07-26 06:26 - 00000215 _____ C:\WINDOWS\system.ini
2013-12-23 23:51 - 2013-12-23 23:51 - 00000085 _____ C:\WINDOWS\wininit.ini
2013-12-23 23:50 - 2013-07-28 08:49 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2013-12-23 15:36 - 2013-12-18 05:55 - 00000000 ____D C:\Program Files (x86)\Browser Utility
2013-12-23 13:24 - 2013-12-23 13:24 - 00001724 _____ C:\Users\Public\Desktop\Defraggler.lnk
2013-12-23 13:24 - 2013-12-23 13:24 - 00000000 ____D C:\Program Files\Defraggler
2013-12-23 11:26 - 2013-12-23 11:25 - 00043357 _____ C:\Users\Daniel\Downloads\Addition.txt
2013-12-23 11:26 - 2013-12-23 11:24 - 00045223 _____ C:\Users\Daniel\Downloads\FRST.txt
2013-12-23 11:22 - 2013-12-23 11:20 - 00000474 _____ C:\Users\Daniel\Downloads\defogger_disable.log
2013-12-23 11:21 - 2013-12-23 11:21 - 00000246 _____ C:\Users\Daniel\Downloads\defogger_enable.log
2013-12-23 11:21 - 2013-12-23 11:21 - 00000000 _____ C:\Users\Daniel\defogger_reenable
2013-12-22 16:54 - 2013-12-22 16:54 - 00082744 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswstm.sys
2013-12-22 16:54 - 2013-06-21 15:09 - 01034464 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2013-12-22 16:54 - 2013-06-21 15:09 - 00422216 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2013-12-22 16:54 - 2013-06-21 15:09 - 00334136 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2013-12-22 16:54 - 2013-06-21 15:09 - 00207904 _____ C:\WINDOWS\system32\Drivers\aswVmm.sys
2013-12-22 16:54 - 2013-06-21 15:09 - 00078648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2013-12-22 16:54 - 2013-06-21 15:08 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2013-12-22 13:18 - 2012-07-26 06:26 - 00008192 ___SH C:\WINDOWS\system32\config\BBI
2013-12-21 17:56 - 2012-11-16 21:51 - 00000000 ____D C:\Users\DefaultAppPool
2013-12-21 06:48 - 2011-09-26 08:25 - 00000000 ____D C:\Users\Daniel\AppData\Local\Mozilla
2013-12-21 06:08 - 2012-07-26 09:12 - 00000000 ____D C:\WINDOWS\AUInstallAgent
2013-12-21 05:57 - 2013-07-28 07:57 - 00000000 ____D C:\ProgramData\Spyware Terminator
2013-12-18 05:55 - 2012-01-21 11:05 - 00001181 _____ C:\Users\Public\Desktop\YouTube Song Downloader.lnk
2013-12-18 05:55 - 2012-01-21 11:05 - 00000000 ____D C:\Users\Daniel\AppData\Local\Abelssoft
2013-12-18 05:55 - 2012-01-21 11:05 - 00000000 ____D C:\Program Files (x86)\YouTube Song Downloader
2013-12-17 06:00 - 2013-01-18 17:36 - 00000000 ____D C:\Program Files (x86)\TuneUp Utilities 2013
2013-12-16 17:17 - 2013-12-16 17:17 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2013-12-16 17:17 - 2010-10-25 03:52 - 00000000 ____D C:\ProgramData\NVIDIA
2013-12-16 06:04 - 2013-08-14 06:42 - 00000000 ____D C:\WINDOWS\system32\MRT
2013-12-16 06:02 - 2011-09-26 05:40 - 90708896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2013-12-16 05:58 - 2010-10-25 02:43 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2013-12-15 16:07 - 2012-03-26 17:41 - 00003696 _____ C:\WINDOWS\System32\Tasks\Adobe-Online-Aktualisierungsprogramm
2013-12-13 20:10 - 2013-09-19 05:46 - 00001070 _____ C:\Users\Public\Desktop\VLC media player.lnk
2013-12-12 16:58 - 2013-12-12 16:58 - 00445632 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2013-12-11 20:11 - 2012-07-26 09:12 - 00000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2013-12-11 18:39 - 2012-07-26 09:12 - 00000000 ____D C:\WINDOWS\rescache
2013-12-11 16:43 - 2011-10-01 16:13 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-12-11 16:40 - 2012-07-26 06:38 - 00000000 ____D C:\WINDOWS\system32\oobe
2013-12-11 16:30 - 2012-05-18 18:30 - 00000000 ____D C:\Users\Daniel\Desktop\Media
2013-12-11 06:07 - 2012-11-16 21:07 - 00003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1252512109-3750120672-4145686215-1001
2013-12-10 19:20 - 2013-06-23 12:46 - 00003772 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2013-12-10 18:44 - 2013-07-10 17:49 - 00001151 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-12-10 18:43 - 2013-12-10 18:43 - 00000983 _____ C:\Users\Public\Desktop\WinRAR.lnk
2013-12-10 18:43 - 2013-10-20 10:49 - 00022328 _____ (TuneUp Software) C:\WINDOWS\SysWOW64\authuitu.dll
2013-12-10 18:43 - 2013-06-22 18:21 - 00000000 ____D C:\Program Files\WinRAR
2013-12-10 18:43 - 2013-01-18 17:42 - 00038200 _____ (TuneUp Software) C:\WINDOWS\system32\uxtuneup.dll
2013-12-10 18:43 - 2013-01-18 17:42 - 00030520 _____ (TuneUp Software) C:\WINDOWS\SysWOW64\uxtuneup.dll
2013-12-10 18:43 - 2013-01-18 17:36 - 00035640 _____ (TuneUp Software) C:\WINDOWS\system32\TURegOpt.exe
2013-12-10 18:43 - 2013-01-18 17:36 - 00026936 _____ (TuneUp Software) C:\WINDOWS\system32\authuitu.dll
2013-12-10 18:43 - 2011-12-11 14:00 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2013-12-10 18:40 - 2013-09-19 05:23 - 00000000 ____D C:\ProgramData\Oracle
2013-12-10 18:40 - 2013-07-20 14:49 - 00002251 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-12-10 18:39 - 2013-12-10 18:40 - 00312744 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2013-12-10 18:39 - 2013-12-10 18:40 - 00189352 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2013-12-10 18:39 - 2013-12-10 18:40 - 00189352 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2013-12-10 18:39 - 2013-12-10 18:40 - 00108968 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2013-12-10 18:36 - 2013-12-10 18:36 - 00001131 _____ C:\Users\Public\Desktop\DivX Converter.lnk
2013-12-10 18:36 - 2013-12-10 18:36 - 00001066 _____ C:\Users\Public\Desktop\DivX Player.lnk
2013-12-10 18:36 - 2013-06-22 18:15 - 00001615 _____ C:\Users\Daniel\Desktop\DivX Movies.lnk
2013-12-10 18:36 - 2012-04-08 09:25 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\DivX
2013-12-10 18:36 - 2012-04-08 09:24 - 00000000 ____D C:\Program Files (x86)\DivX
2013-12-10 18:36 - 2012-04-08 09:23 - 00000000 ____D C:\ProgramData\DivX
2013-12-10 18:35 - 2012-04-08 09:24 - 00000000 ____D C:\Program Files\DivX
2013-12-10 18:34 - 2013-08-30 09:11 - 00000000 ____D C:\Users\Administrator
2013-12-09 19:24 - 2012-10-07 09:02 - 00000000 ____D C:\Users\Daniel\Desktop\Dokumente
2013-12-09 19:12 - 2013-12-09 19:12 - 00000158 _____ C:\Users\Daniel\Desktop\100 Euro Guthaben.url
2013-12-08 20:33 - 2013-12-08 20:30 - 51415040 _____ (Microsoft Corporation) C:\Users\Daniel\Downloads\IE10-Windows6.1-x64-de-de_b16521.exe
2013-12-06 16:17 - 2012-12-14 06:11 - 00000000 ____D C:\Musik
2013-12-06 14:57 - 2013-12-06 14:57 - 00000037 ___SH C:\Users\Daniel\AppData\Local\70149b02515b3bb20dd492.47983420
2013-12-06 14:57 - 2013-12-06 14:57 - 00000000 ____D C:\Users\Daniel\AppData\Local\MetaGeek,_LLC
2013-12-06 14:57 - 2013-12-06 14:57 - 00000000 ____D C:\Users\Daniel\AppData\Local\IsolatedStorage
2013-12-06 14:56 - 2013-12-06 14:55 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MetaGeek
2013-12-06 14:55 - 2013-12-06 14:55 - 00000000 ____D C:\Program Files (x86)\MetaGeek
2013-12-04 06:50 - 2013-12-04 06:50 - 00001783 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-12-04 06:50 - 2013-12-04 06:50 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-12-04 06:50 - 2013-12-04 06:50 - 00000000 ____D C:\Program Files\iTunes
2013-12-04 06:50 - 2013-12-04 06:50 - 00000000 ____D C:\Program Files\iPod
2013-12-04 06:50 - 2013-12-04 06:50 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-12-04 01:53 - 2013-09-12 04:55 - 00694240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2013-12-04 01:53 - 2013-09-12 04:55 - 00078304 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2013-12-02 16:20 - 2013-12-02 16:20 - 00000000 ____D C:\Users\Daniel\AppData\Local\Akamai
2013-11-30 19:36 - 2013-11-30 19:36 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\AVAST Software
2013-11-30 16:39 - 2013-06-21 15:09 - 00092544 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2013-11-30 16:39 - 2013-06-21 15:09 - 00065776 _____ C:\WINDOWS\system32\Drivers\aswRvrt.sys
2013-11-30 16:38 - 2013-11-30 16:38 - 00000000 _____ C:\WINDOWS\SysWOW64\config.nt
2013-11-30 16:38 - 2013-06-21 15:07 - 00000000 ____D C:\ProgramData\AVAST Software
2013-11-29 19:47 - 2013-09-04 16:31 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\AccurateRip
2013-11-29 19:47 - 2013-08-28 15:02 - 00000000 ____D C:\Users\Daniel\Documents\gothic3
2013-11-29 19:47 - 2012-01-07 10:03 - 00000000 ____D C:\Program Files (x86)\Steam

Some content of TEMP:
====================
C:\Users\Daniel\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-12-25 10:04

==================== End Of Log ============================
--- --- ---


Grüße

LuciLu

schrauber 26.12.2013 14:38
Java und Adobe updaten.

Downloade Dir bitte TFC ( von Oldtimer ) und speichere die Datei auf dem Desktop.
Schließe nun alle offenen Programme und trenne Dich von dem Internet.
Doppelklick auf die TFC.exe und drücke auf Start.
Sollte TFC nicht alle Dateien löschen können wird es einen Neustart verlangen. Dies bitte zulassen.


Welche Browser?

LuciLu 27.12.2013 10:09
Die Updates hab ich gemacht und TFC durchlaufen lassen. Mit der intensiven Suche von anti-Malware konnte ich noch ein paar Bedrohungen beseitigen. Ich glaube das da keine Schadsoftware mehr auf meinen Rechner ist. Trotzdem laden sich Internetseiten und Onlinevideos nur sehr stockend hoch, das war vor einer Woche noch nicht so.
Die betroffenen Browser sind Chrome, Mozilla und der Internet Explorer.

Grüße LuciLu

schrauber 27.12.2013 16:59
Radikalkur:

Firefox und Chrome deinstallieren, keine Daten behalten, neu installieren.

Setze folgendermassen den Internet Explorer zurück:
  • Öffne den Internet Explorer und gehe zu Extras -> Internetoptionen.
  • Klicke in der Registerkarte Erweitert unter "Internet Explorer-Einstellungen zurücksetzen" auf Zurücksetzen...
  • Klicke im Dialogfeld "Internet Explorer-Einstellungen zurücksetzen" zum Bestätigen auf Zurücksetzen.
(Hier findest du die bebilderte Anleitung.)


Router 30 min vom Strom nehmen, wieder anklemmen und alles testen :)

LuciLu 27.12.2013 18:27
Jo, die Radikalkur traf voll ins Schwarze. Die Browser laufen jetzt wie geschmiert.
Vielen dank für die Hilfe. :dankeschoen:

Ich wünsch dir noch einen guten Rutsch.

Gruß
LuciLu

schrauber 28.12.2013 18:01
Fertig :)

Falls Du Lob oder Kritik loswerden möchtest kannst Du das hier tun :)


Die Reihenfolge ist hier entscheidend.
  1. Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
  2. Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
    • Windowstaste + R > Combofix /Uninstall (eingeben) > OK
    • Alternative: Combofix.exe in uninstall.exe umbenennen und starten
    • Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
  3. Downloade Dir bitte auf jeden Fall DelFix Download DelFix auf deinen Desktop:
    • Schließe alle offenen Programme.
    • Starte die delfix.exe mit einem Doppelklick.
    • Setze vor jede Funktion ein Häkchen.
    • Klicke auf Start.
    • Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
    • Starte deinen Rechner abschließend neu.
  4. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.


Hier noch ein paar Tipps zur Absicherung deines Systems.


Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
  • Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
  • Windows Updates
    • Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
    • Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
  • Gehe sicher das die automatischen Updates aktiviert sind.
  • Software Updates
    Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
    Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.


Anti- Viren Software
  • Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.


Zusätzlicher Schutz
  • MalwareBytes Anti Malware
    Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
    Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
    Ein Tutorial zur Verwendung findest Du hier.
  • WinPatrol
    Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.


Sicheres Browsen
  • SpywareBlaster
    Eine kurze Einführung findest du Hier
  • MVPs hosts file
    Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
  • WOT (Web of trust)
    Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.


Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
  • Opera
  • Mozilla Firefox.
    • Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
    • NoScript
      Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
    • AdblockPlus
      Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
      Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )



Don'ts
  • Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
  • verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
  • Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
  • Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe
Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.

LuciLu 29.12.2013 12:05
Okay, ich hab jetzt alles gemacht was du mir im letzten post vorgeschlagen hast. Ich denke dann wärs das und du kannst den Thread löschen. Vielen Dank nochmals.

Gruß
LuciLu

schrauber 30.12.2013 10:37
Gern Geschehen :)


Alle Zeitangaben in WEZ +1. Es ist jetzt 05:39 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131