Windows 7: Download Protect 2.2.1 in Google Chrome

ntichelper · 01.07.2014, 10:40

Hallo,
ich versuche seit Tagen verzweifelt in verschiedensten Foren eine Lösung zu finden, um die Erweiterung "Download Protect 2.2.1" aus Google Chrome zu entfernen. Ich habe mit verschiedenen Hilfestellungen "herumgemurkst"... Es war jedoch leider alles erfolglos.

Nun habe ich mich hier registriert, und hoffe, dass mir jemand wirklich weiter helfen kann.

I

ch habe mit defogger evtl. Emulatoren deaktiviert. Es gab keine Fehlermeldung.
Ich habe mit "Farbar's Recovery Scan Tool" die Datei FRST.txt erstellt. Das File Addition.txt hat FRST leider nicht erstellt.
Ich habe mit GMER die Datei Gmer.txt erstellt.

Ich hoffe, ich habe für den Anfang hier alles richtig gepostet und hoffe, dass mir jemand weiter helfen kann.

Vielen Dank im Voraus

cosinus · 01.07.2014, 11:08

Hi und

Logs bitte nicht anhängen, notfalls splitten und über mehrere Postings verteilt posten

Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

ntichelper · 01.07.2014, 13:17

Danke für das Feedback
Sorry... bin neu hier.

Hier nochmals die Log-Files

Vielen Dank im Voraus

defogger_disable.log

Code:

ATTFilter

defogger_disable by jpshortstuff (23.02.10.1)
Log created at 11:02 on 01/07/2014 (OEM)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-

FRST.txt

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 29-06-2014
Ran by OEM (administrator) on OEM-PC on 01-07-2014 11:08:48
Running from C:\Users\OEM\Documents\2014_07_01_download_protect_removal\tools
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 9
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(AMD) C:\Windows\System32\atieclxx.exe
() C:\Windows\System32\QUTIL64.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_WT50RP.EXE
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareTray.exe
(Skype Technologies S.A.) C:\C\Programme\Skype\Phone\Skype.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Desktop.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Opera Software) C:\Program Files (x86)\Opera\22.0.1471.70\opera.exe
() C:\Program Files (x86)\Opera\22.0.1471.70\opera_crashreporter.exe
(Opera Software) C:\Program Files (x86)\Opera\22.0.1471.70\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\22.0.1471.70\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\22.0.1471.70\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\22.0.1471.70\opera.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11057768 2010-07-06] (Realtek Semiconductor)
HKLM\...\Run: [AdAwareTray] => C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareTray.exe [7715160 2014-06-03] ()
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [FUFAXRCV] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe [502952 2012-07-09] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [FUFAXSTM] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe [863400 2012-07-09] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1058912 2012-04-02] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [220744 2011-12-16] (Geek Software GmbH)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-04-27] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [InboxMonitor] => "C:\Program Files (x86)\Nuance\PDF Professional 7\InboxMonitor.exe" /run
HKU\S-1-5-21-1422302985-1899904796-1242127876-1000\...\Run: [Skype] => C:\C\Programme\Skype\Phone\Skype.exe [21444224 2014-05-08] (Skype Technologies S.A.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\vpngui.exe.lnk
ShortcutTarget: vpngui.exe.lnk -> C:\Windows\Installer\{5FDC06BF-3D3D-4367-8FFB-4FAFCB61972D}\Icon09DB8A851.exe ()
Startup: C:\Users\OEM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.0.lnk
ShortcutTarget: OpenOffice.org 3.0.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

ProxyServer: http=127.0.0.1:8118;https=127.0.0.1:8118
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKCU - 8D9A5D0AC1F445F0B4735730804E35EE URL = hxxp://dts.search-results.com/sr?src=ieb&gct=ds&appid=110&systemid=102&apn_dtid=BND102&apn_ptnrs=AG7&o=APN10646&apn_uid=8204411260354610&q={searchTerms}
SearchScopes: HKCU - {6CC1B62A-6DFF-4198-B829-4F0C304A1671} URL = hxxp://www.google.de/search?q={searchTerms}&hl=de&gl=de&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
SearchScopes: HKCU - {BAF3C2BB-52DF-48D1-B496-CC19B2CCED73} URL = hxxp://www.google.de/search?q={searchTerms}
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: No Name - {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -  No File
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: No Name - {b31d1ab1-5453-4ed1-97e5-c377f9532024} -  No File
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - No Name - {b31d1ab1-5453-4ed1-97e5-c377f9532024} -  No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} -  No File
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{A55F4236-B909-4382-8495-41190DF1DF95}: [NameServer]8.8.8.8,8.8.4.4

FireFox:
========
FF ProfilePath: C:\Users\OEM\AppData\Roaming\Mozilla\Firefox\Profiles\nc1wdhkw.default
FF Homepage: user_pref("browser.startup.homepage", );
FF NetworkProxy: "type", 1
FF NetworkProxy: "http", "127.0.0.1");user_pref("network.proxy.http_port", 8118);user_pref("network.proxy.ssl", "127.0.0.1");user_pref("network.proxy.ssl_port", 8118
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @Skype Technologies S.A..com/Skype Web Plugin - C:\Program Files (x86)\SkypeWebPlugin\npSkypeWebPlugin64.dll (Skype)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @Skype Technologies S.A..com/Skype Web Plugin - C:\Program Files (x86)\SkypeWebPlugin\npSkypeWebPlugin.dll (Skype)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @TrendMicro.com/FFExtension - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension\components\npToolbarChrome.dll No File
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: geomind.it/DbMap3dFlyer - C:\Program Files (x86)\Abaco\DbMAP 3D Flyer Plugin\npGeoFlyerPlugin.dll (Geomind Srl)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\OEM\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll No File
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\OEM\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll No File
FF HKLM-x32\...\Firefox\Extensions: [{754C09DF-D672-454D-8988-4A0E12D36237}] - C:\Windows\Installer\{27F06CD8-29BD-43E4-9C8E-5B64A18F2319}\{754C09DF-D672-454D-8988-4A0E12D36237}.xpi
FF Extension: Download Protect - C:\Windows\Installer\{27F06CD8-29BD-43E4-9C8E-5B64A18F2319}\{754C09DF-D672-454D-8988-4A0E12D36237}.xpi [2014-07-01]

Chrome: 
=======
CHR Extension: (Google Drive) - C:\Users\OEM\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-07-01]
CHR Extension: (YouTube) - C:\Users\OEM\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-07-01]
CHR Extension: (Google-Suche) - C:\Users\OEM\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-07-01]
CHR Extension: (Download Protect) - C:\Users\OEM\AppData\Local\Google\Chrome\User Data\Default\Extensions\eaneilmmckmcpebnpbpccpbjjgiofplg [2014-07-01]
CHR Extension: (Google Wallet) - C:\Users\OEM\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-07-01]
CHR Extension: (Google Mail) - C:\Users\OEM\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-07-01]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-04-11]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 autochkd; C:\Windows\system32\QUTIL64.exe [106496 2012-09-30] () [File not signed]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390720 2014-04-11] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1764992 2014-04-11] (Microsoft Corporation)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [135824 2011-12-12] (Seiko Epson Corporation)
R2 LavasoftAdAwareService11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareService.exe [706864 2014-06-03] ()
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation)
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation)
S2 SkypeUpdate; C:\C\Programme\Skype\Updater\Updater.exe [172192 2013-10-23] (Skype Technologies)

==================== Drivers (Whitelisted) ====================

R3 CVPNDRVA; C:\Windows\system32\Drivers\CVPNDRVA.sys [306536 2011-03-04] ()
R3 gzflt; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Antimalware Engine\3.0.0.56\gzflt.sys [150256 2014-04-22] (BitDefender LLC)
R3 MODEMCSA; C:\Windows\System32\drivers\MODEMCSA.sys [24064 2009-07-14] (Microsoft Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-16] ()
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)
S3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [389240 2014-04-22] (BitDefender S.R.L.)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()
U2 TMAgent; 

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-07-01 11:02 - 2014-07-01 11:02 - 00000000 _____ () C:\Users\OEM\defogger_reenable
2014-07-01 10:57 - 2014-07-01 10:57 - 00003832 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1404205045
2014-07-01 10:57 - 2014-07-01 10:57 - 00001133 _____ () C:\Users\Public\Desktop\Opera.lnk
2014-07-01 10:57 - 2014-07-01 10:57 - 00001133 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2014-07-01 10:57 - 2014-07-01 10:57 - 00000000 ____D () C:\Users\OEM\AppData\Roaming\Opera Software
2014-07-01 10:57 - 2014-07-01 10:57 - 00000000 ____D () C:\Users\OEM\AppData\Local\Opera Software
2014-07-01 10:57 - 2014-07-01 10:57 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-07-01 10:52 - 2014-07-01 10:54 - 27641968 _____ (Opera Software ASA) C:\Users\OEM\Downloads\Opera_22.0.1471.70_Setup.exe
2014-07-01 10:21 - 2014-07-01 10:21 - 00000000 ____D () C:\Users\OEM\AppData\Local\Google
2014-07-01 09:46 - 2014-07-01 09:46 - 00000302 _____ () C:\Windows\PFRO.log
2014-07-01 09:12 - 2014-07-01 11:05 - 00000000 ____D () C:\Users\OEM\Documents\2014_07_01_download_protect_removal
2014-07-01 09:03 - 2014-07-01 09:52 - 00000000 ____D () C:\Users\OEM\Downloads\FRST-OlderVersion
2014-07-01 09:03 - 2014-07-01 09:06 - 00052417 _____ () C:\Users\OEM\Downloads\FRST.txt
2014-06-30 12:10 - 2014-06-30 12:10 - 00057328 _____ () C:\Users\OEM\Downloads\201400249228-BZ.zip
2014-06-30 12:10 - 2014-06-30 12:10 - 00057328 _____ () C:\Users\OEM\Downloads\201400249228-BZ (1).zip
2014-06-30 07:39 - 2014-07-01 09:46 - 00000224 _____ () C:\Windows\setupact.log
2014-06-30 07:39 - 2014-06-30 07:39 - 00000000 _____ () C:\Windows\setuperr.log
2014-06-29 16:06 - 2014-06-29 16:06 - 04814144 _____ (Piriform Ltd) C:\Users\OEM\Downloads\ccsetup415pro.exe
2014-06-29 15:37 - 2014-06-29 15:37 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\OEM\Downloads\SpyHunter-Installer.exe
2014-06-26 16:59 - 2014-06-26 16:59 - 00000000 ____D () C:\Users\OEM\AppData\Roaming\LavasoftStatistics
2014-06-26 16:59 - 2014-06-26 16:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ad-Aware Antivirus
2014-06-26 16:44 - 2014-06-26 16:44 - 00000000 ____D () C:\Program Files\Lavasoft
2014-06-26 16:42 - 2014-06-26 16:42 - 00000000 ____D () C:\Users\OEM\AppData\Roaming\Lavasoft
2014-06-26 16:41 - 2014-06-26 16:41 - 00000000 ____D () C:\Program Files\Common Files\Lavasoft
2014-06-26 16:40 - 2014-06-26 16:40 - 01707144 _____ () C:\Users\OEM\Downloads\Adaware112_Installer.exe
2014-06-26 16:40 - 2014-06-26 16:40 - 00000000 ____D () C:\ProgramData\Lavasoft
2014-06-26 15:49 - 2014-06-26 15:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-06-26 15:46 - 2014-07-01 10:51 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-26 15:46 - 2014-07-01 09:46 - 00001100 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-26 15:46 - 2014-06-26 15:49 - 00000000 ____D () C:\Program Files (x86)\Google
2014-06-26 15:46 - 2014-06-26 15:46 - 00004100 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-26 15:46 - 2014-06-26 15:46 - 00003848 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-26 15:45 - 2014-06-26 15:46 - 00895120 _____ (Google Inc.) C:\Users\OEM\Downloads\ChromeSetup.exe
2014-06-23 13:04 - 2014-06-23 13:04 - 00057308 _____ () C:\Users\OEM\Downloads\201400235742-BZ.zip
2014-06-22 18:28 - 2014-06-22 18:33 - 15089688 _____ (Ross-Tech, LLC) C:\Users\OEM\Downloads\VCDS-Release-12.12.0-Installer.exe
2014-06-21 08:03 - 2014-06-21 08:03 - 00057349 _____ () C:\Users\OEM\Downloads\201400230848-BZ.zip
2014-06-20 13:35 - 2014-06-20 13:35 - 00057322 _____ () C:\Users\OEM\Downloads\201400222941-BZ (3).zip
2014-06-20 13:33 - 2014-06-20 13:33 - 00057322 _____ () C:\Users\OEM\Downloads\201400222941-BZ (2).zip
2014-06-20 13:32 - 2014-06-20 13:32 - 00057322 _____ () C:\Users\OEM\Downloads\201400222941-BZ (1).zip
2014-06-20 13:03 - 2014-06-20 13:03 - 00001178 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2014-06-20 13:03 - 2014-06-20 13:03 - 00001166 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk
2014-06-20 13:03 - 2014-06-20 13:03 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2014-06-18 22:27 - 2014-06-18 22:27 - 00065342 _____ () C:\Users\OEM\Downloads\Shortcut.txt
2014-06-18 21:57 - 2014-06-18 21:58 - 04748896 _____ (Piriform Ltd) C:\Users\OEM\Downloads\ccsetup414 (3).exe
2014-06-18 21:56 - 2014-06-18 21:57 - 04748896 _____ (Piriform Ltd) C:\Users\OEM\Downloads\ccsetup414 (2).exe
2014-06-18 19:39 - 2014-06-18 19:39 - 00001200 _____ () C:\Windows\system32\cc_20140618_193916.reg
2014-06-18 19:38 - 2014-06-18 19:38 - 00031986 _____ () C:\Windows\system32\cc_20140618_193854.reg
2014-06-18 12:39 - 2014-06-18 12:40 - 00854367 _____ () C:\Users\OEM\Downloads\SecurityCheck (1).exe
2014-06-18 12:38 - 2014-06-18 12:39 - 00854367 _____ () C:\Users\OEM\Downloads\SecurityCheck.exe
2014-06-18 12:33 - 2014-06-18 22:27 - 00024710 _____ () C:\Users\OEM\Downloads\Addition.txt
2014-06-18 12:30 - 2014-07-01 11:08 - 00000000 ____D () C:\FRST
2014-06-18 12:28 - 2014-07-01 09:03 - 02083328 _____ (Farbar) C:\Users\OEM\Downloads\FRST64.exe
2014-06-17 16:51 - 2014-06-17 16:51 - 00000000 ____D () C:\Windows\ERUNT
2014-06-17 16:51 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-06-17 16:50 - 2014-07-01 09:43 - 00000000 ____D () C:\AdwCleaner
2014-06-17 16:50 - 2014-06-17 16:50 - 01016261 _____ (Thisisu) C:\Users\OEM\Downloads\JRT_6.1.4.exe
2014-06-17 16:49 - 2014-06-17 16:50 - 01333465 _____ () C:\Users\OEM\Downloads\adwcleaner_3.212.exe
2014-06-17 12:39 - 2014-06-29 13:07 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-17 12:38 - 2014-06-17 12:38 - 00001106 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-06-17 12:38 - 2014-06-17 12:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-06-17 12:38 - 2014-06-17 12:38 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-06-17 12:38 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-06-17 12:38 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-06-17 12:34 - 2014-06-17 12:34 - 02347384 _____ (ESET) C:\Users\OEM\Downloads\esetsmartinstaller_deu.exe
2014-06-17 12:32 - 2014-06-17 12:33 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\OEM\Downloads\mbam-setup-2.0.2.1012 (1).exe
2014-06-17 11:46 - 2014-06-17 11:46 - 00057322 _____ () C:\Users\OEM\Downloads\201400222941-BZ.zip
2014-06-16 21:50 - 2014-06-16 21:50 - 01078591 _____ () C:\Users\OEM\Downloads\Unlocker1.9.2 (1).exe
2014-06-16 21:49 - 2014-06-18 14:33 - 00000000 ____D () C:\Program Files\Unlocker
2014-06-16 21:49 - 2014-06-16 21:49 - 00000000 ____D () C:\Users\OEM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
2014-06-16 21:48 - 2014-06-16 21:49 - 01078591 _____ () C:\Users\OEM\Downloads\Unlocker1.9.2.exe
2014-06-16 20:19 - 2014-06-16 20:20 - 04748896 _____ (Piriform Ltd) C:\Users\OEM\Downloads\ccsetup414 (1).exe
2014-06-16 20:18 - 2014-06-16 20:19 - 04748896 _____ (Piriform Ltd) C:\Users\OEM\Downloads\ccsetup414.exe
2014-06-16 16:24 - 2014-06-16 16:24 - 00057357 _____ () C:\Users\OEM\Downloads\201400220464-BZ.zip
2014-06-16 16:24 - 2014-06-16 16:24 - 00057357 _____ () C:\Users\OEM\Downloads\201400220464-BZ (1).zip
2014-06-15 13:51 - 2014-06-15 13:51 - 00325586 _____ () C:\Windows\system32\cc_20140615_135103.reg
2014-06-15 12:37 - 2014-06-15 13:46 - 00001914 _____ () C:\Windows\SysWOW64\${LOGFILE}
2014-06-15 12:28 - 2014-06-17 16:59 - 00000000 ____D () C:\Windows\System32\Tasks\Browser Updater
2014-06-15 12:22 - 2014-06-16 21:54 - 00000000 ____D () C:\Users\Administrator
2014-06-15 12:22 - 2014-06-15 13:16 - 00000000 ____D () C:\ProgramData\28e74f1e72de16b9
2014-06-15 12:22 - 2014-06-15 12:22 - 00000000 ____D () C:\Users\OEM\AppData\Local\Packages
2014-06-15 12:22 - 2014-06-15 12:22 - 00000000 ____D () C:\Users\OEM\AppData\Local\Comodo
2014-06-15 12:22 - 2014-06-15 12:22 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-06-15 12:22 - 2014-06-15 12:22 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-06-15 12:22 - 2014-06-15 12:22 - 00000000 ____D () C:\Users\HomeGroupUser$
2014-06-15 12:22 - 2014-06-15 12:22 - 00000000 ____D () C:\Users\Gast\AppData\Local\Google
2014-06-15 12:22 - 2014-06-15 12:22 - 00000000 ____D () C:\Users\Gast\AppData\Local\Comodo
2014-06-15 12:22 - 2014-06-15 12:22 - 00000000 ____D () C:\Users\Gast
2014-06-15 12:22 - 2014-06-15 12:22 - 00000000 _____ () C:\Windows\SysWOW64\Number of results
2014-06-15 12:19 - 2014-04-09 07:55 - 00034376 _____ () C:\Windows\Launcher.exe
2014-06-15 12:16 - 2014-06-15 12:16 - 00003158 _____ () C:\Windows\System32\Tasks\{15DD6F64-0DA6-4526-94EA-D06CF858DF2C}
2014-06-15 11:55 - 2014-06-15 11:55 - 00013048 _____ () C:\Users\OEM\AppData\Roaming\Bubble Dock.installation.log
2014-06-15 11:03 - 2014-06-15 11:03 - 00212992 _____ () C:\Users\OEM\Downloads\Autoveicoli_GA_OUT (2).xls
2014-06-15 11:03 - 2014-06-15 11:03 - 00212992 _____ () C:\Users\OEM\Downloads\Autoveicoli_GA_OUT (1).xls
2014-06-15 11:01 - 2014-06-15 11:01 - 00763904 _____ () C:\Users\OEM\Downloads\Fringe_benefit_2013.xls
2014-06-14 09:34 - 2014-06-14 09:34 - 00057346 _____ () C:\Users\OEM\Downloads\201400216562-BZ.zip
2014-06-12 21:30 - 2014-06-12 21:30 - 00195005 _____ () C:\Users\OEM\Downloads\Newsletter n.20 del 12-06-2014.pdf.zip
2014-06-12 16:40 - 2014-06-08 11:13 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-12 16:40 - 2014-06-08 11:08 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-12 16:40 - 2014-05-28 20:53 - 17857536 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-12 16:40 - 2014-05-28 20:37 - 02338816 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-12 16:40 - 2014-05-28 20:35 - 10890240 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-12 16:40 - 2014-05-28 20:31 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-12 16:40 - 2014-05-28 20:31 - 01348608 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-12 16:40 - 2014-05-28 20:30 - 01494016 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-12 16:40 - 2014-05-28 20:30 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-06-12 16:40 - 2014-05-28 20:29 - 02148352 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-12 16:40 - 2014-05-28 20:29 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-06-12 16:40 - 2014-05-28 20:29 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-12 16:40 - 2014-05-28 20:29 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-12 16:40 - 2014-05-28 20:29 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-12 16:40 - 2014-05-28 20:29 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-12 16:40 - 2014-05-28 20:28 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-12 16:40 - 2014-05-28 20:28 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-12 16:40 - 2014-05-28 20:28 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-12 16:40 - 2014-05-28 20:28 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-12 16:40 - 2014-05-28 20:28 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-06-12 16:40 - 2014-05-28 20:28 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-06-12 16:40 - 2014-05-28 20:28 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-06-12 16:40 - 2014-05-28 20:27 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-12 16:40 - 2014-05-28 18:48 - 12356608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-12 16:40 - 2014-05-28 18:39 - 01810432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-12 16:40 - 2014-05-28 18:38 - 09711104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-12 16:40 - 2014-05-28 18:33 - 01106432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-12 16:40 - 2014-05-28 18:32 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-12 16:40 - 2014-05-28 18:32 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-12 16:40 - 2014-05-28 18:31 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-06-12 16:40 - 2014-05-28 18:31 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-12 16:40 - 2014-05-28 18:30 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-12 16:40 - 2014-05-28 18:30 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-06-12 16:40 - 2014-05-28 18:30 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-12 16:40 - 2014-05-28 18:30 - 00421376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-06-12 16:40 - 2014-05-28 18:30 - 00353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-12 16:40 - 2014-05-28 18:30 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-06-12 16:40 - 2014-05-28 18:30 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-06-12 16:40 - 2014-05-28 18:29 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-12 16:40 - 2014-05-28 18:29 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-12 16:40 - 2014-05-28 18:29 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-12 16:40 - 2014-05-28 18:29 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-06-12 16:40 - 2014-05-28 18:29 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-06-12 16:40 - 2014-05-28 18:28 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-06-12 16:40 - 2014-04-25 04:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-06-12 16:40 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-06-12 16:40 - 2014-04-05 04:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-12 16:40 - 2014-04-05 04:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-06-12 16:40 - 2014-03-26 16:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-06-12 16:40 - 2014-03-26 16:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-06-12 16:40 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-06-12 16:40 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-06-12 16:40 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-06-12 16:40 - 2014-03-26 16:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-06-12 16:40 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2014-06-12 16:40 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-06-11 08:50 - 2014-06-11 08:50 - 00057325 _____ () C:\Users\OEM\Downloads\201400211881-BZ.zip
2014-06-10 09:28 - 2014-06-10 09:28 - 00057323 _____ () C:\Users\OEM\Downloads\201400209914-BZ.zip
2014-06-10 09:28 - 2014-06-10 09:28 - 00057323 _____ () C:\Users\OEM\Downloads\201400209914-BZ (1).zip
2014-06-09 11:19 - 2014-06-09 11:19 - 00057348 _____ () C:\Users\OEM\Downloads\201400207640-BZ.zip
2014-06-08 11:12 - 2014-06-08 11:12 - 00057347 _____ () C:\Users\OEM\Downloads\201400205382-BZ (7).zip
2014-06-08 10:50 - 2014-06-08 10:50 - 00057347 _____ () C:\Users\OEM\Downloads\201400205382-BZ (6).zip
2014-06-08 08:54 - 2014-06-08 08:54 - 00057347 _____ () C:\Users\OEM\Downloads\201400205382-BZ (5).zip
2014-06-08 08:53 - 2014-06-08 08:53 - 00057347 _____ () C:\Users\OEM\Downloads\201400205382-BZ (4).zip
2014-06-08 08:52 - 2014-06-08 08:52 - 00057347 _____ () C:\Users\OEM\Downloads\201400205382-BZ (3).zip
2014-06-08 08:52 - 2014-06-08 08:52 - 00057347 _____ () C:\Users\OEM\Downloads\201400205382-BZ (2).zip
2014-06-08 08:52 - 2014-06-08 08:52 - 00057347 _____ () C:\Users\OEM\Downloads\201400205382-BZ (1).zip
2014-06-08 08:51 - 2014-06-08 08:52 - 00057347 _____ () C:\Users\OEM\Downloads\201400205382-BZ.zip
2014-06-03 19:06 - 2014-06-03 19:06 - 00000125 _____ () C:\Users\OEM\Downloads\unbenannt (5).txt
2014-06-01 15:45 - 2014-06-01 15:45 - 00057363 _____ () C:\Users\OEM\Downloads\201400194619-BZ.zip

==================== One Month Modified Files and Folders =======

2014-07-01 11:08 - 2014-06-18 12:30 - 00000000 ____D () C:\FRST
2014-07-01 11:05 - 2014-07-01 09:12 - 00000000 ____D () C:\Users\OEM\Documents\2014_07_01_download_protect_removal
2014-07-01 11:04 - 2011-08-22 20:31 - 00000000 ____D () C:\Users\OEM\AppData\Roaming\Skype
2014-07-01 11:02 - 2014-07-01 11:02 - 00000000 _____ () C:\Users\OEM\defogger_reenable
2014-07-01 11:02 - 2011-02-28 18:16 - 00000000 ____D () C:\Users\OEM
2014-07-01 10:57 - 2014-07-01 10:57 - 00003832 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1404205045
2014-07-01 10:57 - 2014-07-01 10:57 - 00001133 _____ () C:\Users\Public\Desktop\Opera.lnk
2014-07-01 10:57 - 2014-07-01 10:57 - 00001133 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2014-07-01 10:57 - 2014-07-01 10:57 - 00000000 ____D () C:\Users\OEM\AppData\Roaming\Opera Software
2014-07-01 10:57 - 2014-07-01 10:57 - 00000000 ____D () C:\Users\OEM\AppData\Local\Opera Software
2014-07-01 10:57 - 2014-07-01 10:57 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-07-01 10:54 - 2014-07-01 10:52 - 27641968 _____ (Opera Software ASA) C:\Users\OEM\Downloads\Opera_22.0.1471.70_Setup.exe
2014-07-01 10:51 - 2014-06-26 15:46 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-01 10:21 - 2014-07-01 10:21 - 00000000 ____D () C:\Users\OEM\AppData\Local\Google
2014-07-01 10:21 - 2012-12-23 15:16 - 00002251 _____ () C:\Users\OEM\Desktop\Google Chrome.lnk
2014-07-01 10:21 - 2012-12-23 15:13 - 00001112 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1422302985-1899904796-1242127876-1000UA.job
2014-07-01 10:18 - 2012-04-13 15:44 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-01 09:54 - 2013-10-25 19:28 - 01961951 _____ () C:\Windows\WindowsUpdate.log
2014-07-01 09:53 - 2009-07-14 06:45 - 00015152 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-01 09:53 - 2009-07-14 06:45 - 00015152 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-01 09:52 - 2014-07-01 09:03 - 00000000 ____D () C:\Users\OEM\Downloads\FRST-OlderVersion
2014-07-01 09:48 - 2012-12-22 23:11 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-07-01 09:46 - 2014-07-01 09:46 - 00000302 _____ () C:\Windows\PFRO.log
2014-07-01 09:46 - 2014-06-30 07:39 - 00000224 _____ () C:\Windows\setupact.log
2014-07-01 09:46 - 2014-06-26 15:46 - 00001100 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-01 09:46 - 2012-08-05 18:15 - 00000000 _____ () C:\Windows\system32\Drivers\lvuvc.hs
2014-07-01 09:46 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-01 09:43 - 2014-06-17 16:50 - 00000000 ____D () C:\AdwCleaner
2014-07-01 09:23 - 2013-09-29 20:48 - 00000000 ____D () C:\ProgramData\DivX
2014-07-01 09:06 - 2014-07-01 09:03 - 00052417 _____ () C:\Users\OEM\Downloads\FRST.txt
2014-07-01 09:03 - 2014-06-18 12:28 - 02083328 _____ (Farbar) C:\Users\OEM\Downloads\FRST64.exe
2014-07-01 08:57 - 2011-06-24 19:22 - 00003914 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{78DBB7A4-C6CC-4259-8C64-E43675B223EE}
2014-07-01 08:21 - 2012-12-23 15:13 - 00001060 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1422302985-1899904796-1242127876-1000Core.job
2014-06-30 12:10 - 2014-06-30 12:10 - 00057328 _____ () C:\Users\OEM\Downloads\201400249228-BZ.zip
2014-06-30 12:10 - 2014-06-30 12:10 - 00057328 _____ () C:\Users\OEM\Downloads\201400249228-BZ (1).zip
2014-06-30 07:39 - 2014-06-30 07:39 - 00000000 _____ () C:\Windows\setuperr.log
2014-06-29 21:59 - 2011-08-03 14:55 - 02084352 ___SH () C:\Users\OEM\Desktop\Thumbs.db
2014-06-29 16:24 - 2012-09-27 22:45 - 00000000 ____D () C:\Windows\pss
2014-06-29 16:06 - 2014-06-29 16:06 - 04814144 _____ (Piriform Ltd) C:\Users\OEM\Downloads\ccsetup415pro.exe
2014-06-29 15:37 - 2014-06-29 15:37 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\OEM\Downloads\SpyHunter-Installer.exe
2014-06-29 13:07 - 2014-06-17 12:39 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-27 17:23 - 2011-04-07 09:44 - 00000000 ___RD () C:\Users\OEM\Documents\Anfrage
2014-06-27 12:41 - 2013-01-13 18:18 - 00977920 ___SH () C:\Users\OEM\Downloads\Thumbs.db
2014-06-26 16:59 - 2014-06-26 16:59 - 00000000 ____D () C:\Users\OEM\AppData\Roaming\LavasoftStatistics
2014-06-26 16:59 - 2014-06-26 16:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ad-Aware Antivirus
2014-06-26 16:44 - 2014-06-26 16:44 - 00000000 ____D () C:\Program Files\Lavasoft
2014-06-26 16:42 - 2014-06-26 16:42 - 00000000 ____D () C:\Users\OEM\AppData\Roaming\Lavasoft
2014-06-26 16:41 - 2014-06-26 16:41 - 00000000 ____D () C:\Program Files\Common Files\Lavasoft
2014-06-26 16:40 - 2014-06-26 16:40 - 01707144 _____ () C:\Users\OEM\Downloads\Adaware112_Installer.exe
2014-06-26 16:40 - 2014-06-26 16:40 - 00000000 ____D () C:\ProgramData\Lavasoft
2014-06-26 15:49 - 2014-06-26 15:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-06-26 15:49 - 2014-06-26 15:46 - 00000000 ____D () C:\Program Files (x86)\Google
2014-06-26 15:46 - 2014-06-26 15:46 - 00004100 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-26 15:46 - 2014-06-26 15:46 - 00003848 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-26 15:46 - 2014-06-26 15:45 - 00895120 _____ (Google Inc.) C:\Users\OEM\Downloads\ChromeSetup.exe
2014-06-23 13:04 - 2014-06-23 13:04 - 00057308 _____ () C:\Users\OEM\Downloads\201400235742-BZ.zip
2014-06-22 18:34 - 2009-07-14 19:58 - 00699432 _____ () C:\Windows\system32\perfh007.dat
2014-06-22 18:34 - 2009-07-14 19:58 - 00149572 _____ () C:\Windows\system32\perfc007.dat
2014-06-22 18:34 - 2009-07-14 07:13 - 01620684 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-22 18:33 - 2014-06-22 18:28 - 15089688 _____ (Ross-Tech, LLC) C:\Users\OEM\Downloads\VCDS-Release-12.12.0-Installer.exe
2014-06-21 08:03 - 2014-06-21 08:03 - 00057349 _____ () C:\Users\OEM\Downloads\201400230848-BZ.zip
2014-06-20 14:00 - 2011-02-28 18:35 - 00097432 _____ () C:\Users\OEM\AppData\Local\GDIPFONTCACHEV1.DAT
2014-06-20 13:59 - 2009-07-14 06:45 - 00407824 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-06-20 13:35 - 2014-06-20 13:35 - 00057322 _____ () C:\Users\OEM\Downloads\201400222941-BZ (3).zip
2014-06-20 13:33 - 2014-06-20 13:33 - 00057322 _____ () C:\Users\OEM\Downloads\201400222941-BZ (2).zip
2014-06-20 13:32 - 2014-06-20 13:32 - 00057322 _____ () C:\Users\OEM\Downloads\201400222941-BZ (1).zip
2014-06-20 13:29 - 2013-10-31 15:16 - 00000000 ____D () C:\Users\OEM\AppData\Roaming\TeamViewer
2014-06-20 13:03 - 2014-06-20 13:03 - 00001178 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2014-06-20 13:03 - 2014-06-20 13:03 - 00001166 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk
2014-06-20 13:03 - 2014-06-20 13:03 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2014-06-19 16:16 - 2014-03-23 20:46 - 00000000 ____D () C:\Users\OEM\Desktop\Staudacher
2014-06-18 22:27 - 2014-06-18 22:27 - 00065342 _____ () C:\Users\OEM\Downloads\Shortcut.txt
2014-06-18 22:27 - 2014-06-18 12:33 - 00024710 _____ () C:\Users\OEM\Downloads\Addition.txt
2014-06-18 21:58 - 2014-06-18 21:57 - 04748896 _____ (Piriform Ltd) C:\Users\OEM\Downloads\ccsetup414 (3).exe
2014-06-18 21:57 - 2014-06-18 21:56 - 04748896 _____ (Piriform Ltd) C:\Users\OEM\Downloads\ccsetup414 (2).exe
2014-06-18 19:39 - 2014-06-18 19:39 - 00001200 _____ () C:\Windows\system32\cc_20140618_193916.reg
2014-06-18 19:38 - 2014-06-18 19:38 - 00031986 _____ () C:\Windows\system32\cc_20140618_193854.reg
2014-06-18 14:33 - 2014-06-16 21:49 - 00000000 ____D () C:\Program Files\Unlocker
2014-06-18 13:03 - 2009-07-14 05:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-06-18 12:40 - 2014-06-18 12:39 - 00854367 _____ () C:\Users\OEM\Downloads\SecurityCheck (1).exe
2014-06-18 12:39 - 2014-06-18 12:38 - 00854367 _____ () C:\Users\OEM\Downloads\SecurityCheck.exe
2014-06-17 16:59 - 2014-06-15 12:28 - 00000000 ____D () C:\Windows\System32\Tasks\Browser Updater
2014-06-17 16:52 - 2012-12-27 20:24 - 00000000 ____D () C:\ProgramData\boost_interprocess
2014-06-17 16:51 - 2014-06-17 16:51 - 00000000 ____D () C:\Windows\ERUNT
2014-06-17 16:50 - 2014-06-17 16:50 - 01016261 _____ (Thisisu) C:\Users\OEM\Downloads\JRT_6.1.4.exe
2014-06-17 16:50 - 2014-06-17 16:49 - 01333465 _____ () C:\Users\OEM\Downloads\adwcleaner_3.212.exe
2014-06-17 12:38 - 2014-06-17 12:38 - 00001106 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-06-17 12:38 - 2014-06-17 12:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-06-17 12:38 - 2014-06-17 12:38 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-06-17 12:38 - 2013-10-28 19:44 - 00000000 ____D () C:\Users\OEM\AppData\Roaming\Malwarebytes
2014-06-17 12:38 - 2013-10-28 19:44 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-17 12:34 - 2014-06-17 12:34 - 02347384 _____ (ESET) C:\Users\OEM\Downloads\esetsmartinstaller_deu.exe
2014-06-17 12:33 - 2014-06-17 12:32 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\OEM\Downloads\mbam-setup-2.0.2.1012 (1).exe
2014-06-17 11:46 - 2014-06-17 11:46 - 00057322 _____ () C:\Users\OEM\Downloads\201400222941-BZ.zip
2014-06-16 21:54 - 2014-06-15 12:22 - 00000000 ____D () C:\Users\Administrator
2014-06-16 21:50 - 2014-06-16 21:50 - 01078591 _____ () C:\Users\OEM\Downloads\Unlocker1.9.2 (1).exe
2014-06-16 21:49 - 2014-06-16 21:49 - 00000000 ____D () C:\Users\OEM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
2014-06-16 21:49 - 2014-06-16 21:48 - 01078591 _____ () C:\Users\OEM\Downloads\Unlocker1.9.2.exe
2014-06-16 20:20 - 2014-06-16 20:19 - 04748896 _____ (Piriform Ltd) C:\Users\OEM\Downloads\ccsetup414 (1).exe
2014-06-16 20:19 - 2014-06-16 20:18 - 04748896 _____ (Piriform Ltd) C:\Users\OEM\Downloads\ccsetup414.exe
2014-06-16 16:24 - 2014-06-16 16:24 - 00057357 _____ () C:\Users\OEM\Downloads\201400220464-BZ.zip
2014-06-16 16:24 - 2014-06-16 16:24 - 00057357 _____ () C:\Users\OEM\Downloads\201400220464-BZ (1).zip
2014-06-15 14:48 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-06-15 13:56 - 2014-01-03 22:18 - 00001409 _____ () C:\Users\OEM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2014-06-15 13:56 - 2011-04-07 09:37 - 00000769 _____ () C:\Users\OEM\Desktop\Internet Explorer.lnk
2014-06-15 13:51 - 2014-06-15 13:51 - 00325586 _____ () C:\Windows\system32\cc_20140615_135103.reg
2014-06-15 13:47 - 2012-11-15 23:36 - 00000000 ____D () C:\Windows\Minidump
2014-06-15 13:47 - 2011-02-28 18:10 - 00000000 ____D () C:\Windows\Panther
2014-06-15 13:46 - 2014-06-15 12:37 - 00001914 _____ () C:\Windows\SysWOW64\${LOGFILE}
2014-06-15 13:16 - 2014-06-15 12:22 - 00000000 ____D () C:\ProgramData\28e74f1e72de16b9
2014-06-15 12:22 - 2014-06-15 12:22 - 00000000 ____D () C:\Users\OEM\AppData\Local\Packages
2014-06-15 12:22 - 2014-06-15 12:22 - 00000000 ____D () C:\Users\OEM\AppData\Local\Comodo
2014-06-15 12:22 - 2014-06-15 12:22 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-06-15 12:22 - 2014-06-15 12:22 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-06-15 12:22 - 2014-06-15 12:22 - 00000000 ____D () C:\Users\HomeGroupUser$
2014-06-15 12:22 - 2014-06-15 12:22 - 00000000 ____D () C:\Users\Gast\AppData\Local\Google
2014-06-15 12:22 - 2014-06-15 12:22 - 00000000 ____D () C:\Users\Gast\AppData\Local\Comodo
2014-06-15 12:22 - 2014-06-15 12:22 - 00000000 ____D () C:\Users\Gast
2014-06-15 12:22 - 2014-06-15 12:22 - 00000000 _____ () C:\Windows\SysWOW64\Number of results
2014-06-15 12:22 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-06-15 12:16 - 2014-06-15 12:16 - 00003158 _____ () C:\Windows\System32\Tasks\{15DD6F64-0DA6-4526-94EA-D06CF858DF2C}
2014-06-15 11:55 - 2014-06-15 11:55 - 00013048 _____ () C:\Users\OEM\AppData\Roaming\Bubble Dock.installation.log
2014-06-15 11:03 - 2014-06-15 11:03 - 00212992 _____ () C:\Users\OEM\Downloads\Autoveicoli_GA_OUT (2).xls
2014-06-15 11:03 - 2014-06-15 11:03 - 00212992 _____ () C:\Users\OEM\Downloads\Autoveicoli_GA_OUT (1).xls
2014-06-15 11:01 - 2014-06-15 11:01 - 00763904 _____ () C:\Users\OEM\Downloads\Fringe_benefit_2013.xls
2014-06-15 08:28 - 2009-07-14 07:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-06-14 09:34 - 2014-06-14 09:34 - 00057346 _____ () C:\Users\OEM\Downloads\201400216562-BZ.zip
2014-06-13 07:40 - 2014-05-06 22:33 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-06-12 23:26 - 2013-08-15 11:41 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-12 23:24 - 2011-04-06 18:56 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-06-12 21:30 - 2014-06-12 21:30 - 00195005 _____ () C:\Users\OEM\Downloads\Newsletter n.20 del 12-06-2014.pdf.zip
2014-06-12 14:26 - 2011-04-07 09:38 - 00000000 ____D () C:\Users\OEM\Desktop\NeuhofWerbung
2014-06-12 14:26 - 2011-02-28 18:16 - 00000000 ____D () C:\Users\OEM\AppData\Local\VirtualStore
2014-06-12 14:25 - 2013-08-26 19:18 - 00001829 _____ () C:\Users\OEM\Sti_Trace.log
2014-06-11 08:50 - 2014-06-11 08:50 - 00057325 _____ () C:\Users\OEM\Downloads\201400211881-BZ.zip
2014-06-10 09:28 - 2014-06-10 09:28 - 00057323 _____ () C:\Users\OEM\Downloads\201400209914-BZ.zip
2014-06-10 09:28 - 2014-06-10 09:28 - 00057323 _____ () C:\Users\OEM\Downloads\201400209914-BZ (1).zip
2014-06-09 14:18 - 2012-01-11 19:47 - 00000000 ___RD () C:\Users\OEM\Desktop\Alpenstadt
2014-06-09 11:19 - 2014-06-09 11:19 - 00057348 _____ () C:\Users\OEM\Downloads\201400207640-BZ.zip
2014-06-08 11:13 - 2014-06-12 16:40 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-08 11:12 - 2014-06-08 11:12 - 00057347 _____ () C:\Users\OEM\Downloads\201400205382-BZ (7).zip
2014-06-08 11:08 - 2014-06-12 16:40 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-08 10:50 - 2014-06-08 10:50 - 00057347 _____ () C:\Users\OEM\Downloads\201400205382-BZ (6).zip
2014-06-08 08:54 - 2014-06-08 08:54 - 00057347 _____ () C:\Users\OEM\Downloads\201400205382-BZ (5).zip
2014-06-08 08:53 - 2014-06-08 08:53 - 00057347 _____ () C:\Users\OEM\Downloads\201400205382-BZ (4).zip
2014-06-08 08:52 - 2014-06-08 08:52 - 00057347 _____ () C:\Users\OEM\Downloads\201400205382-BZ (3).zip
2014-06-08 08:52 - 2014-06-08 08:52 - 00057347 _____ () C:\Users\OEM\Downloads\201400205382-BZ (2).zip
2014-06-08 08:52 - 2014-06-08 08:52 - 00057347 _____ () C:\Users\OEM\Downloads\201400205382-BZ (1).zip
2014-06-08 08:52 - 2014-06-08 08:51 - 00057347 _____ () C:\Users\OEM\Downloads\201400205382-BZ.zip
2014-06-03 19:06 - 2014-06-03 19:06 - 00000125 _____ () C:\Users\OEM\Downloads\unbenannt (5).txt
2014-06-03 07:21 - 2012-01-22 14:32 - 00000000 ____D () C:\ProgramData\Skype
2014-06-02 11:05 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-06-01 15:45 - 2014-06-01 15:45 - 00057363 _____ () C:\Users\OEM\Downloads\201400194619-BZ.zip

Some content of TEMP:
====================
C:\Users\OEM\AppData\Local\Temp\Quarantine.exe
C:\Users\OEM\AppData\Local\Temp\RSPUpgradeInstaller.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-06-30 19:39

==================== End Of Log ============================

--- --- ---

--- --- ---

--- --- ---

Gmer.txt

GMER Logfile:

Code:

ATTFilter

GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-07-01 11:30:57
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 WDC_WD5000AAKX-001CA0 rev.15.01H15 465,76GB
Running: ifvsp3vm.exe; Driver: C:\Users\OEM\AppData\Local\Temp\uwldapow.sys


---- Threads - GMER 2.1 ----

Thread  C:\Windows\System32\svchost.exe [304:1184]                                                       000007fefa37331c
Thread  C:\Windows\System32\svchost.exe [304:2936]                                                       000007fef4df20c0
Thread  C:\Windows\System32\svchost.exe [304:3028]                                                       000007fef4df26a8
Thread  C:\Windows\System32\svchost.exe [304:1364]                                                       000007fef4df29dc
Thread  C:\Windows\System32\svchost.exe [304:1368]                                                       000007fef4df29dc
Thread  C:\Windows\System32\svchost.exe [304:3880]                                                       000007fef80f44e0
Thread  C:\Windows\System32\svchost.exe [304:3988]                                                       000007fef95888f8
Thread  C:\Windows\System32\svchost.exe [304:4760]                                                       000007feff53c608
Thread  C:\Windows\System32\svchost.exe [304:4764]                                                       000007feff53c608
Thread  C:\Windows\System32\svchost.exe [304:4768]                                                       000007feff53c608
Thread  C:\Windows\System32\svchost.exe [304:4772]                                                       000007feff53c608
Thread  C:\Windows\System32\svchost.exe [304:4776]                                                       000007feff53c608
Thread  C:\Windows\System32\svchost.exe [304:2796]                                                       000007fef1a83efc
Thread  C:\Windows\System32\svchost.exe [304:3184]                                                       000007fef1ac8a4c
Thread  C:\Windows\system32\svchost.exe [396:4684]                                                       000007fef1e6d3c8
Thread  C:\Windows\system32\svchost.exe [396:4688]                                                       000007fef1e6d3c8
Thread  C:\Windows\system32\svchost.exe [396:4692]                                                       000007fef1e6d3c8
Thread  C:\Windows\system32\svchost.exe [396:4696]                                                       000007fef1e6d3c8
Thread  C:\Windows\system32\svchost.exe [328:1416]                                                       000007fef9c61a50
Thread  C:\Windows\system32\svchost.exe [328:4028]                                                       000007fef28384d8
Thread  C:\Windows\system32\svchost.exe [328:156]                                                        000007fef27f23a8
Thread  C:\Windows\system32\svchost.exe [328:3580]                                                       000007fef3030d00
Thread  C:\Windows\system32\svchost.exe [328:3888]                                                       000007fef26b9498
Thread  C:\Windows\system32\svchost.exe [328:3076]                                                       000007fefbb5506c
Thread  C:\Windows\system32\svchost.exe [328:2764]                                                       000007fef62f1c20
Thread  C:\Windows\system32\svchost.exe [328:2776]                                                       000007fef62f1c20
Thread  C:\Windows\system32\svchost.exe [328:1372]                                                       000007fef8a55124
Thread  C:\Windows\system32\svchost.exe [328:2728]                                                       000007fef4bc1ab0
Thread  C:\Windows\system32\svchost.exe [1204:1936]                                                      000007fef953bd88
Thread  C:\Windows\system32\svchost.exe [1204:3928]                                                      000007fef30983d8
Thread  C:\Windows\system32\svchost.exe [1204:3932]                                                      000007fef30983d8
Thread  C:\Windows\system32\svchost.exe [1204:3940]                                                      000007fef27b3f1c
Thread  C:\Windows\system32\svchost.exe [1204:3088]                                                      000007fef30022b8
Thread  C:\Windows\system32\svchost.exe [1204:4092]                                                      000007fef3001a38
Thread  C:\Windows\system32\svchost.exe [1204:212]                                                       000007fef2715388
Thread  C:\Windows\system32\svchost.exe [1204:204]                                                       000007fef26f7738
Thread  C:\Windows\system32\svchost.exe [1204:208]                                                       000007fef26e1f90
Thread  C:\Windows\system32\svchost.exe [1204:4204]                                                      000007fef2875170
Thread  C:\Windows\system32\svchost.exe [1204:4464]                                                      000007fef8a55124
Thread  C:\Windows\System32\spoolsv.exe [1436:2636]                                                      000007fef52810c8
Thread  C:\Windows\System32\spoolsv.exe [1436:2648]                                                      000007fef5246144
Thread  C:\Windows\System32\spoolsv.exe [1436:2672]                                                      000007fef4fb5fd0
Thread  C:\Windows\System32\spoolsv.exe [1436:2676]                                                      000007fef4f93438
Thread  C:\Windows\System32\spoolsv.exe [1436:2680]                                                      000007fef4fb63ec
Thread  C:\Windows\System32\spoolsv.exe [1436:2688]                                                      000007fef6125e5c
Thread  C:\Windows\System32\spoolsv.exe [1436:2692]                                                      000007fef6155074
Thread  C:\Windows\System32\spoolsv.exe [1436:2052]                                                      000007fef61c2288
Thread  C:\Windows\System32\spoolsv.exe [1436:2632]                                                      000007fef60fe088
Thread  C:\Windows\System32\spoolsv.exe [1436:2232]                                                      000007fef60f8230
Thread  C:\Windows\system32\svchost.exe [1464:1844]                                                      000007fef98135c0
Thread  C:\Windows\system32\svchost.exe [1464:2912]                                                      000007fef9815600
Thread  C:\Windows\system32\svchost.exe [1464:3004]                                                      000007fef4a02940
Thread  C:\Windows\system32\svchost.exe [1464:3008]                                                      000007fef49e2888
Thread  C:\Windows\system32\svchost.exe [1464:2860]                                                      000007fef49e2a40
Thread  C:\Windows\system32\taskhost.exe [2324:2384]                                                     000007fef6001f38
Thread  C:\Windows\system32\taskhost.exe [2324:2460]                                                     000007fef5a12740
Thread  C:\Windows\system32\taskhost.exe [2324:2488]                                                     000007fefa681010
Thread  C:\Windows\system32\svchost.exe [4380:920]                                                       000007fef056f130
Thread  C:\Windows\system32\svchost.exe [4380:2628]                                                      000007fef0564734
Thread  C:\Windows\system32\svchost.exe [4380:2836]                                                      000007fef0564734
Thread  C:\Windows\System32\svchost.exe [4748:684]                                                       000007fef2875170

---- Registry - GMER 2.1 ----

Reg     HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\001b10003009                      
Reg     HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\001b10003009@fcc73455c6a9         0x27 0x14 0xF9 0x1C ...
Reg     HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\001b10003009@d857ef5b389d         0x33 0xEC 0x51 0x28 ...
Reg     HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\001b10003009 (not active ControlSet)  
Reg     HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\001b10003009@fcc73455c6a9             0x27 0x14 0xF9 0x1C ...
Reg     HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\001b10003009@d857ef5b389d             0x33 0xEC 0x51 0x28 ...

---- EOF - GMER 2.1 ----

--- --- ---

cosinus · 01.07.2014, 13:19

Zitat:

Running from C:\Users\OEM\Documents\2014_07_01_download_protect_removal\tools

Die Tools wie FRST sollen auf den Desktop gelegt und von da ausgeführt werden, nicht einfach irgendwo hin.
Außerdem vermiss ich die andere Logdatei von FRST => Addition.txt

ntichelper · 01.07.2014, 16:29

Hallo,
Vielen Dank für das Feedback.
Ich habe nun nochmals alles auf dem Desktop ausgeführt und lege die Log-Files hier nochmals alle bei.

die andere Logdatei von FRST => Addition.txt wurde leider nicht erstellt.

Vielen Dank für die Hilfe

Code:

ATTFilter

defogger_disable by jpshortstuff (23.02.10.1)
Log created at 16:53 on 01/07/2014 (OEM)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-

FRST Logfile:

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 29-06-2014
Ran by OEM (administrator) on OEM-PC on 01-07-2014 17:00:10
Running from C:\Users\OEM\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 9
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(AMD) C:\Windows\System32\atieclxx.exe
() C:\Windows\System32\QUTIL64.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_WT50RP.EXE
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Skype Technologies S.A.) C:\C\Programme\Skype\Phone\Skype.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\OFFICE11\WINWORD.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Desktop.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11057768 2010-07-06] (Realtek Semiconductor)
HKLM\...\Run: [AdAwareTray] => C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareTray.exe [7715160 2014-06-03] ()
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [FUFAXRCV] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe [502952 2012-07-09] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [FUFAXSTM] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe [863400 2012-07-09] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1058912 2012-04-02] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [220744 2011-12-16] (Geek Software GmbH)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-04-27] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [InboxMonitor] => "C:\Program Files (x86)\Nuance\PDF Professional 7\InboxMonitor.exe" /run
HKU\S-1-5-21-1422302985-1899904796-1242127876-1000\...\Run: [Skype] => C:\C\Programme\Skype\Phone\Skype.exe [21444224 2014-05-08] (Skype Technologies S.A.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\vpngui.exe.lnk
ShortcutTarget: vpngui.exe.lnk -> C:\Windows\Installer\{5FDC06BF-3D3D-4367-8FFB-4FAFCB61972D}\Icon09DB8A851.exe ()
Startup: C:\Users\OEM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.0.lnk
ShortcutTarget: OpenOffice.org 3.0.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

ProxyServer: http=127.0.0.1:8118;https=127.0.0.1:8118
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKCU - 8D9A5D0AC1F445F0B4735730804E35EE URL = hxxp://dts.search-results.com/sr?src=ieb&gct=ds&appid=110&systemid=102&apn_dtid=BND102&apn_ptnrs=AG7&o=APN10646&apn_uid=8204411260354610&q={searchTerms}
SearchScopes: HKCU - {6CC1B62A-6DFF-4198-B829-4F0C304A1671} URL = hxxp://www.google.de/search?q={searchTerms}&hl=de&gl=de&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
SearchScopes: HKCU - {BAF3C2BB-52DF-48D1-B496-CC19B2CCED73} URL = hxxp://www.google.de/search?q={searchTerms}
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: No Name - {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -  No File
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: No Name - {b31d1ab1-5453-4ed1-97e5-c377f9532024} -  No File
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - No Name - {b31d1ab1-5453-4ed1-97e5-c377f9532024} -  No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} -  No File
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{A55F4236-B909-4382-8495-41190DF1DF95}: [NameServer]8.8.8.8,8.8.4.4

FireFox:
========
FF ProfilePath: C:\Users\OEM\AppData\Roaming\Mozilla\Firefox\Profiles\nc1wdhkw.default
FF Homepage: user_pref("browser.startup.homepage", );
FF NetworkProxy: "type", 1
FF NetworkProxy: "http", "127.0.0.1");user_pref("network.proxy.http_port", 8118);user_pref("network.proxy.ssl", "127.0.0.1");user_pref("network.proxy.ssl_port", 8118
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @Skype Technologies S.A..com/Skype Web Plugin - C:\Program Files (x86)\SkypeWebPlugin\npSkypeWebPlugin64.dll (Skype)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @Skype Technologies S.A..com/Skype Web Plugin - C:\Program Files (x86)\SkypeWebPlugin\npSkypeWebPlugin.dll (Skype)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @TrendMicro.com/FFExtension - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension\components\npToolbarChrome.dll No File
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: geomind.it/DbMap3dFlyer - C:\Program Files (x86)\Abaco\DbMAP 3D Flyer Plugin\npGeoFlyerPlugin.dll (Geomind Srl)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\OEM\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll No File
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\OEM\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll No File
FF user.js: detected! => C:\Users\OEM\AppData\Roaming\Mozilla\Firefox\Profiles\nc1wdhkw.default\user.js
FF HKLM-x32\...\Firefox\Extensions: [{754C09DF-D672-454D-8988-4A0E12D36237}] - C:\Windows\Installer\{27F06CD8-29BD-43E4-9C8E-5B64A18F2319}\{754C09DF-D672-454D-8988-4A0E12D36237}.xpi
FF Extension: Download Protect - C:\Windows\Installer\{27F06CD8-29BD-43E4-9C8E-5B64A18F2319}\{754C09DF-D672-454D-8988-4A0E12D36237}.xpi [2014-07-01]

Chrome: 
=======
CHR Extension: (Google Drive) - C:\Users\OEM\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-07-01]
CHR Extension: (YouTube) - C:\Users\OEM\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-07-01]
CHR Extension: (Google-Suche) - C:\Users\OEM\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-07-01]
CHR Extension: (Download Protect) - C:\Users\OEM\AppData\Local\Google\Chrome\User Data\Default\Extensions\eaneilmmckmcpebnpbpccpbjjgiofplg [2014-07-01]
CHR Extension: (Google Wallet) - C:\Users\OEM\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-07-01]
CHR Extension: (Google Mail) - C:\Users\OEM\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-07-01]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-04-11]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 autochkd; C:\Windows\system32\QUTIL64.exe [106496 2012-09-30] () [File not signed]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390720 2014-04-11] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1764992 2014-04-11] (Microsoft Corporation)
S2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [135824 2011-12-12] (Seiko Epson Corporation)
R2 LavasoftAdAwareService11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareService.exe [706864 2014-06-03] ()
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation)
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation)
S2 SkypeUpdate; C:\C\Programme\Skype\Updater\Updater.exe [172192 2013-10-23] (Skype Technologies)

==================== Drivers (Whitelisted) ====================

R3 CVPNDRVA; C:\Windows\system32\Drivers\CVPNDRVA.sys [306536 2011-03-04] ()
R3 gzflt; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Antimalware Engine\3.0.0.56\gzflt.sys [150256 2014-04-22] (BitDefender LLC)
R3 MODEMCSA; C:\Windows\System32\drivers\MODEMCSA.sys [24064 2009-07-14] (Microsoft Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-16] ()
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)
S3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [389240 2014-04-22] (BitDefender S.R.L.)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()
U2 TMAgent; 

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-07-01 16:57 - 2014-07-01 17:00 - 00016227 _____ () C:\Users\OEM\Desktop\FRST.txt
2014-07-01 16:53 - 2014-07-01 16:53 - 00000468 _____ () C:\Users\OEM\Desktop\defogger_disable.log
2014-07-01 16:51 - 2014-07-01 11:01 - 00050477 _____ () C:\Users\OEM\Desktop\Defogger.exe
2014-07-01 16:47 - 2014-07-01 11:04 - 02083328 _____ (Farbar) C:\Users\OEM\Desktop\FRST64.exe
2014-07-01 12:01 - 2014-07-01 12:02 - 00275464 _____ () C:\Windows\Minidump\070114-17706-01.dmp
2014-07-01 12:01 - 2014-07-01 12:01 - 402891399 _____ () C:\Windows\MEMORY.DMP
2014-07-01 11:02 - 2014-07-01 11:02 - 00000000 _____ () C:\Users\OEM\defogger_reenable
2014-07-01 10:57 - 2014-07-01 10:57 - 00003832 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1404205045
2014-07-01 10:57 - 2014-07-01 10:57 - 00001133 _____ () C:\Users\Public\Desktop\Opera.lnk
2014-07-01 10:57 - 2014-07-01 10:57 - 00001133 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2014-07-01 10:57 - 2014-07-01 10:57 - 00000000 ____D () C:\Users\OEM\AppData\Roaming\Opera Software
2014-07-01 10:57 - 2014-07-01 10:57 - 00000000 ____D () C:\Users\OEM\AppData\Local\Opera Software
2014-07-01 10:57 - 2014-07-01 10:57 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-07-01 10:52 - 2014-07-01 10:54 - 27641968 _____ (Opera Software ASA) C:\Users\OEM\Downloads\Opera_22.0.1471.70_Setup.exe
2014-07-01 10:21 - 2014-07-01 10:21 - 00000000 ____D () C:\Users\OEM\AppData\Local\Google
2014-07-01 09:46 - 2014-07-01 09:46 - 00000302 _____ () C:\Windows\PFRO.log
2014-07-01 09:12 - 2014-07-01 11:31 - 00000000 ____D () C:\Users\OEM\Documents\2014_07_01_download_protect_removal
2014-07-01 09:03 - 2014-07-01 09:52 - 00000000 ____D () C:\Users\OEM\Downloads\FRST-OlderVersion
2014-07-01 09:03 - 2014-07-01 09:06 - 00052417 _____ () C:\Users\OEM\Downloads\FRST.txt
2014-06-30 12:10 - 2014-06-30 12:10 - 00057328 _____ () C:\Users\OEM\Downloads\201400249228-BZ.zip
2014-06-30 12:10 - 2014-06-30 12:10 - 00057328 _____ () C:\Users\OEM\Downloads\201400249228-BZ (1).zip
2014-06-30 07:39 - 2014-07-01 12:02 - 00000280 _____ () C:\Windows\setupact.log
2014-06-30 07:39 - 2014-06-30 07:39 - 00000000 _____ () C:\Windows\setuperr.log
2014-06-29 16:06 - 2014-06-29 16:06 - 04814144 _____ (Piriform Ltd) C:\Users\OEM\Downloads\ccsetup415pro.exe
2014-06-29 15:37 - 2014-06-29 15:37 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\OEM\Downloads\SpyHunter-Installer.exe
2014-06-26 16:59 - 2014-06-26 16:59 - 00000000 ____D () C:\Users\OEM\AppData\Roaming\LavasoftStatistics
2014-06-26 16:59 - 2014-06-26 16:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ad-Aware Antivirus
2014-06-26 16:44 - 2014-06-26 16:44 - 00000000 ____D () C:\Program Files\Lavasoft
2014-06-26 16:42 - 2014-06-26 16:42 - 00000000 ____D () C:\Users\OEM\AppData\Roaming\Lavasoft
2014-06-26 16:41 - 2014-06-26 16:41 - 00000000 ____D () C:\Program Files\Common Files\Lavasoft
2014-06-26 16:40 - 2014-06-26 16:40 - 01707144 _____ () C:\Users\OEM\Downloads\Adaware112_Installer.exe
2014-06-26 16:40 - 2014-06-26 16:40 - 00000000 ____D () C:\ProgramData\Lavasoft
2014-06-26 15:49 - 2014-06-26 15:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-06-26 15:46 - 2014-07-01 16:51 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-26 15:46 - 2014-07-01 16:09 - 00001100 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-26 15:46 - 2014-06-26 15:49 - 00000000 ____D () C:\Program Files (x86)\Google
2014-06-26 15:46 - 2014-06-26 15:46 - 00004100 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-26 15:46 - 2014-06-26 15:46 - 00003848 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-26 15:45 - 2014-06-26 15:46 - 00895120 _____ (Google Inc.) C:\Users\OEM\Downloads\ChromeSetup.exe
2014-06-23 13:04 - 2014-06-23 13:04 - 00057308 _____ () C:\Users\OEM\Downloads\201400235742-BZ.zip
2014-06-22 18:28 - 2014-06-22 18:33 - 15089688 _____ (Ross-Tech, LLC) C:\Users\OEM\Downloads\VCDS-Release-12.12.0-Installer.exe
2014-06-21 08:03 - 2014-06-21 08:03 - 00057349 _____ () C:\Users\OEM\Downloads\201400230848-BZ.zip
2014-06-20 13:35 - 2014-06-20 13:35 - 00057322 _____ () C:\Users\OEM\Downloads\201400222941-BZ (3).zip
2014-06-20 13:33 - 2014-06-20 13:33 - 00057322 _____ () C:\Users\OEM\Downloads\201400222941-BZ (2).zip
2014-06-20 13:32 - 2014-06-20 13:32 - 00057322 _____ () C:\Users\OEM\Downloads\201400222941-BZ (1).zip
2014-06-20 13:03 - 2014-06-20 13:03 - 00001178 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2014-06-20 13:03 - 2014-06-20 13:03 - 00001166 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk
2014-06-20 13:03 - 2014-06-20 13:03 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2014-06-18 22:27 - 2014-06-18 22:27 - 00065342 _____ () C:\Users\OEM\Downloads\Shortcut.txt
2014-06-18 21:57 - 2014-06-18 21:58 - 04748896 _____ (Piriform Ltd) C:\Users\OEM\Downloads\ccsetup414 (3).exe
2014-06-18 21:56 - 2014-06-18 21:57 - 04748896 _____ (Piriform Ltd) C:\Users\OEM\Downloads\ccsetup414 (2).exe
2014-06-18 19:39 - 2014-06-18 19:39 - 00001200 _____ () C:\Windows\system32\cc_20140618_193916.reg
2014-06-18 19:38 - 2014-06-18 19:38 - 00031986 _____ () C:\Windows\system32\cc_20140618_193854.reg
2014-06-18 12:39 - 2014-06-18 12:40 - 00854367 _____ () C:\Users\OEM\Downloads\SecurityCheck (1).exe
2014-06-18 12:38 - 2014-06-18 12:39 - 00854367 _____ () C:\Users\OEM\Downloads\SecurityCheck.exe
2014-06-18 12:33 - 2014-06-18 22:27 - 00024710 _____ () C:\Users\OEM\Downloads\Addition.txt
2014-06-18 12:30 - 2014-07-01 17:00 - 00000000 ____D () C:\FRST
2014-06-18 12:28 - 2014-07-01 09:03 - 02083328 _____ (Farbar) C:\Users\OEM\Downloads\FRST64.exe
2014-06-17 16:51 - 2014-06-17 16:51 - 00000000 ____D () C:\Windows\ERUNT
2014-06-17 16:51 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-06-17 16:50 - 2014-07-01 09:43 - 00000000 ____D () C:\AdwCleaner
2014-06-17 16:50 - 2014-06-17 16:50 - 01016261 _____ (Thisisu) C:\Users\OEM\Downloads\JRT_6.1.4.exe
2014-06-17 16:49 - 2014-06-17 16:50 - 01333465 _____ () C:\Users\OEM\Downloads\adwcleaner_3.212.exe
2014-06-17 12:39 - 2014-06-29 13:07 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-17 12:38 - 2014-06-17 12:38 - 00001106 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-06-17 12:38 - 2014-06-17 12:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-06-17 12:38 - 2014-06-17 12:38 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-06-17 12:38 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-06-17 12:38 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-06-17 12:34 - 2014-06-17 12:34 - 02347384 _____ (ESET) C:\Users\OEM\Downloads\esetsmartinstaller_deu.exe
2014-06-17 12:32 - 2014-06-17 12:33 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\OEM\Downloads\mbam-setup-2.0.2.1012 (1).exe
2014-06-17 11:46 - 2014-06-17 11:46 - 00057322 _____ () C:\Users\OEM\Downloads\201400222941-BZ.zip
2014-06-16 21:50 - 2014-06-16 21:50 - 01078591 _____ () C:\Users\OEM\Downloads\Unlocker1.9.2 (1).exe
2014-06-16 21:49 - 2014-06-18 14:33 - 00000000 ____D () C:\Program Files\Unlocker
2014-06-16 21:49 - 2014-06-16 21:49 - 00000000 ____D () C:\Users\OEM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
2014-06-16 21:48 - 2014-06-16 21:49 - 01078591 _____ () C:\Users\OEM\Downloads\Unlocker1.9.2.exe
2014-06-16 20:19 - 2014-06-16 20:20 - 04748896 _____ (Piriform Ltd) C:\Users\OEM\Downloads\ccsetup414 (1).exe
2014-06-16 20:18 - 2014-06-16 20:19 - 04748896 _____ (Piriform Ltd) C:\Users\OEM\Downloads\ccsetup414.exe
2014-06-16 16:24 - 2014-06-16 16:24 - 00057357 _____ () C:\Users\OEM\Downloads\201400220464-BZ.zip
2014-06-16 16:24 - 2014-06-16 16:24 - 00057357 _____ () C:\Users\OEM\Downloads\201400220464-BZ (1).zip
2014-06-15 13:51 - 2014-06-15 13:51 - 00325586 _____ () C:\Windows\system32\cc_20140615_135103.reg
2014-06-15 12:37 - 2014-06-15 13:46 - 00001914 _____ () C:\Windows\SysWOW64\${LOGFILE}
2014-06-15 12:28 - 2014-06-17 16:59 - 00000000 ____D () C:\Windows\System32\Tasks\Browser Updater
2014-06-15 12:22 - 2014-06-16 21:54 - 00000000 ____D () C:\Users\Administrator
2014-06-15 12:22 - 2014-06-15 13:16 - 00000000 ____D () C:\ProgramData\28e74f1e72de16b9
2014-06-15 12:22 - 2014-06-15 12:22 - 00000000 ____D () C:\Users\OEM\AppData\Local\Packages
2014-06-15 12:22 - 2014-06-15 12:22 - 00000000 ____D () C:\Users\OEM\AppData\Local\Comodo
2014-06-15 12:22 - 2014-06-15 12:22 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-06-15 12:22 - 2014-06-15 12:22 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-06-15 12:22 - 2014-06-15 12:22 - 00000000 ____D () C:\Users\HomeGroupUser$
2014-06-15 12:22 - 2014-06-15 12:22 - 00000000 ____D () C:\Users\Gast\AppData\Local\Google
2014-06-15 12:22 - 2014-06-15 12:22 - 00000000 ____D () C:\Users\Gast\AppData\Local\Comodo
2014-06-15 12:22 - 2014-06-15 12:22 - 00000000 ____D () C:\Users\Gast
2014-06-15 12:22 - 2014-06-15 12:22 - 00000000 _____ () C:\Windows\SysWOW64\Number of results
2014-06-15 12:19 - 2014-04-09 07:55 - 00034376 _____ () C:\Windows\Launcher.exe
2014-06-15 12:16 - 2014-06-15 12:16 - 00003158 _____ () C:\Windows\System32\Tasks\{15DD6F64-0DA6-4526-94EA-D06CF858DF2C}
2014-06-15 11:55 - 2014-06-15 11:55 - 00013048 _____ () C:\Users\OEM\AppData\Roaming\Bubble Dock.installation.log
2014-06-15 11:03 - 2014-06-15 11:03 - 00212992 _____ () C:\Users\OEM\Downloads\Autoveicoli_GA_OUT (2).xls
2014-06-15 11:03 - 2014-06-15 11:03 - 00212992 _____ () C:\Users\OEM\Downloads\Autoveicoli_GA_OUT (1).xls
2014-06-15 11:01 - 2014-06-15 11:01 - 00763904 _____ () C:\Users\OEM\Downloads\Fringe_benefit_2013.xls
2014-06-14 09:34 - 2014-06-14 09:34 - 00057346 _____ () C:\Users\OEM\Downloads\201400216562-BZ.zip
2014-06-12 21:30 - 2014-06-12 21:30 - 00195005 _____ () C:\Users\OEM\Downloads\Newsletter n.20 del 12-06-2014.pdf.zip
2014-06-12 16:40 - 2014-06-08 11:13 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-12 16:40 - 2014-06-08 11:08 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-12 16:40 - 2014-05-28 20:53 - 17857536 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-12 16:40 - 2014-05-28 20:37 - 02338816 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-12 16:40 - 2014-05-28 20:35 - 10890240 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-12 16:40 - 2014-05-28 20:31 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-12 16:40 - 2014-05-28 20:31 - 01348608 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-12 16:40 - 2014-05-28 20:30 - 01494016 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-12 16:40 - 2014-05-28 20:30 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-06-12 16:40 - 2014-05-28 20:29 - 02148352 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-12 16:40 - 2014-05-28 20:29 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-06-12 16:40 - 2014-05-28 20:29 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-12 16:40 - 2014-05-28 20:29 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-12 16:40 - 2014-05-28 20:29 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-12 16:40 - 2014-05-28 20:29 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-12 16:40 - 2014-05-28 20:28 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-12 16:40 - 2014-05-28 20:28 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-12 16:40 - 2014-05-28 20:28 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-12 16:40 - 2014-05-28 20:28 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-12 16:40 - 2014-05-28 20:28 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-06-12 16:40 - 2014-05-28 20:28 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-06-12 16:40 - 2014-05-28 20:28 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-06-12 16:40 - 2014-05-28 20:27 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-12 16:40 - 2014-05-28 18:48 - 12356608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-12 16:40 - 2014-05-28 18:39 - 01810432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-12 16:40 - 2014-05-28 18:38 - 09711104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-12 16:40 - 2014-05-28 18:33 - 01106432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-12 16:40 - 2014-05-28 18:32 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-12 16:40 - 2014-05-28 18:32 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-12 16:40 - 2014-05-28 18:31 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-06-12 16:40 - 2014-05-28 18:31 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-12 16:40 - 2014-05-28 18:30 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-12 16:40 - 2014-05-28 18:30 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-06-12 16:40 - 2014-05-28 18:30 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-12 16:40 - 2014-05-28 18:30 - 00421376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-06-12 16:40 - 2014-05-28 18:30 - 00353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-12 16:40 - 2014-05-28 18:30 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-06-12 16:40 - 2014-05-28 18:30 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-06-12 16:40 - 2014-05-28 18:29 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-12 16:40 - 2014-05-28 18:29 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-12 16:40 - 2014-05-28 18:29 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-12 16:40 - 2014-05-28 18:29 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-06-12 16:40 - 2014-05-28 18:29 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-06-12 16:40 - 2014-05-28 18:28 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-06-12 16:40 - 2014-04-25 04:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-06-12 16:40 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-06-12 16:40 - 2014-04-05 04:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-12 16:40 - 2014-04-05 04:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-06-12 16:40 - 2014-03-26 16:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-06-12 16:40 - 2014-03-26 16:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-06-12 16:40 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-06-12 16:40 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-06-12 16:40 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-06-12 16:40 - 2014-03-26 16:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-06-12 16:40 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2014-06-12 16:40 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-06-11 08:50 - 2014-06-11 08:50 - 00057325 _____ () C:\Users\OEM\Downloads\201400211881-BZ.zip
2014-06-10 09:28 - 2014-06-10 09:28 - 00057323 _____ () C:\Users\OEM\Downloads\201400209914-BZ.zip
2014-06-10 09:28 - 2014-06-10 09:28 - 00057323 _____ () C:\Users\OEM\Downloads\201400209914-BZ (1).zip
2014-06-09 11:19 - 2014-06-09 11:19 - 00057348 _____ () C:\Users\OEM\Downloads\201400207640-BZ.zip
2014-06-08 11:12 - 2014-06-08 11:12 - 00057347 _____ () C:\Users\OEM\Downloads\201400205382-BZ (7).zip
2014-06-08 10:50 - 2014-06-08 10:50 - 00057347 _____ () C:\Users\OEM\Downloads\201400205382-BZ (6).zip
2014-06-08 08:54 - 2014-06-08 08:54 - 00057347 _____ () C:\Users\OEM\Downloads\201400205382-BZ (5).zip
2014-06-08 08:53 - 2014-06-08 08:53 - 00057347 _____ () C:\Users\OEM\Downloads\201400205382-BZ (4).zip
2014-06-08 08:52 - 2014-06-08 08:52 - 00057347 _____ () C:\Users\OEM\Downloads\201400205382-BZ (3).zip
2014-06-08 08:52 - 2014-06-08 08:52 - 00057347 _____ () C:\Users\OEM\Downloads\201400205382-BZ (2).zip
2014-06-08 08:52 - 2014-06-08 08:52 - 00057347 _____ () C:\Users\OEM\Downloads\201400205382-BZ (1).zip
2014-06-08 08:51 - 2014-06-08 08:52 - 00057347 _____ () C:\Users\OEM\Downloads\201400205382-BZ.zip
2014-06-03 19:06 - 2014-06-03 19:06 - 00000125 _____ () C:\Users\OEM\Downloads\unbenannt (5).txt
2014-06-01 15:45 - 2014-06-01 15:45 - 00057363 _____ () C:\Users\OEM\Downloads\201400194619-BZ.zip

==================== One Month Modified Files and Folders =======

2014-07-01 17:00 - 2014-07-01 16:57 - 00016227 _____ () C:\Users\OEM\Desktop\FRST.txt
2014-07-01 17:00 - 2014-06-18 12:30 - 00000000 ____D () C:\FRST
2014-07-01 16:59 - 2011-08-22 20:31 - 00000000 ____D () C:\Users\OEM\AppData\Roaming\Skype
2014-07-01 16:53 - 2014-07-01 16:53 - 00000468 _____ () C:\Users\OEM\Desktop\defogger_disable.log
2014-07-01 16:51 - 2014-06-26 15:46 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-01 16:44 - 2013-10-25 19:28 - 01968521 _____ () C:\Windows\WindowsUpdate.log
2014-07-01 16:44 - 2012-12-23 15:13 - 00001112 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1422302985-1899904796-1242127876-1000UA.job
2014-07-01 16:44 - 2012-08-05 18:15 - 00000000 _____ () C:\Windows\system32\Drivers\lvuvc.hs
2014-07-01 16:18 - 2012-04-13 15:44 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-01 16:09 - 2014-06-26 15:46 - 00001100 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-01 12:32 - 2009-07-14 06:45 - 00015152 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-01 12:32 - 2009-07-14 06:45 - 00015152 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-01 12:02 - 2014-07-01 12:01 - 00275464 _____ () C:\Windows\Minidump\070114-17706-01.dmp
2014-07-01 12:02 - 2014-06-30 07:39 - 00000280 _____ () C:\Windows\setupact.log
2014-07-01 12:02 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-01 12:01 - 2014-07-01 12:01 - 402891399 _____ () C:\Windows\MEMORY.DMP
2014-07-01 12:01 - 2012-11-15 23:36 - 00000000 ____D () C:\Windows\Minidump
2014-07-01 11:31 - 2014-07-01 09:12 - 00000000 ____D () C:\Users\OEM\Documents\2014_07_01_download_protect_removal
2014-07-01 11:04 - 2014-07-01 16:47 - 02083328 _____ (Farbar) C:\Users\OEM\Desktop\FRST64.exe
2014-07-01 11:02 - 2014-07-01 11:02 - 00000000 _____ () C:\Users\OEM\defogger_reenable
2014-07-01 11:02 - 2011-02-28 18:16 - 00000000 ____D () C:\Users\OEM
2014-07-01 11:01 - 2014-07-01 16:51 - 00050477 _____ () C:\Users\OEM\Desktop\Defogger.exe
2014-07-01 10:57 - 2014-07-01 10:57 - 00003832 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1404205045
2014-07-01 10:57 - 2014-07-01 10:57 - 00001133 _____ () C:\Users\Public\Desktop\Opera.lnk
2014-07-01 10:57 - 2014-07-01 10:57 - 00001133 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2014-07-01 10:57 - 2014-07-01 10:57 - 00000000 ____D () C:\Users\OEM\AppData\Roaming\Opera Software
2014-07-01 10:57 - 2014-07-01 10:57 - 00000000 ____D () C:\Users\OEM\AppData\Local\Opera Software
2014-07-01 10:57 - 2014-07-01 10:57 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-07-01 10:54 - 2014-07-01 10:52 - 27641968 _____ (Opera Software ASA) C:\Users\OEM\Downloads\Opera_22.0.1471.70_Setup.exe
2014-07-01 10:21 - 2014-07-01 10:21 - 00000000 ____D () C:\Users\OEM\AppData\Local\Google
2014-07-01 10:21 - 2012-12-23 15:16 - 00002251 _____ () C:\Users\OEM\Desktop\Google Chrome.lnk
2014-07-01 09:52 - 2014-07-01 09:03 - 00000000 ____D () C:\Users\OEM\Downloads\FRST-OlderVersion
2014-07-01 09:48 - 2012-12-22 23:11 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-07-01 09:46 - 2014-07-01 09:46 - 00000302 _____ () C:\Windows\PFRO.log
2014-07-01 09:43 - 2014-06-17 16:50 - 00000000 ____D () C:\AdwCleaner
2014-07-01 09:23 - 2013-09-29 20:48 - 00000000 ____D () C:\ProgramData\DivX
2014-07-01 09:06 - 2014-07-01 09:03 - 00052417 _____ () C:\Users\OEM\Downloads\FRST.txt
2014-07-01 09:03 - 2014-06-18 12:28 - 02083328 _____ (Farbar) C:\Users\OEM\Downloads\FRST64.exe
2014-07-01 08:57 - 2011-06-24 19:22 - 00003914 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{78DBB7A4-C6CC-4259-8C64-E43675B223EE}
2014-07-01 08:21 - 2012-12-23 15:13 - 00001060 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1422302985-1899904796-1242127876-1000Core.job
2014-06-30 12:10 - 2014-06-30 12:10 - 00057328 _____ () C:\Users\OEM\Downloads\201400249228-BZ.zip
2014-06-30 12:10 - 2014-06-30 12:10 - 00057328 _____ () C:\Users\OEM\Downloads\201400249228-BZ (1).zip
2014-06-30 07:39 - 2014-06-30 07:39 - 00000000 _____ () C:\Windows\setuperr.log
2014-06-29 21:59 - 2011-08-03 14:55 - 02084352 ___SH () C:\Users\OEM\Desktop\Thumbs.db
2014-06-29 16:24 - 2012-09-27 22:45 - 00000000 ____D () C:\Windows\pss
2014-06-29 16:06 - 2014-06-29 16:06 - 04814144 _____ (Piriform Ltd) C:\Users\OEM\Downloads\ccsetup415pro.exe
2014-06-29 15:37 - 2014-06-29 15:37 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\OEM\Downloads\SpyHunter-Installer.exe
2014-06-29 13:07 - 2014-06-17 12:39 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-27 17:23 - 2011-04-07 09:44 - 00000000 ___RD () C:\Users\OEM\Documents\Anfrage
2014-06-27 12:41 - 2013-01-13 18:18 - 00977920 ___SH () C:\Users\OEM\Downloads\Thumbs.db
2014-06-26 16:59 - 2014-06-26 16:59 - 00000000 ____D () C:\Users\OEM\AppData\Roaming\LavasoftStatistics
2014-06-26 16:59 - 2014-06-26 16:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ad-Aware Antivirus
2014-06-26 16:44 - 2014-06-26 16:44 - 00000000 ____D () C:\Program Files\Lavasoft
2014-06-26 16:42 - 2014-06-26 16:42 - 00000000 ____D () C:\Users\OEM\AppData\Roaming\Lavasoft
2014-06-26 16:41 - 2014-06-26 16:41 - 00000000 ____D () C:\Program Files\Common Files\Lavasoft
2014-06-26 16:40 - 2014-06-26 16:40 - 01707144 _____ () C:\Users\OEM\Downloads\Adaware112_Installer.exe
2014-06-26 16:40 - 2014-06-26 16:40 - 00000000 ____D () C:\ProgramData\Lavasoft
2014-06-26 15:49 - 2014-06-26 15:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-06-26 15:49 - 2014-06-26 15:46 - 00000000 ____D () C:\Program Files (x86)\Google
2014-06-26 15:46 - 2014-06-26 15:46 - 00004100 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-26 15:46 - 2014-06-26 15:46 - 00003848 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-26 15:46 - 2014-06-26 15:45 - 00895120 _____ (Google Inc.) C:\Users\OEM\Downloads\ChromeSetup.exe
2014-06-23 13:04 - 2014-06-23 13:04 - 00057308 _____ () C:\Users\OEM\Downloads\201400235742-BZ.zip
2014-06-22 18:34 - 2009-07-14 19:58 - 00699432 _____ () C:\Windows\system32\perfh007.dat
2014-06-22 18:34 - 2009-07-14 19:58 - 00149572 _____ () C:\Windows\system32\perfc007.dat
2014-06-22 18:34 - 2009-07-14 07:13 - 01620684 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-22 18:33 - 2014-06-22 18:28 - 15089688 _____ (Ross-Tech, LLC) C:\Users\OEM\Downloads\VCDS-Release-12.12.0-Installer.exe
2014-06-21 08:03 - 2014-06-21 08:03 - 00057349 _____ () C:\Users\OEM\Downloads\201400230848-BZ.zip
2014-06-20 14:00 - 2011-02-28 18:35 - 00097432 _____ () C:\Users\OEM\AppData\Local\GDIPFONTCACHEV1.DAT
2014-06-20 13:59 - 2009-07-14 06:45 - 00407824 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-06-20 13:35 - 2014-06-20 13:35 - 00057322 _____ () C:\Users\OEM\Downloads\201400222941-BZ (3).zip
2014-06-20 13:33 - 2014-06-20 13:33 - 00057322 _____ () C:\Users\OEM\Downloads\201400222941-BZ (2).zip
2014-06-20 13:32 - 2014-06-20 13:32 - 00057322 _____ () C:\Users\OEM\Downloads\201400222941-BZ (1).zip
2014-06-20 13:29 - 2013-10-31 15:16 - 00000000 ____D () C:\Users\OEM\AppData\Roaming\TeamViewer
2014-06-20 13:03 - 2014-06-20 13:03 - 00001178 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2014-06-20 13:03 - 2014-06-20 13:03 - 00001166 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk
2014-06-20 13:03 - 2014-06-20 13:03 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2014-06-19 16:16 - 2014-03-23 20:46 - 00000000 ____D () C:\Users\OEM\Desktop\Staudacher
2014-06-18 22:27 - 2014-06-18 22:27 - 00065342 _____ () C:\Users\OEM\Downloads\Shortcut.txt
2014-06-18 22:27 - 2014-06-18 12:33 - 00024710 _____ () C:\Users\OEM\Downloads\Addition.txt
2014-06-18 21:58 - 2014-06-18 21:57 - 04748896 _____ (Piriform Ltd) C:\Users\OEM\Downloads\ccsetup414 (3).exe
2014-06-18 21:57 - 2014-06-18 21:56 - 04748896 _____ (Piriform Ltd) C:\Users\OEM\Downloads\ccsetup414 (2).exe
2014-06-18 19:39 - 2014-06-18 19:39 - 00001200 _____ () C:\Windows\system32\cc_20140618_193916.reg
2014-06-18 19:38 - 2014-06-18 19:38 - 00031986 _____ () C:\Windows\system32\cc_20140618_193854.reg
2014-06-18 14:33 - 2014-06-16 21:49 - 00000000 ____D () C:\Program Files\Unlocker
2014-06-18 13:03 - 2009-07-14 05:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-06-18 12:40 - 2014-06-18 12:39 - 00854367 _____ () C:\Users\OEM\Downloads\SecurityCheck (1).exe
2014-06-18 12:39 - 2014-06-18 12:38 - 00854367 _____ () C:\Users\OEM\Downloads\SecurityCheck.exe
2014-06-17 16:59 - 2014-06-15 12:28 - 00000000 ____D () C:\Windows\System32\Tasks\Browser Updater
2014-06-17 16:52 - 2012-12-27 20:24 - 00000000 ____D () C:\ProgramData\boost_interprocess
2014-06-17 16:51 - 2014-06-17 16:51 - 00000000 ____D () C:\Windows\ERUNT
2014-06-17 16:50 - 2014-06-17 16:50 - 01016261 _____ (Thisisu) C:\Users\OEM\Downloads\JRT_6.1.4.exe
2014-06-17 16:50 - 2014-06-17 16:49 - 01333465 _____ () C:\Users\OEM\Downloads\adwcleaner_3.212.exe
2014-06-17 12:38 - 2014-06-17 12:38 - 00001106 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-06-17 12:38 - 2014-06-17 12:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-06-17 12:38 - 2014-06-17 12:38 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-06-17 12:38 - 2013-10-28 19:44 - 00000000 ____D () C:\Users\OEM\AppData\Roaming\Malwarebytes
2014-06-17 12:38 - 2013-10-28 19:44 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-17 12:34 - 2014-06-17 12:34 - 02347384 _____ (ESET) C:\Users\OEM\Downloads\esetsmartinstaller_deu.exe
2014-06-17 12:33 - 2014-06-17 12:32 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\OEM\Downloads\mbam-setup-2.0.2.1012 (1).exe
2014-06-17 11:46 - 2014-06-17 11:46 - 00057322 _____ () C:\Users\OEM\Downloads\201400222941-BZ.zip
2014-06-16 21:54 - 2014-06-15 12:22 - 00000000 ____D () C:\Users\Administrator
2014-06-16 21:50 - 2014-06-16 21:50 - 01078591 _____ () C:\Users\OEM\Downloads\Unlocker1.9.2 (1).exe
2014-06-16 21:49 - 2014-06-16 21:49 - 00000000 ____D () C:\Users\OEM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
2014-06-16 21:49 - 2014-06-16 21:48 - 01078591 _____ () C:\Users\OEM\Downloads\Unlocker1.9.2.exe
2014-06-16 20:20 - 2014-06-16 20:19 - 04748896 _____ (Piriform Ltd) C:\Users\OEM\Downloads\ccsetup414 (1).exe
2014-06-16 20:19 - 2014-06-16 20:18 - 04748896 _____ (Piriform Ltd) C:\Users\OEM\Downloads\ccsetup414.exe
2014-06-16 16:24 - 2014-06-16 16:24 - 00057357 _____ () C:\Users\OEM\Downloads\201400220464-BZ.zip
2014-06-16 16:24 - 2014-06-16 16:24 - 00057357 _____ () C:\Users\OEM\Downloads\201400220464-BZ (1).zip
2014-06-15 14:48 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-06-15 13:56 - 2014-01-03 22:18 - 00001409 _____ () C:\Users\OEM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2014-06-15 13:56 - 2011-04-07 09:37 - 00000769 _____ () C:\Users\OEM\Desktop\Internet Explorer.lnk
2014-06-15 13:51 - 2014-06-15 13:51 - 00325586 _____ () C:\Windows\system32\cc_20140615_135103.reg
2014-06-15 13:47 - 2011-02-28 18:10 - 00000000 ____D () C:\Windows\Panther
2014-06-15 13:46 - 2014-06-15 12:37 - 00001914 _____ () C:\Windows\SysWOW64\${LOGFILE}
2014-06-15 13:16 - 2014-06-15 12:22 - 00000000 ____D () C:\ProgramData\28e74f1e72de16b9
2014-06-15 12:22 - 2014-06-15 12:22 - 00000000 ____D () C:\Users\OEM\AppData\Local\Packages
2014-06-15 12:22 - 2014-06-15 12:22 - 00000000 ____D () C:\Users\OEM\AppData\Local\Comodo
2014-06-15 12:22 - 2014-06-15 12:22 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-06-15 12:22 - 2014-06-15 12:22 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-06-15 12:22 - 2014-06-15 12:22 - 00000000 ____D () C:\Users\HomeGroupUser$
2014-06-15 12:22 - 2014-06-15 12:22 - 00000000 ____D () C:\Users\Gast\AppData\Local\Google
2014-06-15 12:22 - 2014-06-15 12:22 - 00000000 ____D () C:\Users\Gast\AppData\Local\Comodo
2014-06-15 12:22 - 2014-06-15 12:22 - 00000000 ____D () C:\Users\Gast
2014-06-15 12:22 - 2014-06-15 12:22 - 00000000 _____ () C:\Windows\SysWOW64\Number of results
2014-06-15 12:22 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-06-15 12:16 - 2014-06-15 12:16 - 00003158 _____ () C:\Windows\System32\Tasks\{15DD6F64-0DA6-4526-94EA-D06CF858DF2C}
2014-06-15 11:55 - 2014-06-15 11:55 - 00013048 _____ () C:\Users\OEM\AppData\Roaming\Bubble Dock.installation.log
2014-06-15 11:03 - 2014-06-15 11:03 - 00212992 _____ () C:\Users\OEM\Downloads\Autoveicoli_GA_OUT (2).xls
2014-06-15 11:03 - 2014-06-15 11:03 - 00212992 _____ () C:\Users\OEM\Downloads\Autoveicoli_GA_OUT (1).xls
2014-06-15 11:01 - 2014-06-15 11:01 - 00763904 _____ () C:\Users\OEM\Downloads\Fringe_benefit_2013.xls
2014-06-15 08:28 - 2009-07-14 07:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-06-14 09:34 - 2014-06-14 09:34 - 00057346 _____ () C:\Users\OEM\Downloads\201400216562-BZ.zip
2014-06-13 07:40 - 2014-05-06 22:33 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-06-12 23:26 - 2013-08-15 11:41 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-12 23:24 - 2011-04-06 18:56 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-06-12 21:30 - 2014-06-12 21:30 - 00195005 _____ () C:\Users\OEM\Downloads\Newsletter n.20 del 12-06-2014.pdf.zip
2014-06-12 14:26 - 2011-04-07 09:38 - 00000000 ____D () C:\Users\OEM\Desktop\NeuhofWerbung
2014-06-12 14:26 - 2011-02-28 18:16 - 00000000 ____D () C:\Users\OEM\AppData\Local\VirtualStore
2014-06-12 14:25 - 2013-08-26 19:18 - 00001829 _____ () C:\Users\OEM\Sti_Trace.log
2014-06-11 08:50 - 2014-06-11 08:50 - 00057325 _____ () C:\Users\OEM\Downloads\201400211881-BZ.zip
2014-06-10 09:28 - 2014-06-10 09:28 - 00057323 _____ () C:\Users\OEM\Downloads\201400209914-BZ.zip
2014-06-10 09:28 - 2014-06-10 09:28 - 00057323 _____ () C:\Users\OEM\Downloads\201400209914-BZ (1).zip
2014-06-09 14:18 - 2012-01-11 19:47 - 00000000 ___RD () C:\Users\OEM\Desktop\Alpenstadt
2014-06-09 11:19 - 2014-06-09 11:19 - 00057348 _____ () C:\Users\OEM\Downloads\201400207640-BZ.zip
2014-06-08 11:13 - 2014-06-12 16:40 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-08 11:12 - 2014-06-08 11:12 - 00057347 _____ () C:\Users\OEM\Downloads\201400205382-BZ (7).zip
2014-06-08 11:08 - 2014-06-12 16:40 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-08 10:50 - 2014-06-08 10:50 - 00057347 _____ () C:\Users\OEM\Downloads\201400205382-BZ (6).zip
2014-06-08 08:54 - 2014-06-08 08:54 - 00057347 _____ () C:\Users\OEM\Downloads\201400205382-BZ (5).zip
2014-06-08 08:53 - 2014-06-08 08:53 - 00057347 _____ () C:\Users\OEM\Downloads\201400205382-BZ (4).zip
2014-06-08 08:52 - 2014-06-08 08:52 - 00057347 _____ () C:\Users\OEM\Downloads\201400205382-BZ (3).zip
2014-06-08 08:52 - 2014-06-08 08:52 - 00057347 _____ () C:\Users\OEM\Downloads\201400205382-BZ (2).zip
2014-06-08 08:52 - 2014-06-08 08:52 - 00057347 _____ () C:\Users\OEM\Downloads\201400205382-BZ (1).zip
2014-06-08 08:52 - 2014-06-08 08:51 - 00057347 _____ () C:\Users\OEM\Downloads\201400205382-BZ.zip
2014-06-03 19:06 - 2014-06-03 19:06 - 00000125 _____ () C:\Users\OEM\Downloads\unbenannt (5).txt
2014-06-03 07:21 - 2012-01-22 14:32 - 00000000 ____D () C:\ProgramData\Skype
2014-06-02 11:05 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-06-01 15:45 - 2014-06-01 15:45 - 00057363 _____ () C:\Users\OEM\Downloads\201400194619-BZ.zip

Some content of TEMP:
====================
C:\Users\OEM\AppData\Local\Temp\Quarantine.exe
C:\Users\OEM\AppData\Local\Temp\RSPUpgradeInstaller.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-06-30 19:39

==================== End Of Log ============================

--- --- ---

--- --- ---

GMER Logfile:

Code:

ATTFilter

GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-07-01 17:17:37
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 WDC_WD5000AAKX-001CA0 rev.15.01H15 465,76GB
Running: ifvsp3vm.exe; Driver: C:\Users\OEM\AppData\Local\Temp\uwldapow.sys


---- Threads - GMER 2.1 ----

Thread  C:\Windows\System32\spoolsv.exe [1440:2288]                                                      000007fef56b10c8
Thread  C:\Windows\System32\spoolsv.exe [1440:2296]                                                      000007fef5676144
Thread  C:\Windows\System32\spoolsv.exe [1440:2300]                                                      000007fef5465fd0
Thread  C:\Windows\System32\spoolsv.exe [1440:2304]                                                      000007fef5453438
Thread  C:\Windows\System32\spoolsv.exe [1440:2308]                                                      000007fef54663ec
Thread  C:\Windows\System32\spoolsv.exe [1440:2316]                                                      000007fef5ab5e5c
Thread  C:\Windows\System32\spoolsv.exe [1440:2320]                                                      000007fef5ae5074
Thread  C:\Windows\System32\spoolsv.exe [1440:2812]                                                      000007fef5b52288
Thread  C:\Windows\System32\spoolsv.exe [1440:2816]                                                      000007fef5a8e088
Thread  C:\Windows\System32\spoolsv.exe [1440:4728]                                                      000007fef5a88230

---- Registry - GMER 2.1 ----

Reg     HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\001b10003009                      
Reg     HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\001b10003009@fcc73455c6a9         0x27 0x14 0xF9 0x1C ...
Reg     HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\001b10003009@d857ef5b389d         0x33 0xEC 0x51 0x28 ...
Reg     HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\001b10003009 (not active ControlSet)  
Reg     HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\001b10003009@fcc73455c6a9             0x27 0x14 0xF9 0x1C ...
Reg     HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\001b10003009@d857ef5b389d             0x33 0xEC 0x51 0x28 ...

---- EOF - GMER 2.1 ----

--- --- ---

cosinus · 01.07.2014, 19:20

Bitte auch ne neue Addition.txt erstellen, dazu FRST starten und einen Haken setzen bei Addition.txt, dann auf Scan klicken.

ntichelper · 02.07.2014, 09:21

Guten Morgen

sorry... hier nochmals beide Files von heute Morgen
Danke und Viele Grüße

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-07-2014
Ran by OEM (administrator) on OEM-PC on 02-07-2014 09:49:04
Running from C:\Users\OEM\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 9
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(AMD) C:\Windows\System32\atieclxx.exe
() C:\Windows\System32\QUTIL64.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_WT50RP.EXE
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareTray.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.EXE
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Desktop.exe
(Microsoft Corporation) C:\Program Files (x86)\Internet Explorer\ielowutil.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11057768 2010-07-06] (Realtek Semiconductor)
HKLM\...\Run: [AdAwareTray] => C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareTray.exe [7715160 2014-06-03] ()
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [FUFAXRCV] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe [502952 2012-07-09] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [FUFAXSTM] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe [863400 2012-07-09] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1058912 2012-04-02] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [220744 2011-12-16] (Geek Software GmbH)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-04-27] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [InboxMonitor] => "C:\Program Files (x86)\Nuance\PDF Professional 7\InboxMonitor.exe" /run
HKU\S-1-5-21-1422302985-1899904796-1242127876-1000\...\Run: [Skype] => C:\C\Programme\Skype\Phone\Skype.exe [21444224 2014-05-08] (Skype Technologies S.A.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\vpngui.exe.lnk
ShortcutTarget: vpngui.exe.lnk -> C:\Windows\Installer\{5FDC06BF-3D3D-4367-8FFB-4FAFCB61972D}\Icon09DB8A851.exe ()
Startup: C:\Users\OEM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.0.lnk
ShortcutTarget: OpenOffice.org 3.0.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

ProxyServer: http=127.0.0.1:8118;https=127.0.0.1:8118
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {6CC1B62A-6DFF-4198-B829-4F0C304A1671} URL = hxxp://www.google.de/search?q={searchTerms}&hl=de&gl=de&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
SearchScopes: HKCU - 8D9A5D0AC1F445F0B4735730804E35EE URL = hxxp://dts.search-results.com/sr?src=ieb&gct=ds&appid=110&systemid=102&apn_dtid=BND102&apn_ptnrs=AG7&o=APN10646&apn_uid=8204411260354610&q={searchTerms}
SearchScopes: HKCU - {6CC1B62A-6DFF-4198-B829-4F0C304A1671} URL = hxxp://www.google.de/search?q={searchTerms}&hl=de&gl=de&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
SearchScopes: HKCU - {BAF3C2BB-52DF-48D1-B496-CC19B2CCED73} URL = hxxp://www.google.de/search?q={searchTerms}
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: No Name - {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -  No File
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: No Name - {b31d1ab1-5453-4ed1-97e5-c377f9532024} -  No File
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - No Name - {b31d1ab1-5453-4ed1-97e5-c377f9532024} -  No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} -  No File
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{A55F4236-B909-4382-8495-41190DF1DF95}: [NameServer]8.8.8.8,8.8.4.4

FireFox:
========
FF ProfilePath: C:\Users\OEM\AppData\Roaming\Mozilla\Firefox\Profiles\nc1wdhkw.default
FF Homepage: user_pref("browser.startup.homepage", );
FF NetworkProxy: "type", 1
FF NetworkProxy: "http", "127.0.0.1");user_pref("network.proxy.http_port", 8118);user_pref("network.proxy.ssl", "127.0.0.1");user_pref("network.proxy.ssl_port", 8118
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @Skype Technologies S.A..com/Skype Web Plugin - C:\Program Files (x86)\SkypeWebPlugin\npSkypeWebPlugin64.dll (Skype)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @Skype Technologies S.A..com/Skype Web Plugin - C:\Program Files (x86)\SkypeWebPlugin\npSkypeWebPlugin.dll (Skype)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @TrendMicro.com/FFExtension - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension\components\npToolbarChrome.dll No File
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: geomind.it/DbMap3dFlyer - C:\Program Files (x86)\Abaco\DbMAP 3D Flyer Plugin\npGeoFlyerPlugin.dll (Geomind Srl)
FF user.js: detected! => C:\Users\OEM\AppData\Roaming\Mozilla\Firefox\Profiles\nc1wdhkw.default\user.js
FF HKLM-x32\...\Firefox\Extensions: [{821ACB10-2378-4F92-980F-CEAEB1CE2D5B}] - C:\Windows\Installer\{55745140-B8F5-4B64-B352-8AD1544B8FDC}\{821ACB10-2378-4F92-980F-CEAEB1CE2D5B}.xpi
FF Extension: Download Protect - C:\Windows\Installer\{55745140-B8F5-4B64-B352-8AD1544B8FDC}\{821ACB10-2378-4F92-980F-CEAEB1CE2D5B}.xpi [2014-07-02]

Chrome: 
=======
CHR HomePage: hxxp://start.hometab.com/?1=1__PARAM__
CHR DefaultSearchURL: hxxp://www.google.de/search?q={searchTerms}&hl=de&gl=de
CHR DefaultNewTabURL: hxxp://www.google.de/?hl=de&gl=de
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\OEM\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.4.600\_platform_specific\win_x86\widevinecdmadapter.dll ()
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\pdf.dll ()
CHR Plugin: (DbMap3dFlyer) - C:\Program Files (x86)\Abaco\DbMAP 3D Flyer Plugin\npGeoFlyerPlugin.dll (Geomind Srl)
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll No File
CHR Plugin: (DivX Plus Web Player) - C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
CHR Plugin: (Java Deployment Toolkit 7.0.550.14) - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Java(TM) Platform SE 7 U55) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
CHR Plugin: (Skype Web Plugin) - C:\Program Files (x86)\SkypeWebPlugin\npSkypeWebPlugin.dll (Skype)
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
CHR Plugin: (Windows Activation Technologies) - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
CHR Extension: (Download Protect) - C:\Users\OEM\AppData\Local\Google\Chrome\User Data\Default\Extensions\eaneilmmckmcpebnpbpccpbjjgiofplg [2014-07-01]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-04-11]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 autochkd; C:\Windows\system32\QUTIL64.exe [106496 2012-09-30] () [File not signed]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390720 2014-04-11] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1764992 2014-04-11] (Microsoft Corporation)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [135824 2011-12-12] (Seiko Epson Corporation)
R2 LavasoftAdAwareService11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareService.exe [706864 2014-06-03] ()
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation)
S2 SkypeUpdate; C:\C\Programme\Skype\Updater\Updater.exe [172192 2013-10-23] (Skype Technologies)

==================== Drivers (Whitelisted) ====================

R3 CVPNDRVA; C:\Windows\system32\Drivers\CVPNDRVA.sys [306536 2011-03-04] ()
R3 gzflt; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Antimalware Engine\3.0.0.56\gzflt.sys [150256 2014-04-22] (BitDefender LLC)
R3 MODEMCSA; C:\Windows\System32\drivers\MODEMCSA.sys [24064 2009-07-14] (Microsoft Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-16] ()
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)
S3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [389240 2014-04-22] (BitDefender S.R.L.)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()
U2 TMAgent; 

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-07-02 09:49 - 2014-07-02 09:50 - 00017862 _____ () C:\Users\OEM\Desktop\FRST.txt
2014-07-02 09:48 - 2014-07-02 09:48 - 00000000 ____D () C:\Users\OEM\Desktop\FRST-OlderVersion
2014-07-02 09:47 - 2014-07-02 09:48 - 02083840 _____ (Farbar) C:\Users\OEM\Desktop\FRST64.exe
2014-07-01 21:13 - 2014-07-01 21:13 - 00004585 _____ () C:\Users\OEM\Downloads\18583C190000000079E8 (5).pfx
2014-07-01 20:26 - 2014-07-01 20:26 - 00004585 _____ () C:\Users\OEM\Downloads\18583C190000000079E8 (4).pfx
2014-07-01 20:25 - 2014-07-01 20:26 - 00004585 _____ () C:\Users\OEM\Downloads\18583C190000000079E8 (3).pfx
2014-07-01 20:12 - 2014-07-01 20:12 - 00004585 _____ () C:\Users\OEM\Downloads\18583C190000000079E8 (2).pfx
2014-07-01 20:12 - 2014-07-01 20:12 - 00004585 _____ () C:\Users\OEM\Downloads\18583C190000000079E8 (1).pfx
2014-07-01 17:38 - 2014-07-01 19:21 - 00000000 ____D () C:\Users\OEM\AppData\Local\Google
2014-07-01 12:01 - 2014-07-01 12:02 - 00275464 _____ () C:\Windows\Minidump\070114-17706-01.dmp
2014-07-01 12:01 - 2014-07-01 12:01 - 402891399 _____ () C:\Windows\MEMORY.DMP
2014-07-01 11:02 - 2014-07-01 11:02 - 00000000 _____ () C:\Users\OEM\defogger_reenable
2014-07-01 10:57 - 2014-07-01 10:57 - 00003832 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1404205045
2014-07-01 10:57 - 2014-07-01 10:57 - 00001133 _____ () C:\Users\Public\Desktop\Opera.lnk
2014-07-01 10:57 - 2014-07-01 10:57 - 00001133 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2014-07-01 10:57 - 2014-07-01 10:57 - 00000000 ____D () C:\Users\OEM\AppData\Roaming\Opera Software
2014-07-01 10:57 - 2014-07-01 10:57 - 00000000 ____D () C:\Users\OEM\AppData\Local\Opera Software
2014-07-01 10:57 - 2014-07-01 10:57 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-07-01 10:52 - 2014-07-01 10:54 - 27641968 _____ (Opera Software ASA) C:\Users\OEM\Downloads\Opera_22.0.1471.70_Setup.exe
2014-07-01 10:21 - 2014-07-01 10:21 - 00000000 ____D () C:\Users\OEM\AppData\Local\Google_old
2014-07-01 09:46 - 2014-07-01 09:46 - 00000302 _____ () C:\Windows\PFRO.log
2014-07-01 09:12 - 2014-07-01 17:40 - 00000000 ____D () C:\Users\OEM\Documents\2014_07_01_download_protect_removal
2014-07-01 09:03 - 2014-07-01 09:52 - 00000000 ____D () C:\Users\OEM\Downloads\FRST-OlderVersion
2014-07-01 09:03 - 2014-07-01 09:06 - 00052417 _____ () C:\Users\OEM\Downloads\FRST.txt
2014-06-30 12:10 - 2014-06-30 12:10 - 00057328 _____ () C:\Users\OEM\Downloads\201400249228-BZ.zip
2014-06-30 12:10 - 2014-06-30 12:10 - 00057328 _____ () C:\Users\OEM\Downloads\201400249228-BZ (1).zip
2014-06-30 07:39 - 2014-07-02 07:24 - 00000392 _____ () C:\Windows\setupact.log
2014-06-30 07:39 - 2014-06-30 07:39 - 00000000 _____ () C:\Windows\setuperr.log
2014-06-29 16:06 - 2014-06-29 16:06 - 04814144 _____ (Piriform Ltd) C:\Users\OEM\Downloads\ccsetup415pro.exe
2014-06-29 15:37 - 2014-06-29 15:37 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\OEM\Downloads\SpyHunter-Installer.exe
2014-06-26 16:59 - 2014-06-26 16:59 - 00000000 ____D () C:\Users\OEM\AppData\Roaming\LavasoftStatistics
2014-06-26 16:59 - 2014-06-26 16:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ad-Aware Antivirus
2014-06-26 16:44 - 2014-06-26 16:44 - 00000000 ____D () C:\Program Files\Lavasoft
2014-06-26 16:42 - 2014-06-26 16:42 - 00000000 ____D () C:\Users\OEM\AppData\Roaming\Lavasoft
2014-06-26 16:41 - 2014-06-26 16:41 - 00000000 ____D () C:\Program Files\Common Files\Lavasoft
2014-06-26 16:40 - 2014-06-26 16:40 - 01707144 _____ () C:\Users\OEM\Downloads\Adaware112_Installer.exe
2014-06-26 16:40 - 2014-06-26 16:40 - 00000000 ____D () C:\ProgramData\Lavasoft
2014-06-26 15:49 - 2014-06-26 15:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-06-26 15:46 - 2014-07-02 09:45 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-26 15:46 - 2014-07-02 07:24 - 00001100 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-26 15:46 - 2014-06-26 15:49 - 00000000 ____D () C:\Program Files (x86)\Google
2014-06-26 15:46 - 2014-06-26 15:46 - 00004100 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-26 15:46 - 2014-06-26 15:46 - 00003848 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-26 15:45 - 2014-06-26 15:46 - 00895120 _____ (Google Inc.) C:\Users\OEM\Downloads\ChromeSetup.exe
2014-06-23 13:04 - 2014-06-23 13:04 - 00057308 _____ () C:\Users\OEM\Downloads\201400235742-BZ.zip
2014-06-22 18:28 - 2014-06-22 18:33 - 15089688 _____ (Ross-Tech, LLC) C:\Users\OEM\Downloads\VCDS-Release-12.12.0-Installer.exe
2014-06-21 08:03 - 2014-06-21 08:03 - 00057349 _____ () C:\Users\OEM\Downloads\201400230848-BZ.zip
2014-06-20 13:35 - 2014-06-20 13:35 - 00057322 _____ () C:\Users\OEM\Downloads\201400222941-BZ (3).zip
2014-06-20 13:33 - 2014-06-20 13:33 - 00057322 _____ () C:\Users\OEM\Downloads\201400222941-BZ (2).zip
2014-06-20 13:32 - 2014-06-20 13:32 - 00057322 _____ () C:\Users\OEM\Downloads\201400222941-BZ (1).zip
2014-06-20 13:03 - 2014-06-20 13:03 - 00001178 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2014-06-20 13:03 - 2014-06-20 13:03 - 00001166 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk
2014-06-20 13:03 - 2014-06-20 13:03 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2014-06-18 22:27 - 2014-06-18 22:27 - 00065342 _____ () C:\Users\OEM\Downloads\Shortcut.txt
2014-06-18 21:57 - 2014-06-18 21:58 - 04748896 _____ (Piriform Ltd) C:\Users\OEM\Downloads\ccsetup414 (3).exe
2014-06-18 21:56 - 2014-06-18 21:57 - 04748896 _____ (Piriform Ltd) C:\Users\OEM\Downloads\ccsetup414 (2).exe
2014-06-18 19:39 - 2014-06-18 19:39 - 00001200 _____ () C:\Windows\system32\cc_20140618_193916.reg
2014-06-18 19:38 - 2014-06-18 19:38 - 00031986 _____ () C:\Windows\system32\cc_20140618_193854.reg
2014-06-18 12:39 - 2014-06-18 12:40 - 00854367 _____ () C:\Users\OEM\Downloads\SecurityCheck (1).exe
2014-06-18 12:38 - 2014-06-18 12:39 - 00854367 _____ () C:\Users\OEM\Downloads\SecurityCheck.exe
2014-06-18 12:33 - 2014-06-18 22:27 - 00024710 _____ () C:\Users\OEM\Downloads\Addition.txt
2014-06-18 12:30 - 2014-07-02 09:49 - 00000000 ____D () C:\FRST
2014-06-18 12:28 - 2014-07-01 09:03 - 02083328 _____ (Farbar) C:\Users\OEM\Downloads\FRST64.exe
2014-06-17 16:51 - 2014-06-17 16:51 - 00000000 ____D () C:\Windows\ERUNT
2014-06-17 16:51 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-06-17 16:50 - 2014-07-01 09:43 - 00000000 ____D () C:\AdwCleaner
2014-06-17 16:50 - 2014-06-17 16:50 - 01016261 _____ (Thisisu) C:\Users\OEM\Downloads\JRT_6.1.4.exe
2014-06-17 16:49 - 2014-06-17 16:50 - 01333465 _____ () C:\Users\OEM\Downloads\adwcleaner_3.212.exe
2014-06-17 12:39 - 2014-06-29 13:07 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-17 12:38 - 2014-06-17 12:38 - 00001106 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-06-17 12:38 - 2014-06-17 12:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-06-17 12:38 - 2014-06-17 12:38 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-06-17 12:38 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-06-17 12:38 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-06-17 12:34 - 2014-06-17 12:34 - 02347384 _____ (ESET) C:\Users\OEM\Downloads\esetsmartinstaller_deu.exe
2014-06-17 12:32 - 2014-06-17 12:33 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\OEM\Downloads\mbam-setup-2.0.2.1012 (1).exe
2014-06-17 11:46 - 2014-06-17 11:46 - 00057322 _____ () C:\Users\OEM\Downloads\201400222941-BZ.zip
2014-06-16 21:50 - 2014-06-16 21:50 - 01078591 _____ () C:\Users\OEM\Downloads\Unlocker1.9.2 (1).exe
2014-06-16 21:49 - 2014-06-18 14:33 - 00000000 ____D () C:\Program Files\Unlocker
2014-06-16 21:49 - 2014-06-16 21:49 - 00000000 ____D () C:\Users\OEM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
2014-06-16 21:48 - 2014-06-16 21:49 - 01078591 _____ () C:\Users\OEM\Downloads\Unlocker1.9.2.exe
2014-06-16 20:19 - 2014-06-16 20:20 - 04748896 _____ (Piriform Ltd) C:\Users\OEM\Downloads\ccsetup414 (1).exe
2014-06-16 20:18 - 2014-06-16 20:19 - 04748896 _____ (Piriform Ltd) C:\Users\OEM\Downloads\ccsetup414.exe
2014-06-16 16:24 - 2014-06-16 16:24 - 00057357 _____ () C:\Users\OEM\Downloads\201400220464-BZ.zip
2014-06-16 16:24 - 2014-06-16 16:24 - 00057357 _____ () C:\Users\OEM\Downloads\201400220464-BZ (1).zip
2014-06-15 13:51 - 2014-06-15 13:51 - 00325586 _____ () C:\Windows\system32\cc_20140615_135103.reg
2014-06-15 12:37 - 2014-06-15 13:46 - 00001914 _____ () C:\Windows\SysWOW64\${LOGFILE}
2014-06-15 12:28 - 2014-06-17 16:59 - 00000000 ____D () C:\Windows\System32\Tasks\Browser Updater
2014-06-15 12:22 - 2014-06-16 21:54 - 00000000 ____D () C:\Users\Administrator
2014-06-15 12:22 - 2014-06-15 13:16 - 00000000 ____D () C:\ProgramData\28e74f1e72de16b9
2014-06-15 12:22 - 2014-06-15 12:22 - 00000000 ____D () C:\Users\OEM\AppData\Local\Packages
2014-06-15 12:22 - 2014-06-15 12:22 - 00000000 ____D () C:\Users\OEM\AppData\Local\Comodo
2014-06-15 12:22 - 2014-06-15 12:22 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-06-15 12:22 - 2014-06-15 12:22 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-06-15 12:22 - 2014-06-15 12:22 - 00000000 ____D () C:\Users\HomeGroupUser$
2014-06-15 12:22 - 2014-06-15 12:22 - 00000000 ____D () C:\Users\Gast\AppData\Local\Google
2014-06-15 12:22 - 2014-06-15 12:22 - 00000000 ____D () C:\Users\Gast\AppData\Local\Comodo
2014-06-15 12:22 - 2014-06-15 12:22 - 00000000 ____D () C:\Users\Gast
2014-06-15 12:22 - 2014-06-15 12:22 - 00000000 _____ () C:\Windows\SysWOW64\Number of results
2014-06-15 12:19 - 2014-04-09 07:55 - 00034376 _____ () C:\Windows\Launcher.exe
2014-06-15 12:16 - 2014-06-15 12:16 - 00003158 _____ () C:\Windows\System32\Tasks\{15DD6F64-0DA6-4526-94EA-D06CF858DF2C}
2014-06-15 11:55 - 2014-06-15 11:55 - 00013048 _____ () C:\Users\OEM\AppData\Roaming\Bubble Dock.installation.log
2014-06-15 11:03 - 2014-06-15 11:03 - 00212992 _____ () C:\Users\OEM\Downloads\Autoveicoli_GA_OUT (2).xls
2014-06-15 11:03 - 2014-06-15 11:03 - 00212992 _____ () C:\Users\OEM\Downloads\Autoveicoli_GA_OUT (1).xls
2014-06-15 11:01 - 2014-06-15 11:01 - 00763904 _____ () C:\Users\OEM\Downloads\Fringe_benefit_2013.xls
2014-06-14 09:34 - 2014-06-14 09:34 - 00057346 _____ () C:\Users\OEM\Downloads\201400216562-BZ.zip
2014-06-12 21:30 - 2014-06-12 21:30 - 00195005 _____ () C:\Users\OEM\Downloads\Newsletter n.20 del 12-06-2014.pdf.zip
2014-06-12 16:40 - 2014-06-08 11:13 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-12 16:40 - 2014-06-08 11:08 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-12 16:40 - 2014-05-28 20:53 - 17857536 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-12 16:40 - 2014-05-28 20:37 - 02338816 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-12 16:40 - 2014-05-28 20:35 - 10890240 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-12 16:40 - 2014-05-28 20:31 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-12 16:40 - 2014-05-28 20:31 - 01348608 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-12 16:40 - 2014-05-28 20:30 - 01494016 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-12 16:40 - 2014-05-28 20:30 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-06-12 16:40 - 2014-05-28 20:29 - 02148352 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-12 16:40 - 2014-05-28 20:29 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-06-12 16:40 - 2014-05-28 20:29 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-12 16:40 - 2014-05-28 20:29 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-12 16:40 - 2014-05-28 20:29 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-12 16:40 - 2014-05-28 20:29 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-12 16:40 - 2014-05-28 20:28 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-12 16:40 - 2014-05-28 20:28 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-12 16:40 - 2014-05-28 20:28 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-12 16:40 - 2014-05-28 20:28 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-12 16:40 - 2014-05-28 20:28 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-06-12 16:40 - 2014-05-28 20:28 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-06-12 16:40 - 2014-05-28 20:28 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-06-12 16:40 - 2014-05-28 20:27 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-12 16:40 - 2014-05-28 18:48 - 12356608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-12 16:40 - 2014-05-28 18:39 - 01810432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-12 16:40 - 2014-05-28 18:38 - 09711104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-12 16:40 - 2014-05-28 18:33 - 01106432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-12 16:40 - 2014-05-28 18:32 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-12 16:40 - 2014-05-28 18:32 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-12 16:40 - 2014-05-28 18:31 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-06-12 16:40 - 2014-05-28 18:31 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-12 16:40 - 2014-05-28 18:30 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-12 16:40 - 2014-05-28 18:30 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-06-12 16:40 - 2014-05-28 18:30 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-12 16:40 - 2014-05-28 18:30 - 00421376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-06-12 16:40 - 2014-05-28 18:30 - 00353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-12 16:40 - 2014-05-28 18:30 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-06-12 16:40 - 2014-05-28 18:30 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-06-12 16:40 - 2014-05-28 18:29 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-12 16:40 - 2014-05-28 18:29 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-12 16:40 - 2014-05-28 18:29 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-12 16:40 - 2014-05-28 18:29 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-06-12 16:40 - 2014-05-28 18:29 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-06-12 16:40 - 2014-05-28 18:28 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-06-12 16:40 - 2014-04-25 04:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-06-12 16:40 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-06-12 16:40 - 2014-04-05 04:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-12 16:40 - 2014-04-05 04:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-06-12 16:40 - 2014-03-26 16:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-06-12 16:40 - 2014-03-26 16:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-06-12 16:40 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-06-12 16:40 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-06-12 16:40 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-06-12 16:40 - 2014-03-26 16:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-06-12 16:40 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2014-06-12 16:40 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-06-11 08:50 - 2014-06-11 08:50 - 00057325 _____ () C:\Users\OEM\Downloads\201400211881-BZ.zip
2014-06-10 09:28 - 2014-06-10 09:28 - 00057323 _____ () C:\Users\OEM\Downloads\201400209914-BZ.zip
2014-06-10 09:28 - 2014-06-10 09:28 - 00057323 _____ () C:\Users\OEM\Downloads\201400209914-BZ (1).zip
2014-06-09 11:19 - 2014-06-09 11:19 - 00057348 _____ () C:\Users\OEM\Downloads\201400207640-BZ.zip
2014-06-08 11:12 - 2014-06-08 11:12 - 00057347 _____ () C:\Users\OEM\Downloads\201400205382-BZ (7).zip
2014-06-08 10:50 - 2014-06-08 10:50 - 00057347 _____ () C:\Users\OEM\Downloads\201400205382-BZ (6).zip
2014-06-08 08:54 - 2014-06-08 08:54 - 00057347 _____ () C:\Users\OEM\Downloads\201400205382-BZ (5).zip
2014-06-08 08:53 - 2014-06-08 08:53 - 00057347 _____ () C:\Users\OEM\Downloads\201400205382-BZ (4).zip
2014-06-08 08:52 - 2014-06-08 08:52 - 00057347 _____ () C:\Users\OEM\Downloads\201400205382-BZ (3).zip
2014-06-08 08:52 - 2014-06-08 08:52 - 00057347 _____ () C:\Users\OEM\Downloads\201400205382-BZ (2).zip
2014-06-08 08:52 - 2014-06-08 08:52 - 00057347 _____ () C:\Users\OEM\Downloads\201400205382-BZ (1).zip
2014-06-08 08:51 - 2014-06-08 08:52 - 00057347 _____ () C:\Users\OEM\Downloads\201400205382-BZ.zip
2014-06-03 19:06 - 2014-06-03 19:06 - 00000125 _____ () C:\Users\OEM\Downloads\unbenannt (5).txt

==================== One Month Modified Files and Folders =======

2014-07-02 09:50 - 2014-07-02 09:49 - 00017862 _____ () C:\Users\OEM\Desktop\FRST.txt
2014-07-02 09:49 - 2014-06-18 12:30 - 00000000 ____D () C:\FRST
2014-07-02 09:48 - 2014-07-02 09:48 - 00000000 ____D () C:\Users\OEM\Desktop\FRST-OlderVersion
2014-07-02 09:48 - 2014-07-02 09:47 - 02083840 _____ (Farbar) C:\Users\OEM\Desktop\FRST64.exe
2014-07-02 09:46 - 2011-06-24 19:22 - 00003914 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{78DBB7A4-C6CC-4259-8C64-E43675B223EE}
2014-07-02 09:45 - 2014-06-26 15:46 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-02 09:45 - 2013-10-25 19:28 - 02020872 _____ () C:\Windows\WindowsUpdate.log
2014-07-02 09:45 - 2012-08-05 18:15 - 00000000 _____ () C:\Windows\system32\Drivers\lvuvc.hs
2014-07-02 09:45 - 2012-04-13 15:44 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-02 07:59 - 2011-04-07 09:44 - 00000000 ___RD () C:\Users\OEM\Documents\Anfrage
2014-07-02 07:49 - 2011-08-22 20:31 - 00000000 ____D () C:\Users\OEM\AppData\Roaming\Skype
2014-07-02 07:33 - 2009-07-14 06:45 - 00015152 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-02 07:33 - 2009-07-14 06:45 - 00015152 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-02 07:26 - 2012-12-22 23:11 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-07-02 07:24 - 2014-06-30 07:39 - 00000392 _____ () C:\Windows\setupact.log
2014-07-02 07:24 - 2014-06-26 15:46 - 00001100 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-02 07:24 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-01 21:13 - 2014-07-01 21:13 - 00004585 _____ () C:\Users\OEM\Downloads\18583C190000000079E8 (5).pfx
2014-07-01 20:26 - 2014-07-01 20:26 - 00004585 _____ () C:\Users\OEM\Downloads\18583C190000000079E8 (4).pfx
2014-07-01 20:26 - 2014-07-01 20:25 - 00004585 _____ () C:\Users\OEM\Downloads\18583C190000000079E8 (3).pfx
2014-07-01 20:12 - 2014-07-01 20:12 - 00004585 _____ () C:\Users\OEM\Downloads\18583C190000000079E8 (2).pfx
2014-07-01 20:12 - 2014-07-01 20:12 - 00004585 _____ () C:\Users\OEM\Downloads\18583C190000000079E8 (1).pfx
2014-07-01 19:30 - 2011-04-07 09:38 - 00000000 ____D () C:\Users\OEM\Desktop\NeuhofWerbung
2014-07-01 19:27 - 2013-01-13 18:18 - 01170944 ___SH () C:\Users\OEM\Downloads\Thumbs.db
2014-07-01 19:27 - 2011-08-03 14:55 - 02096640 ___SH () C:\Users\OEM\Desktop\Thumbs.db
2014-07-01 19:21 - 2014-07-01 17:38 - 00000000 ____D () C:\Users\OEM\AppData\Local\Google
2014-07-01 17:40 - 2014-07-01 09:12 - 00000000 ____D () C:\Users\OEM\Documents\2014_07_01_download_protect_removal
2014-07-01 12:02 - 2014-07-01 12:01 - 00275464 _____ () C:\Windows\Minidump\070114-17706-01.dmp
2014-07-01 12:01 - 2014-07-01 12:01 - 402891399 _____ () C:\Windows\MEMORY.DMP
2014-07-01 12:01 - 2012-11-15 23:36 - 00000000 ____D () C:\Windows\Minidump
2014-07-01 11:02 - 2014-07-01 11:02 - 00000000 _____ () C:\Users\OEM\defogger_reenable
2014-07-01 11:02 - 2011-02-28 18:16 - 00000000 ____D () C:\Users\OEM
2014-07-01 10:57 - 2014-07-01 10:57 - 00003832 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1404205045
2014-07-01 10:57 - 2014-07-01 10:57 - 00001133 _____ () C:\Users\Public\Desktop\Opera.lnk
2014-07-01 10:57 - 2014-07-01 10:57 - 00001133 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2014-07-01 10:57 - 2014-07-01 10:57 - 00000000 ____D () C:\Users\OEM\AppData\Roaming\Opera Software
2014-07-01 10:57 - 2014-07-01 10:57 - 00000000 ____D () C:\Users\OEM\AppData\Local\Opera Software
2014-07-01 10:57 - 2014-07-01 10:57 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-07-01 10:54 - 2014-07-01 10:52 - 27641968 _____ (Opera Software ASA) C:\Users\OEM\Downloads\Opera_22.0.1471.70_Setup.exe
2014-07-01 10:21 - 2014-07-01 10:21 - 00000000 ____D () C:\Users\OEM\AppData\Local\Google_old
2014-07-01 09:52 - 2014-07-01 09:03 - 00000000 ____D () C:\Users\OEM\Downloads\FRST-OlderVersion
2014-07-01 09:46 - 2014-07-01 09:46 - 00000302 _____ () C:\Windows\PFRO.log
2014-07-01 09:43 - 2014-06-17 16:50 - 00000000 ____D () C:\AdwCleaner
2014-07-01 09:23 - 2013-09-29 20:48 - 00000000 ____D () C:\ProgramData\DivX
2014-07-01 09:06 - 2014-07-01 09:03 - 00052417 _____ () C:\Users\OEM\Downloads\FRST.txt
2014-07-01 09:03 - 2014-06-18 12:28 - 02083328 _____ (Farbar) C:\Users\OEM\Downloads\FRST64.exe
2014-06-30 12:10 - 2014-06-30 12:10 - 00057328 _____ () C:\Users\OEM\Downloads\201400249228-BZ.zip
2014-06-30 12:10 - 2014-06-30 12:10 - 00057328 _____ () C:\Users\OEM\Downloads\201400249228-BZ (1).zip
2014-06-30 07:39 - 2014-06-30 07:39 - 00000000 _____ () C:\Windows\setuperr.log
2014-06-29 16:24 - 2012-09-27 22:45 - 00000000 ____D () C:\Windows\pss
2014-06-29 16:06 - 2014-06-29 16:06 - 04814144 _____ (Piriform Ltd) C:\Users\OEM\Downloads\ccsetup415pro.exe
2014-06-29 15:37 - 2014-06-29 15:37 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\OEM\Downloads\SpyHunter-Installer.exe
2014-06-29 13:07 - 2014-06-17 12:39 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-26 16:59 - 2014-06-26 16:59 - 00000000 ____D () C:\Users\OEM\AppData\Roaming\LavasoftStatistics
2014-06-26 16:59 - 2014-06-26 16:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ad-Aware Antivirus
2014-06-26 16:44 - 2014-06-26 16:44 - 00000000 ____D () C:\Program Files\Lavasoft
2014-06-26 16:42 - 2014-06-26 16:42 - 00000000 ____D () C:\Users\OEM\AppData\Roaming\Lavasoft
2014-06-26 16:41 - 2014-06-26 16:41 - 00000000 ____D () C:\Program Files\Common Files\Lavasoft
2014-06-26 16:40 - 2014-06-26 16:40 - 01707144 _____ () C:\Users\OEM\Downloads\Adaware112_Installer.exe
2014-06-26 16:40 - 2014-06-26 16:40 - 00000000 ____D () C:\ProgramData\Lavasoft
2014-06-26 15:49 - 2014-06-26 15:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-06-26 15:49 - 2014-06-26 15:46 - 00000000 ____D () C:\Program Files (x86)\Google
2014-06-26 15:46 - 2014-06-26 15:46 - 00004100 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-26 15:46 - 2014-06-26 15:46 - 00003848 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-26 15:46 - 2014-06-26 15:45 - 00895120 _____ (Google Inc.) C:\Users\OEM\Downloads\ChromeSetup.exe
2014-06-23 13:04 - 2014-06-23 13:04 - 00057308 _____ () C:\Users\OEM\Downloads\201400235742-BZ.zip
2014-06-22 18:34 - 2009-07-14 19:58 - 00699432 _____ () C:\Windows\system32\perfh007.dat
2014-06-22 18:34 - 2009-07-14 19:58 - 00149572 _____ () C:\Windows\system32\perfc007.dat
2014-06-22 18:34 - 2009-07-14 07:13 - 01620684 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-22 18:33 - 2014-06-22 18:28 - 15089688 _____ (Ross-Tech, LLC) C:\Users\OEM\Downloads\VCDS-Release-12.12.0-Installer.exe
2014-06-21 08:03 - 2014-06-21 08:03 - 00057349 _____ () C:\Users\OEM\Downloads\201400230848-BZ.zip
2014-06-20 14:00 - 2011-02-28 18:35 - 00097432 _____ () C:\Users\OEM\AppData\Local\GDIPFONTCACHEV1.DAT
2014-06-20 13:59 - 2009-07-14 06:45 - 00407824 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-06-20 13:35 - 2014-06-20 13:35 - 00057322 _____ () C:\Users\OEM\Downloads\201400222941-BZ (3).zip
2014-06-20 13:33 - 2014-06-20 13:33 - 00057322 _____ () C:\Users\OEM\Downloads\201400222941-BZ (2).zip
2014-06-20 13:32 - 2014-06-20 13:32 - 00057322 _____ () C:\Users\OEM\Downloads\201400222941-BZ (1).zip
2014-06-20 13:29 - 2013-10-31 15:16 - 00000000 ____D () C:\Users\OEM\AppData\Roaming\TeamViewer
2014-06-20 13:03 - 2014-06-20 13:03 - 00001178 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2014-06-20 13:03 - 2014-06-20 13:03 - 00001166 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk
2014-06-20 13:03 - 2014-06-20 13:03 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2014-06-19 16:16 - 2014-03-23 20:46 - 00000000 ____D () C:\Users\OEM\Desktop\Staudacher
2014-06-18 22:27 - 2014-06-18 22:27 - 00065342 _____ () C:\Users\OEM\Downloads\Shortcut.txt
2014-06-18 22:27 - 2014-06-18 12:33 - 00024710 _____ () C:\Users\OEM\Downloads\Addition.txt
2014-06-18 21:58 - 2014-06-18 21:57 - 04748896 _____ (Piriform Ltd) C:\Users\OEM\Downloads\ccsetup414 (3).exe
2014-06-18 21:57 - 2014-06-18 21:56 - 04748896 _____ (Piriform Ltd) C:\Users\OEM\Downloads\ccsetup414 (2).exe
2014-06-18 19:39 - 2014-06-18 19:39 - 00001200 _____ () C:\Windows\system32\cc_20140618_193916.reg
2014-06-18 19:38 - 2014-06-18 19:38 - 00031986 _____ () C:\Windows\system32\cc_20140618_193854.reg
2014-06-18 14:33 - 2014-06-16 21:49 - 00000000 ____D () C:\Program Files\Unlocker
2014-06-18 13:03 - 2009-07-14 05:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-06-18 12:40 - 2014-06-18 12:39 - 00854367 _____ () C:\Users\OEM\Downloads\SecurityCheck (1).exe
2014-06-18 12:39 - 2014-06-18 12:38 - 00854367 _____ () C:\Users\OEM\Downloads\SecurityCheck.exe
2014-06-17 16:59 - 2014-06-15 12:28 - 00000000 ____D () C:\Windows\System32\Tasks\Browser Updater
2014-06-17 16:52 - 2012-12-27 20:24 - 00000000 ____D () C:\ProgramData\boost_interprocess
2014-06-17 16:51 - 2014-06-17 16:51 - 00000000 ____D () C:\Windows\ERUNT
2014-06-17 16:50 - 2014-06-17 16:50 - 01016261 _____ (Thisisu) C:\Users\OEM\Downloads\JRT_6.1.4.exe
2014-06-17 16:50 - 2014-06-17 16:49 - 01333465 _____ () C:\Users\OEM\Downloads\adwcleaner_3.212.exe
2014-06-17 12:38 - 2014-06-17 12:38 - 00001106 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-06-17 12:38 - 2014-06-17 12:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-06-17 12:38 - 2014-06-17 12:38 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-06-17 12:38 - 2013-10-28 19:44 - 00000000 ____D () C:\Users\OEM\AppData\Roaming\Malwarebytes
2014-06-17 12:38 - 2013-10-28 19:44 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-17 12:34 - 2014-06-17 12:34 - 02347384 _____ (ESET) C:\Users\OEM\Downloads\esetsmartinstaller_deu.exe
2014-06-17 12:33 - 2014-06-17 12:32 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\OEM\Downloads\mbam-setup-2.0.2.1012 (1).exe
2014-06-17 11:46 - 2014-06-17 11:46 - 00057322 _____ () C:\Users\OEM\Downloads\201400222941-BZ.zip
2014-06-16 21:54 - 2014-06-15 12:22 - 00000000 ____D () C:\Users\Administrator
2014-06-16 21:50 - 2014-06-16 21:50 - 01078591 _____ () C:\Users\OEM\Downloads\Unlocker1.9.2 (1).exe
2014-06-16 21:49 - 2014-06-16 21:49 - 00000000 ____D () C:\Users\OEM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
2014-06-16 21:49 - 2014-06-16 21:48 - 01078591 _____ () C:\Users\OEM\Downloads\Unlocker1.9.2.exe
2014-06-16 20:20 - 2014-06-16 20:19 - 04748896 _____ (Piriform Ltd) C:\Users\OEM\Downloads\ccsetup414 (1).exe
2014-06-16 20:19 - 2014-06-16 20:18 - 04748896 _____ (Piriform Ltd) C:\Users\OEM\Downloads\ccsetup414.exe
2014-06-16 16:24 - 2014-06-16 16:24 - 00057357 _____ () C:\Users\OEM\Downloads\201400220464-BZ.zip
2014-06-16 16:24 - 2014-06-16 16:24 - 00057357 _____ () C:\Users\OEM\Downloads\201400220464-BZ (1).zip
2014-06-15 14:48 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-06-15 13:56 - 2014-01-03 22:18 - 00001409 _____ () C:\Users\OEM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2014-06-15 13:51 - 2014-06-15 13:51 - 00325586 _____ () C:\Windows\system32\cc_20140615_135103.reg
2014-06-15 13:47 - 2011-02-28 18:10 - 00000000 ____D () C:\Windows\Panther
2014-06-15 13:46 - 2014-06-15 12:37 - 00001914 _____ () C:\Windows\SysWOW64\${LOGFILE}
2014-06-15 13:16 - 2014-06-15 12:22 - 00000000 ____D () C:\ProgramData\28e74f1e72de16b9
2014-06-15 12:22 - 2014-06-15 12:22 - 00000000 ____D () C:\Users\OEM\AppData\Local\Packages
2014-06-15 12:22 - 2014-06-15 12:22 - 00000000 ____D () C:\Users\OEM\AppData\Local\Comodo
2014-06-15 12:22 - 2014-06-15 12:22 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-06-15 12:22 - 2014-06-15 12:22 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-06-15 12:22 - 2014-06-15 12:22 - 00000000 ____D () C:\Users\HomeGroupUser$
2014-06-15 12:22 - 2014-06-15 12:22 - 00000000 ____D () C:\Users\Gast\AppData\Local\Google
2014-06-15 12:22 - 2014-06-15 12:22 - 00000000 ____D () C:\Users\Gast\AppData\Local\Comodo
2014-06-15 12:22 - 2014-06-15 12:22 - 00000000 ____D () C:\Users\Gast
2014-06-15 12:22 - 2014-06-15 12:22 - 00000000 _____ () C:\Windows\SysWOW64\Number of results
2014-06-15 12:22 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-06-15 12:16 - 2014-06-15 12:16 - 00003158 _____ () C:\Windows\System32\Tasks\{15DD6F64-0DA6-4526-94EA-D06CF858DF2C}
2014-06-15 11:55 - 2014-06-15 11:55 - 00013048 _____ () C:\Users\OEM\AppData\Roaming\Bubble Dock.installation.log
2014-06-15 11:03 - 2014-06-15 11:03 - 00212992 _____ () C:\Users\OEM\Downloads\Autoveicoli_GA_OUT (2).xls
2014-06-15 11:03 - 2014-06-15 11:03 - 00212992 _____ () C:\Users\OEM\Downloads\Autoveicoli_GA_OUT (1).xls
2014-06-15 11:01 - 2014-06-15 11:01 - 00763904 _____ () C:\Users\OEM\Downloads\Fringe_benefit_2013.xls
2014-06-15 08:28 - 2009-07-14 07:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-06-14 09:34 - 2014-06-14 09:34 - 00057346 _____ () C:\Users\OEM\Downloads\201400216562-BZ.zip
2014-06-13 07:40 - 2014-05-06 22:33 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-06-12 23:26 - 2013-08-15 11:41 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-12 23:24 - 2011-04-06 18:56 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-06-12 21:30 - 2014-06-12 21:30 - 00195005 _____ () C:\Users\OEM\Downloads\Newsletter n.20 del 12-06-2014.pdf.zip
2014-06-12 14:26 - 2011-02-28 18:16 - 00000000 ____D () C:\Users\OEM\AppData\Local\VirtualStore
2014-06-12 14:25 - 2013-08-26 19:18 - 00001829 _____ () C:\Users\OEM\Sti_Trace.log
2014-06-11 08:50 - 2014-06-11 08:50 - 00057325 _____ () C:\Users\OEM\Downloads\201400211881-BZ.zip
2014-06-10 09:28 - 2014-06-10 09:28 - 00057323 _____ () C:\Users\OEM\Downloads\201400209914-BZ.zip
2014-06-10 09:28 - 2014-06-10 09:28 - 00057323 _____ () C:\Users\OEM\Downloads\201400209914-BZ (1).zip
2014-06-09 14:18 - 2012-01-11 19:47 - 00000000 ___RD () C:\Users\OEM\Desktop\Alpenstadt
2014-06-09 11:19 - 2014-06-09 11:19 - 00057348 _____ () C:\Users\OEM\Downloads\201400207640-BZ.zip
2014-06-08 11:13 - 2014-06-12 16:40 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-08 11:12 - 2014-06-08 11:12 - 00057347 _____ () C:\Users\OEM\Downloads\201400205382-BZ (7).zip
2014-06-08 11:08 - 2014-06-12 16:40 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-08 10:50 - 2014-06-08 10:50 - 00057347 _____ () C:\Users\OEM\Downloads\201400205382-BZ (6).zip
2014-06-08 08:54 - 2014-06-08 08:54 - 00057347 _____ () C:\Users\OEM\Downloads\201400205382-BZ (5).zip
2014-06-08 08:53 - 2014-06-08 08:53 - 00057347 _____ () C:\Users\OEM\Downloads\201400205382-BZ (4).zip
2014-06-08 08:52 - 2014-06-08 08:52 - 00057347 _____ () C:\Users\OEM\Downloads\201400205382-BZ (3).zip
2014-06-08 08:52 - 2014-06-08 08:52 - 00057347 _____ () C:\Users\OEM\Downloads\201400205382-BZ (2).zip
2014-06-08 08:52 - 2014-06-08 08:52 - 00057347 _____ () C:\Users\OEM\Downloads\201400205382-BZ (1).zip
2014-06-08 08:52 - 2014-06-08 08:51 - 00057347 _____ () C:\Users\OEM\Downloads\201400205382-BZ.zip
2014-06-03 19:06 - 2014-06-03 19:06 - 00000125 _____ () C:\Users\OEM\Downloads\unbenannt (5).txt
2014-06-03 07:21 - 2012-01-22 14:32 - 00000000 ____D () C:\ProgramData\Skype
2014-06-02 11:05 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache

Some content of TEMP:
====================
C:\Users\OEM\AppData\Local\Temp\Quarantine.exe
C:\Users\OEM\AppData\Local\Temp\RSPUpgradeInstaller.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-06-30 19:39

==================== End Of Log ============================

--- --- ---

--- --- ---

--- --- ---

Addition.txt

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-07-2014
Ran by OEM at 2014-07-02 09:52:16
Running from C:\Users\OEM\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AV: Ad-Aware Antivirus (Enabled - Up to date) {D87B6541-12A1-DAEA-0033-9B8057AAB996}
AS: Ad-Aware Antivirus (Enabled - Up to date) {631A84A5-349B-D564-3A83-A0F22C2DF32B}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
FW: Ad-Aware Firewall (Disabled) {E040E464-58CE-DBB2-2B6C-32B5A979FEED}

==================== Installed Programs ======================

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Ad-Aware Antivirus (HKLM\...\{9F965DAA-2FFD-41E3-8125-893BFBBE01D6}_AdAwareUpdater) (Version: 11.2.5952.0 - Lavasoft)
AdAwareInstaller (Version: 11.2.5952.0 - Lavasoft) Hidden
AdAwareUpdater (Version: 11.2.5952.0 - Lavasoft) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.7.1.19610 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 2.7.1.19610 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Reader X (10.1.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.10 - Adobe Systems Incorporated)
AllDup 3.4.18 (HKLM-x32\...\AllDup_is1) (Version: 3.4.18 - Michael Thummerer Software Design)
AntimalwareEngine (Version: 3.0.0.56 - Lavasoft) Hidden
Any Video Converter 5 5.0.3 (HKLM-x32\...\Any Video Converter 5_is1) (Version:  - Any-Video-Converter.com)
ATI Catalyst Install Manager (HKLM\...\{CA8DDA79-7051-D445-E00B-67B8A373CF07}) (Version: 3.0.812.0 - ATI Technologies, Inc.)
AviSynth 2.5 (HKLM-x32\...\AviSynth) (Version:  - )
AvsP (HKLM-x32\...\AvsP_is1) (Version:  - )
Bing Bar (HKLM-x32\...\{3365E735-48A6-4194-9988-CE59AC5AE503}) (Version: 7.3.132.0 - Microsoft Corporation)
Catalyst Control Center Core Implementation (x32 Version: 2010.0210.2206.39615 - ATI) Hidden
Catalyst Control Center Graphics Full Existing (x32 Version: 2010.0210.2206.39615 - ATI) Hidden
Catalyst Control Center Graphics Full New (x32 Version: 2010.0210.2206.39615 - ATI) Hidden
Catalyst Control Center Graphics Light (x32 Version: 2010.0210.2206.39615 - ATI) Hidden
Catalyst Control Center Graphics Previews Vista (x32 Version: 2010.0210.2206.39615 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2011.0126.1749.31909 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2010.0210.2206.39615 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2010.0210.2205.39615 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2010.0210.2205.39615 - ATI) Hidden
CCC Help Dutch (x32 Version: 2010.0210.2205.39615 - ATI) Hidden
CCC Help English (x32 Version: 2010.0210.2205.39615 - ATI) Hidden
CCC Help Finnish (x32 Version: 2010.0210.2205.39615 - ATI) Hidden
CCC Help French (x32 Version: 2010.0210.2205.39615 - ATI) Hidden
CCC Help Greek (x32 Version: 2010.0210.2205.39615 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2010.0210.2205.39615 - ATI) Hidden
CCC Help Italian (x32 Version: 2010.0210.2205.39615 - ATI) Hidden
CCC Help Japanese (x32 Version: 2010.0210.2205.39615 - ATI) Hidden
CCC Help Korean (x32 Version: 2010.0210.2205.39615 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2010.0210.2205.39615 - ATI) Hidden
CCC Help Polish (x32 Version: 2010.0210.2205.39615 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2010.0210.2205.39615 - ATI) Hidden
CCC Help Russian (x32 Version: 2010.0210.2205.39615 - ATI) Hidden
CCC Help Spanish (x32 Version: 2010.0210.2205.39615 - ATI) Hidden
CCC Help Swedish (x32 Version: 2010.0210.2205.39615 - ATI) Hidden
CCC Help Thai (x32 Version: 2010.0210.2205.39615 - ATI) Hidden
CCC Help Turkish (x32 Version: 2010.0210.2205.39615 - ATI) Hidden
ccc-utility64 (Version: 2010.0210.2206.39615 - ATI) Hidden
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.3.8.2513 - CDBurnerXP)
Cisco Systems VPN Client 5.0.07.0440 (HKLM\...\{5FDC06BF-3D3D-4367-8FFB-4FAFCB61972D}) (Version: 5.0.7 - Cisco Systems, Inc.)
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Comunicazioni2011 (HKLM-x32\...\Comunicazioni2011) (Version: 1.0.0.0 - Agenzia delle Entrate - Sogei)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DbMAP 3D Flyer Plugin  v.2.1.6r10 (HKLM-x32\...\DbMAP 3D Flyer Plugin) (Version: 2.1.6r10 - GeoMind Srl)
Druckerdeinstallation für EPSON WF-2530 Series (HKLM\...\EPSON WF-2530 Series) (Version:  - SEIKO EPSON Corporation)
DVD slideshow GUI 0.9.4.1 (HKLM-x32\...\BE37E547-62DF-43C8-AE6A-D03E82BC67A2_is1) (Version: DVD slideshow GUI 0.9.4.1 - Tin2tin)
Epson Benutzerhandbuch WF-2530 Series (HKLM-x32\...\WF-2530 Series Useg) (Version:  - )
Epson Connect Guide (HKLM-x32\...\Epson Connect Guide) (Version:  - )
Epson Event Manager (HKLM-x32\...\{8F01524C-0676-4CC1-B4AE-64753C723391}) (Version: 3.01.0005 - Seiko Epson Corporation)
Epson FAX Utility (HKLM-x32\...\{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}) (Version: 1.31.00 - SEIKO EPSON CORPORATION)
Epson Netzwerkhandbuch WF-2530 Series (HKLM-x32\...\WF-2530 Series Netg) (Version:  - )
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.6.0 - SEIKO EPSON CORPORATION)
ffdshow [rev 3029] [2009-07-10] (HKLM-x32\...\ffdshow_is1) (Version: 1.0 - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
GUI for dvdauthor 1.07 (HKLM-x32\...\GUI for dvdauthor) (Version: 1.07 - Boraxsoft)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.5.0 - LIGHTNING UK!)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217040FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 24 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216024FF}) (Version: 6.0.240 - Oracle)
Java(TM) 6 Update 26 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416026FF}) (Version: 6.0.260 - Oracle)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
K-Lite Mega Codec Pack 6.9.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 6.9.0 - )
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
MediaHuman YouTube to MP3 Converter version 3.1.5 (HKLM-x32\...\MediaHuman YouTube to MP3 Converter_is1) (Version: 3.1.5 - )
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Antimalware Service DE-DE Language Pack (Version: 3.0.8402.2 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007F-0407-0000-0000000FF1CE}) (Version: 14.0.5139.5001 - Microsoft Corporation)
Microsoft Office Standard Edition 2003 (HKLM-x32\...\{91120407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) Hidden
Microsoft Security Client DE-DE Language Pack (Version: 2.1.1116.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
ModuliControllo2013 (HKLM-x32\...\ModuliControllo2013) (Version: 5.0.5.0 - Sogei S.p.A)
ModuliControlloIRA2013 (HKLM-x32\...\ModuliControlloIRA2013) (Version: 1.0.2.0 - Sogei S.p.A)
ModuliControlloIVC (HKLM-x32\...\ModuliControlloIVC) (Version: 2.0.0.0 - Sogei S.p.A)
ModuliControlloStudi2013 (HKLM-x32\...\ModuliControlloStudi2013) (Version: 1.0.1.0 - Agenzia delle Entrate - Sogei)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
OpenOffice.org 3.0 (HKLM-x32\...\{DCC4BA6D-4790-402E-AFC7-2185F638783E}) (Version: 3.0.9358 - OpenOffice.org)
Opera Stable 22.0.1471.70 (HKLM-x32\...\Opera 22.0.1471.70) (Version: 22.0.1471.70 - Opera Software ASA)
PCI Soft Voice SoftRing Modem with SmartCP (HKLM\...\CNXT_MODEM_PCI_HSF) (Version: 7.80.6.0 - Conexant Systems)
PDF24 Creator 4.1.2 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.2.0 - Frank Heindörfer, Philip Chinery)
pgcchelper (HKCU\...\pgcchelper) (Version:  - )
quifoto.it (HKLM-x32\...\it.quifoto.editor.001F9DF2D0BAABEB11F42CCEE43224607B61109C.1) (Version: 1.4.6.913 - myphotobook GmbH)
quifoto.it (x32 Version: 1.4.6 - myphotobook GmbH) Hidden
Realtek Ethernet Controller Driver For Windows 7 (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.23.623.2010 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6151 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.4.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.4.0 - Renesas Electronics Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{BB285C9F-C821-4770-8970-56C4AB52C87E}) (Version: 7.2.15747.10003 - Microsoft Corporation)
Skype Web Plugin (HKLM-x32\...\{B51DD93B-3CB5-4D9D-BFF2-FD19DBBBFD9A}) (Version: 2.9.13008.18866 - Skype Technologies S.A.)
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
Sunny Explorer (HKLM-x32\...\{39FCD08F-E311-4959-84B9-1012023724B9}) (Version: 1.3.4 - SMA Solar Technology AG)
System Update kb70007 (x32 Version: 1.0.0 - MSR) Hidden
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.29480 - TeamViewer)
UnicoOnLine PF 2011 (HKCU\...\UnicoOnLine PF 2011) (Version:  - Agenzia delle Entrate)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
Validazione_F24 (HKLM-x32\...\Validazione_F24) (Version: 3.0.8.0 - Agenzia delle Entrate)
Validazione_F24EP (HKLM-x32\...\Validazione_F24EP) (Version: 1.3.9.0 - Agenzia delle Entrate)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Visitenkarten in 2 Minuten (HKLM-x32\...\Visitenkarten in 2 Minuten) (Version:  - )
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Xvid 1.1.3 final uninstall (HKLM-x32\...\Xvid_is1) (Version: 1.1 - Xvid team (Koepi))

==================== Restore Points  =========================

04-06-2014 17:58:46 Windows Update
08-06-2014 08:24:08 Windows Update
11-06-2014 17:06:44 Windows Update
12-06-2014 21:20:36 Windows Update
16-06-2014 14:38:37 Windows Update
20-06-2014 11:50:49 Windows Update
23-06-2014 17:02:05 Windows Update
26-06-2014 14:40:38 AA11
27-06-2014 08:05:21 Windows Update
30-06-2014 17:13:22 AA11
30-06-2014 18:36:35 Windows Update

==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {1D19AC1D-3476-4F28-8141-3EE07474FDD9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-06-26] (Google Inc.)
Task: {24E6E177-7653-4936-8A3F-D1E2042CAAF9} - System32\Tasks\{A1A97481-3174-4C7C-A86E-D2B402B8D6B6} => E:\prezi.exe
Task: {35FE46EF-ED66-4468-9482-C5DBD24D2C7B} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {46DA1FD1-179A-43AA-B9E0-97017D63A15B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-15] (Adobe Systems Incorporated)
Task: {C272827B-3627-48DE-9D8F-F50BF093863F} - System32\Tasks\{8E309394-75C7-4F14-A7B9-81DB6EEE0FC6} => Firefox.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&amp;ver=5.5.59.124&amp;LastError=2
Task: {CB6121C8-B5F4-4DE6-8B61-C8ADFCD92F64} - \Browser Updater\Browser Updater No Task File <==== ATTENTION
Task: {D6170242-A1F1-4C17-9847-0A3ED31A8719} - \fsupdate No Task File <==== ATTENTION
Task: {E65CAA4F-2444-41E1-8E80-D056E4B698D7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-06-26] (Google Inc.)
Task: {ECCEE9AD-B29F-4C39-A6DE-D8822C6C27AB} - System32\Tasks\Opera scheduled Autoupdate 1404205045 => C:\Program Files (x86)\Opera\launcher.exe [2014-06-16] (Opera Software)
Task: {FE25EA72-6849-47C0-B907-1DC73CC988D9} - System32\Tasks\{0BE869A8-9C70-457C-B21E-D53E0DCD4DA7} => Firefox.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&amp;ver=5.10.0.116&amp;LastError=2
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2011-12-19 20:39 - 2005-03-12 01:07 - 00087040 _____ () C:\Windows\System32\pdfcmnnt.dll
2012-09-30 10:34 - 2012-09-30 10:34 - 00106496 _____ () C:\Windows\system32\QUTIL64.exe
2014-06-03 15:47 - 2014-06-03 15:47 - 00706864 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareService.exe
2014-06-03 16:19 - 2014-06-03 16:19 - 00103800 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\boost_thread-vc100-mt-1_55.dll
2014-06-03 16:19 - 2014-06-03 16:19 - 00024440 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\boost_system-vc100-mt-1_55.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00033656 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\boost_chrono-vc100-mt-1_55.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00055680 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\boost_date_time-vc100-mt-1_55.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00123776 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\boost_filesystem-vc100-mt-1_55.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 10070888 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareServiceKernel.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00685904 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\SQLite.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 03393352 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\RCF.dll
2014-06-03 16:19 - 2014-06-03 16:19 - 00788856 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\boost_regex-vc100-mt-1_55.dll
2014-06-03 16:17 - 2014-06-03 16:17 - 00604520 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareActivation.dll
2014-06-03 16:19 - 2014-06-03 16:19 - 00158032 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\pugixml.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00360312 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareApplicationUpdater.dll
2014-06-03 16:19 - 2014-06-03 16:19 - 00149840 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\libssh2.dll
2014-06-03 16:19 - 2014-06-03 16:19 - 00106824 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\zlib.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00142696 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareGamingMode.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00098648 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareReset.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00120152 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareTime.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00290168 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareDefinitionsUpdater.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00198024 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareDefinitionsUpdaterScheduler.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00417128 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareIgnoreList.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00245608 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareQuarantine.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00336752 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareAntiMalwareEngine.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00212336 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareAntiRootkitEngine.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00509808 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareScannerHistory.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00610144 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareScanner.dll
2014-06-03 16:19 - 2014-06-03 16:19 - 00035192 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\boost_timer-vc100-mt-1_55.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00326000 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareScannerScheduler.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00453496 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareRealTimeProtection.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00227688 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareIncompatibles.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00218976 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareAntiSpam.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00171368 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareAntiPhishing.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00786800 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareParentalControl.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 01936744 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareWebProtection.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00422256 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareEmailProtection.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00650608 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareNetworkProtection.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00358744 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwarePromo.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00298336 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareFeedback.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00371576 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareThreatWorkAlliance.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00154464 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\SecurityCenter.dll
2010-07-15 06:44 - 2010-07-15 06:44 - 00020032 _____ () C:\Program Files\Unlocker\UnlockerCOM.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 02082160 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareShellExtension.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 07715160 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareTray.exe
2014-06-03 16:18 - 2014-06-03 16:18 - 00500088 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\boost_locale-vc100-mt-1_55.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00364896 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\HtmlFramework.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00066904 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\DllStorage.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00803696 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareTrayDefaultSkin.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00139608 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\Localization.dll
2011-03-04 12:49 - 2011-03-04 12:49 - 00202752 _____ () C:\Program Files (x86)\Cisco Systems\VPN Client\vpnapi.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\TEMP:A8AF8B49
AlternateDataStreams: C:\ProgramData\TEMP:AD022376

==================== Safe Mode (whitelisted) ===================


==================== EXE Association (whitelisted) =============


==================== MSCONFIG/TASK MANAGER disabled items =========


==================== Faulty Device Manager Devices =============

Name: Bluetooth-Peripheriegerät
Description: Bluetooth-Peripheriegerät
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Lexmark X422
Description: Lexmark X422
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Lexmark
Service: usbscan
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Bluetooth-Peripheriegerät
Description: Bluetooth-Peripheriegerät
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Cisco Systems VPN Adapter for 64-bit Windows
Description: Cisco Systems VPN Adapter for 64-bit Windows
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: CVirtA
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/01/2014 07:07:25 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/01/2014 09:23:36 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"1".
Die abhängige Assemblierung "Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (06/30/2014 10:56:49 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"1".
Die abhängige Assemblierung "Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (06/30/2014 10:56:48 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"1".
Die abhängige Assemblierung "Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (06/29/2014 08:02:36 PM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: Die Sicherung wurde aufgrund eines Fehlers beim Schreiben am Sicherungsspeicherort "E:\" nicht abgeschlossen. Fehler: "Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006)"

Error: (06/29/2014 04:14:48 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: Der Index kann nicht initialisiert werden.


Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (06/29/2014 04:14:48 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Die Anwendung kann nicht initialisiert werden.

Kontext: Windows Anwendung


Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (06/29/2014 04:14:48 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Das Gatherer-Objekt kann nicht initialisiert werden.

Kontext: Windows Anwendung, SystemIndex Katalog


Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (06/29/2014 04:14:48 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Plug-In in <Search.TripoliIndexer> kann nicht initialisiert werden.

Kontext: Windows Anwendung, SystemIndex Katalog


Details:
	Element nicht gefunden.  (HRESULT : 0x80070490) (0x80070490)

Error: (06/29/2014 04:14:45 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Plug-In in <Search.JetPropStore> kann nicht initialisiert werden.

Kontext: Windows Anwendung, SystemIndex Katalog


Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)


System errors:
=============
Error: (07/01/2014 06:50:24 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst ShellHWDetection erreicht.

Error: (07/01/2014 01:10:08 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst UMVPFSrv erreicht.

Error: (07/01/2014 00:02:03 PM) (Source: BugCheck) (EventID: 1001) (User: )
Description: 0x00000109 (0xa3a039d89dd3599e, 0xb3b7465ef0519548, 0xfffff880009f4540, 0x0000000000000002)C:\Windows\MEMORY.DMP070114-17706-01

Error: (07/01/2014 00:02:03 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎01.‎07.‎2014 um 11:59:52 unerwartet heruntergefahren.

Error: (07/01/2014 07:50:09 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuche-Ressourcenveröffentlichung" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1053

Error: (07/01/2014 07:50:09 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Funktionssuche-Ressourcenveröffentlichung" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (07/01/2014 07:50:09 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Funktionssuche-Ressourcenveröffentlichung erreicht.

Error: (06/30/2014 10:35:57 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst ShellHWDetection erreicht.

Error: (06/30/2014 07:56:14 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {CC957078-B838-47C4-A7CF-626E7A82FC58}

Error: (06/30/2014 07:55:08 PM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: WMPNetworkSvc0x80004005


Microsoft Office Sessions:
=========================
Error: (07/01/2014 07:07:25 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\OEM\Downloads\esetsmartinstaller_deu.exe

Error: (07/01/2014 09:23:36 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll

Error: (06/30/2014 10:56:49 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll

Error: (06/30/2014 10:56:48 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll

Error: (06/29/2014 08:02:36 PM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: E:\Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006)

Error: (06/29/2014 04:14:48 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: 
Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (06/29/2014 04:14:48 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Kontext: Windows Anwendung


Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (06/29/2014 04:14:48 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Kontext: Windows Anwendung, SystemIndex Katalog


Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (06/29/2014 04:14:48 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Kontext: Windows Anwendung, SystemIndex Katalog


Details:
	Element nicht gefunden.  (HRESULT : 0x80070490) (0x80070490)
Search.TripoliIndexer

Error: (06/29/2014 04:14:45 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Kontext: Windows Anwendung, SystemIndex Katalog


Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)
Search.JetPropStore


==================== Memory info =========================== 

Percentage of memory in use: 56%
Total physical RAM: 1791.05 MB
Available physical RAM: 786.53 MB
Total Pagefile: 3582.1 MB
Available Pagefile: 2233.32 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.66 GB) (Free:355.46 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 324A99B4)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=466 GB) - (Type=07 NTFS)

==================== End Of Log ============================

cosinus · 02.07.2014, 09:25

Zitat:

AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
FW: Ad-Aware Firewall (Disabled) {E040E464-58CE-DBB2-2B6C-32B5A979FEED}

Sowas niemals gleichzeitig verwenden! Zwei Virenscanner kommen sich gegenseitig in die Quere. Deinstalliere Ad-Aware AV und die Firewall davon, die ist völlig unnötig, die von Windows reicht nicht nur, man sollte ihr den Vorzug geben.

Und bitte auch die Logs von adwCleaner usw posten, wie ich sehe hast du dieses Tool auch schon angewandt.

ntichelper · 02.07.2014, 10:09

OK,
habe Ad-Aware komplett deinstalliert

hier die Logfiles von adwCleaner
habe das Tool mehrfach angewandt.. ich poste einfach alle Logs

AdwCleaner Logfile:

Code:

ATTFilter

# AdwCleaner v3.212 - Bericht erstellt am 17/06/2014 um 16:50:51
# Aktualisiert 05/06/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : OEM - OEM-PC
# Gestartet von : C:\Users\OEM\Downloads\adwcleaner_3.212.exe
# Option : Suchen

***** [ Dienste ] *****

Dienst Gefunden : GFilterSvc

***** [ Dateien / Ordner ] *****

Datei Gefunden : C:\END
Datei Gefunden : C:\Users\OEM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\jZip.lnk
Datei Gefunden : C:\Users\OEM\AppData\Roaming\Mozilla\Firefox\Profiles\nc1wdhkw.default\searchplugins\Babylon.xml
Datei Gefunden : C:\Users\OEM\AppData\Roaming\Mozilla\Firefox\Profiles\nc1wdhkw.default\user.js
Datei Gefunden : C:\Windows\System32\GFilterSvc.exe
Datei Gefunden : C:\Windows\System32\roboot64.exe
Datei Gefunden : C:\Windows\System32\Tasks\Browser Updater
Datei Gefunden : C:\Windows\System32\Tasks\fsupdate
Ordner Gefunden : C:\Program Files (x86)\HomeTab
Ordner Gefunden : C:\Program Files (x86)\jZip
Ordner Gefunden : C:\Program Files (x86)\MSR
Ordner Gefunden : C:\Program Files (x86)\Nosibay
Ordner Gefunden : C:\Program Files\HomeTab
Ordner Gefunden : C:\ProgramData\apn
Ordner Gefunden : C:\ProgramData\Ask
Ordner Gefunden : C:\ProgramData\Babylon
Ordner Gefunden : C:\ProgramData\Browser Manager
Ordner Gefunden : C:\ProgramData\WindowsProtectManger
Ordner Gefunden : C:\Users\Gast\AppData\Local\Chromatic Browser
Ordner Gefunden : C:\Users\Gast\AppData\Local\torch
Ordner Gefunden : C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser
Ordner Gefunden : C:\Users\HomeGroupUser$\AppData\Local\torch
Ordner Gefunden : C:\Users\OEM\AppData\Local\apn
Ordner Gefunden : C:\Users\OEM\AppData\Local\Babylon
Ordner Gefunden : C:\Users\OEM\AppData\Local\Chromatic Browser
Ordner Gefunden : C:\Users\OEM\AppData\Local\Genesis
Ordner Gefunden : C:\Users\OEM\AppData\Local\jZip
Ordner Gefunden : C:\Users\OEM\AppData\Local\Temp\jZip
Ordner Gefunden : C:\Users\OEM\AppData\Local\torch
Ordner Gefunden : C:\Users\OEM\AppData\LocalLow\DataMngr
Ordner Gefunden : C:\Users\OEM\AppData\Roaming\Babylon
Ordner Gefunden : C:\Users\OEM\AppData\Roaming\Mozilla\Firefox\Profiles\nc1wdhkw.default\Extensions\59def0ae-3df8-4e87-8551-8d6b609a202a@97824100-f5d8-46fa-8c09-0b959f58c578.com
Ordner Gefunden : C:\Users\OEM\AppData\Roaming\Mozilla\Firefox\Profiles\nc1wdhkw.default\jziptoolbargaw
Ordner Gefunden : C:\Users\OEM\AppData\Roaming\Nosibay
Ordner Gefunden : C:\Users\OEM\AppData\Roaming\SimplyTech
Ordner Gefunden : C:\Users\OEM\AppData\Roaming\SupTab
Ordner Gefunden : C:\Users\OEM\AppData\Roaming\Systweak
Ordner Gefunden : C:\Users\OEM\Documents\Optimizer Pro
Ordner Gefunden : C:\Users\OEM\Documents\PC Speed Maximizer

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Daten Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SupTab\SEARCH~2.DLL
Schlüssel Gefunden : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\Conduit
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\simplytech
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\SmartBar
Schlüssel Gefunden : HKCU\Software\Conduit
Schlüssel Gefunden : HKCU\Software\genesis
Schlüssel Gefunden : HKCU\Software\jZip
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2102}
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{206a7328-437f-4bd9-b53e-12bfee24d588}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\jZip
Schlüssel Gefunden : HKCU\Software\Nosibay
Schlüssel Gefunden : HKCU\Software\powerpack
Schlüssel Gefunden : HKCU\Software\simplytech
Schlüssel Gefunden : [x64] HKCU\Software\Conduit
Schlüssel Gefunden : [x64] HKCU\Software\genesis
Schlüssel Gefunden : [x64] HKCU\Software\jZip
Schlüssel Gefunden : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gefunden : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2102}
Schlüssel Gefunden : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Schlüssel Gefunden : [x64] HKCU\Software\Nosibay
Schlüssel Gefunden : [x64] HKCU\Software\powerpack
Schlüssel Gefunden : [x64] HKCU\Software\simplytech
Schlüssel Gefunden : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Schlüssel Gefunden : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Schlüssel Gefunden : HKLM\Software\Babylon
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{3FC27B34-0C19-49DA-875E-1875DDD4A6B2}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\HomeTab.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\driverscanner
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{8DA8B89E-0C65-403B-8231-AB22ECFA0687}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{A928E66C-F501-4E66-9953-855C712F93B2}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{B0E28FA0-DF07-44B6-95CE-48BE26DB9266}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{E6B4EE8F-C38E-4994-BE28-229A3F92262C}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{FCA8936E-403A-4487-A966-70F80F1D5A6A}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\jZip.file
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\wtb.Band
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\wtb.Band.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\wtb.NotificationSource
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\wtb.NotificationSource.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\wtb.SourceSinkImpl
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\wtb.SourceSinkImpl.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\wtb.ToolbarInfo
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\wtb.ToolbarInfo.1
Schlüssel Gefunden : HKLM\Software\Conduit
Schlüssel Gefunden : HKLM\Software\jZip
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3614D305-2DBB-4991-9297-750DD60FFC73}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7ABE12CA-E995-4AB4-9A4E-EF8820A20182}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CFD485F0-96BD-47CD-BB6D-CD7DDA95F102}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2102}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\avg-secure-search-installer_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\avg-secure-search-installer_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\BabMaint_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\BabMaint_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\Bubble Dock BSetup_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\Bubble Dock BSetup_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\Bubble Dock Update_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\Bubble Dock Update_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\Bubble Dock_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\Bubble Dock_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\driverscanner_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\driverscanner_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\Genesis_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\Genesis_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\HomeTab_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\HomeTab_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\jZip_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\jZip_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\Lollipop_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\Lollipop_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\mconduitinstaller_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\mconduitinstaller_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\MyDeltaTB_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\MyDeltaTB_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\optimizerpro_rasapi32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\optimizerpro_rasmancs
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\optprostart_rasapi32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\optprostart_rasmancs
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\softonic_ggl_1_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\softonic_ggl_1_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_sweet-home-3d_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_sweet-home-3d_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\systweakasp_rasapi32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\systweakasp_rasmancs
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\Uninstall Bubble Dock_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\Uninstall Bubble Dock_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\AppPath\jZip.exe
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Search Results Toolbar
Schlüssel Gefunden : HKLM\Software\SearchquSRTB
Schlüssel Gefunden : HKLM\Software\SupDp
Schlüssel Gefunden : HKLM\Software\SupTab
Schlüssel Gefunden : HKLM\Software\systweak
Schlüssel Gefunden : HKLM\Software\Uniblue
Schlüssel Gefunden : HKLM\Software\Uniblue\DriverScanner
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{8DA8B89E-0C65-403B-8231-AB22ECFA0687}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{A928E66C-F501-4E66-9953-855C712F93B2}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{B0E28FA0-DF07-44B6-95CE-48BE26DB9266}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{E6B4EE8F-C38E-4994-BE28-229A3F92262C}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{FCA8936E-403A-4487-A966-70F80F1D5A6A}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\DataMngr
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\DivX\Install\Setup\WizardLayout\ConduitToolbar
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CFD485F0-96BD-47CD-BB6D-CD7DDA95F102}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2102}

***** [ Browser ] *****

-\\ Internet Explorer v9.0.8112.16555

Einstellung Gefunden : HKCU\Software\Microsoft\Internet Explorer\Main [Start Default_Page_URL] - hxxp://search.certified-toolbar.com?si=77302&st=home&tid=18197&ver=5.7&ts=1402827585133&tguid=77302-18197-1402827585133-C0740B6A97725EC3F9B00ACF5C80A9DA
Einstellung Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Default_Page_URL] - hxxp://search.certified-toolbar.com?si=77302&st=home&tid=18197&ver=5.7&ts=1402827585133&tguid=77302-18197-1402827585133-C0740B6A97725EC3F9B00ACF5C80A9DA
Einstellung Gefunden : HKCU\Software\Microsoft\Internet Explorer\Search [Start Page] - hxxp://search.certified-toolbar.com?si=77302&st=home&tid=18197&ver=5.7&ts=1402827585133&tguid=77302-18197-1402827585133-C0740B6A97725EC3F9B00ACF5C80A9DA
Einstellung Gefunden : HKCU\Software\Microsoft\Internet Explorer\Search [Start Default_Page_URL] - hxxp://search.certified-toolbar.com?si=77302&st=home&tid=18197&ver=5.7&ts=1402827585133&tguid=77302-18197-1402827585133-C0740B6A97725EC3F9B00ACF5C80A9DA
Einstellung Gefunden : HKCU\Software\Microsoft\Internet Explorer\Search [Search Page] - hxxp://search.certified-toolbar.com?si=77302&tid=18197&ver=5.7&ts=1402827585133&tguid=77302-18197-1402827585133-C0740B6A97725EC3F9B00ACF5C80A9DA&st=chrome&q=
Einstellung Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs] - hxxp://search.certified-toolbar.com?si=77302&st=newtab&tid=18197&ver=5.7&ts=1402827585133&tguid=77302-18197-1402827585133-C0740B6A97725EC3F9B00ACF5C80A9DA
Einstellung Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Start Page] - hxxp://search.certified-toolbar.com?si=77302&st=home&tid=18197&ver=5.7&ts=1402827585133&tguid=77302-18197-1402827585133-C0740B6A97725EC3F9B00ACF5C80A9DA
Einstellung Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Start Default_Page_URL] - hxxp://search.certified-toolbar.com?si=77302&st=home&tid=18197&ver=5.7&ts=1402827585133&tguid=77302-18197-1402827585133-C0740B6A97725EC3F9B00ACF5C80A9DA
Einstellung Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Search Page] - hxxp://search.certified-toolbar.com?si=77302&tid=18197&ver=5.7&ts=1402827585133&tguid=77302-18197-1402827585133-C0740B6A97725EC3F9B00ACF5C80A9DA&st=chrome&q=
Einstellung Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [(Default)] - hxxp://search.certified-toolbar.com?si=77302&st=bs&tid=18197&ver=5.7&ts=1402827585133&tguid=77302-18197-1402827585133-C0740B6A97725EC3F9B00ACF5C80A9DA&q=%s
Einstellung Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://istart.webssearches.com/web/?type=ds&ts=1402826195&from=amt&uid=WDCXWD5000AAKX-001CA0_WD-WCAYUD40907109071&q={searchTerms}
Einstellung Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://istart.webssearches.com/?type=hp&ts=1402826195&from=amt&uid=WDCXWD5000AAKX-001CA0_WD-WCAYUD40907109071
Einstellung Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxp://istart.webssearches.com/?type=hp&ts=1402826195&from=amt&uid=WDCXWD5000AAKX-001CA0_WD-WCAYUD40907109071
Einstellung Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] - hxxp://istart.webssearches.com/web/?type=ds&ts=1402826195&from=amt&uid=WDCXWD5000AAKX-001CA0_WD-WCAYUD40907109071&q={searchTerms}

-\\ Mozilla Firefox v

[ Datei : C:\Users\OEM\AppData\Roaming\Mozilla\Firefox\Profiles\nc1wdhkw.default\prefs.js ]

Zeile gefunden : user_pref("browser.search.defaultengine", "Ask.com");
Zeile gefunden : user_pref("extensions.asktb.ff-original-keyword-url", "");

-\\ Google Chrome v

[ Datei : C:\Users\OEM\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [16911 octets] - [17/06/2014 16:50:51]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [16972 octets] ##########

--- --- ---

AdwCleaner Logfile:

Code:

ATTFilter

# AdwCleaner v3.212 - Bericht erstellt am 17/06/2014 um 16:52:03
# Aktualisiert 05/06/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : OEM - OEM-PC
# Gestartet von : C:\Users\OEM\Downloads\adwcleaner_3.212.exe
# Option : Löschen

***** [ Dienste ] *****

Code:

ATTFilter

# AdwCleaner v3.212 - Bericht erstellt am 17/06/2014 um 16:58:23
# Aktualisiert 05/06/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : OEM - OEM-PC
# Gestartet von : C:\Users\OEM\Downloads\adwcleaner_3.212.exe
# Option : Suchen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Datei Gefunden : C:\Users\OEM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\jZip.lnk
Datei Gefunden : C:\Users\OEM\AppData\Roaming\Mozilla\Firefox\Profiles\nc1wdhkw.default\searchplugins\Babylon.xml
Datei Gefunden : C:\Users\OEM\AppData\Roaming\Mozilla\Firefox\Profiles\nc1wdhkw.default\user.js
Datei Gefunden : C:\Windows\System32\GFilterSvc.exe
Datei Gefunden : C:\Windows\System32\roboot64.exe
Datei Gefunden : C:\Windows\System32\Tasks\Browser Updater
Datei Gefunden : C:\Windows\System32\Tasks\fsupdate
Ordner Gefunden : C:\Program Files (x86)\HomeTab
Ordner Gefunden : C:\Program Files (x86)\jZip
Ordner Gefunden : C:\Program Files (x86)\MSR
Ordner Gefunden : C:\Program Files\HomeTab
Ordner Gefunden : C:\ProgramData\WindowsProtectManger
Ordner Gefunden : C:\Users\Gast\AppData\Local\Chromatic Browser
Ordner Gefunden : C:\Users\Gast\AppData\Local\torch
Ordner Gefunden : C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser
Ordner Gefunden : C:\Users\HomeGroupUser$\AppData\Local\torch
Ordner Gefunden : C:\Users\OEM\AppData\Local\apn
Ordner Gefunden : C:\Users\OEM\AppData\Local\Babylon
Ordner Gefunden : C:\Users\OEM\AppData\Local\Chromatic Browser
Ordner Gefunden : C:\Users\OEM\AppData\Local\Genesis
Ordner Gefunden : C:\Users\OEM\AppData\Local\jZip
Ordner Gefunden : C:\Users\OEM\AppData\Local\Temp\jZip
Ordner Gefunden : C:\Users\OEM\AppData\Local\torch
Ordner Gefunden : C:\Users\OEM\AppData\Roaming\Mozilla\Firefox\Profiles\nc1wdhkw.default\Extensions\59def0ae-3df8-4e87-8551-8d6b609a202a@97824100-f5d8-46fa-8c09-0b959f58c578.com
Ordner Gefunden : C:\Users\OEM\AppData\Roaming\Mozilla\Firefox\Profiles\nc1wdhkw.default\jziptoolbargaw
Ordner Gefunden : C:\Users\OEM\AppData\Roaming\SupTab
Ordner Gefunden : C:\Users\OEM\Documents\PC Speed Maximizer

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Daten Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SupTab\SEARCH~2.DLL
Schlüssel Gefunden : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gefunden : HKCU\Software\genesis
Schlüssel Gefunden : HKCU\Software\jZip
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2102}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{206a7328-437f-4bd9-b53e-12bfee24d588}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\jZip
Schlüssel Gefunden : HKCU\Software\Nosibay
Schlüssel Gefunden : [x64] HKCU\Software\genesis
Schlüssel Gefunden : [x64] HKCU\Software\jZip
Schlüssel Gefunden : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2102}
Schlüssel Gefunden : [x64] HKCU\Software\Nosibay
Schlüssel Gefunden : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Schlüssel Gefunden : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{3FC27B34-0C19-49DA-875E-1875DDD4A6B2}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{8DA8B89E-0C65-403B-8231-AB22ECFA0687}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{A928E66C-F501-4E66-9953-855C712F93B2}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{B0E28FA0-DF07-44B6-95CE-48BE26DB9266}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{E6B4EE8F-C38E-4994-BE28-229A3F92262C}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{FCA8936E-403A-4487-A966-70F80F1D5A6A}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\jZip.file
Schlüssel Gefunden : HKLM\Software\jZip
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3614D305-2DBB-4991-9297-750DD60FFC73}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7ABE12CA-E995-4AB4-9A4E-EF8820A20182}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CFD485F0-96BD-47CD-BB6D-CD7DDA95F102}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\avg-secure-search-installer_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\avg-secure-search-installer_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\BabMaint_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\BabMaint_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\Bubble Dock BSetup_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\Bubble Dock BSetup_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\Bubble Dock Update_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\Bubble Dock Update_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\Bubble Dock_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\Bubble Dock_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\Genesis_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\Genesis_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\jZip_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\jZip_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\Lollipop_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\Lollipop_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\MyDeltaTB_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\MyDeltaTB_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\Uninstall Bubble Dock_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\Uninstall Bubble Dock_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\AppPath\jZip.exe
Schlüssel Gefunden : HKLM\Software\SearchquSRTB
Schlüssel Gefunden : HKLM\Software\SupDp
Schlüssel Gefunden : HKLM\Software\SupTab
Schlüssel Gefunden : HKLM\Software\Uniblue
Schlüssel Gefunden : HKLM\Software\Uniblue\DriverScanner
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{8DA8B89E-0C65-403B-8231-AB22ECFA0687}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{A928E66C-F501-4E66-9953-855C712F93B2}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{B0E28FA0-DF07-44B6-95CE-48BE26DB9266}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{E6B4EE8F-C38E-4994-BE28-229A3F92262C}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{FCA8936E-403A-4487-A966-70F80F1D5A6A}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\DataMngr
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\DivX\Install\Setup\WizardLayout\ConduitToolbar
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CFD485F0-96BD-47CD-BB6D-CD7DDA95F102}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2102}

***** [ Browser ] *****

-\\ Internet Explorer v9.0.8112.16555

Einstellung Gefunden : HKCU\Software\Microsoft\Internet Explorer\Main [Start Default_Page_URL] - hxxp://search.certified-toolbar.com?si=77302&st=home&tid=18197&ver=5.7&ts=1402827585133&tguid=77302-18197-1402827585133-C0740B6A97725EC3F9B00ACF5C80A9DA
Einstellung Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Default_Page_URL] - hxxp://search.certified-toolbar.com?si=77302&st=home&tid=18197&ver=5.7&ts=1402827585133&tguid=77302-18197-1402827585133-C0740B6A97725EC3F9B00ACF5C80A9DA
Einstellung Gefunden : HKCU\Software\Microsoft\Internet Explorer\Search [Start Page] - hxxp://search.certified-toolbar.com?si=77302&st=home&tid=18197&ver=5.7&ts=1402827585133&tguid=77302-18197-1402827585133-C0740B6A97725EC3F9B00ACF5C80A9DA
Einstellung Gefunden : HKCU\Software\Microsoft\Internet Explorer\Search [Start Default_Page_URL] - hxxp://search.certified-toolbar.com?si=77302&st=home&tid=18197&ver=5.7&ts=1402827585133&tguid=77302-18197-1402827585133-C0740B6A97725EC3F9B00ACF5C80A9DA
Einstellung Gefunden : HKCU\Software\Microsoft\Internet Explorer\Search [Search Page] - hxxp://search.certified-toolbar.com?si=77302&tid=18197&ver=5.7&ts=1402827585133&tguid=77302-18197-1402827585133-C0740B6A97725EC3F9B00ACF5C80A9DA&st=chrome&q=
Einstellung Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Start Page] - hxxp://search.certified-toolbar.com?si=77302&st=home&tid=18197&ver=5.7&ts=1402827585133&tguid=77302-18197-1402827585133-C0740B6A97725EC3F9B00ACF5C80A9DA
Einstellung Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Start Default_Page_URL] - hxxp://search.certified-toolbar.com?si=77302&st=home&tid=18197&ver=5.7&ts=1402827585133&tguid=77302-18197-1402827585133-C0740B6A97725EC3F9B00ACF5C80A9DA
Einstellung Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Search Page] - hxxp://search.certified-toolbar.com?si=77302&tid=18197&ver=5.7&ts=1402827585133&tguid=77302-18197-1402827585133-C0740B6A97725EC3F9B00ACF5C80A9DA&st=chrome&q=
Einstellung Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [(Default)] - hxxp://search.certified-toolbar.com?si=77302&st=bs&tid=18197&ver=5.7&ts=1402827585133&tguid=77302-18197-1402827585133-C0740B6A97725EC3F9B00ACF5C80A9DA&q=%s
Einstellung Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://istart.webssearches.com/web/?type=ds&ts=1402826195&from=amt&uid=WDCXWD5000AAKX-001CA0_WD-WCAYUD40907109071&q={searchTerms}
Einstellung Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://istart.webssearches.com/?type=hp&ts=1402826195&from=amt&uid=WDCXWD5000AAKX-001CA0_WD-WCAYUD40907109071
Einstellung Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxp://istart.webssearches.com/?type=hp&ts=1402826195&from=amt&uid=WDCXWD5000AAKX-001CA0_WD-WCAYUD40907109071
Einstellung Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] - hxxp://istart.webssearches.com/web/?type=ds&ts=1402826195&from=amt&uid=WDCXWD5000AAKX-001CA0_WD-WCAYUD40907109071&q={searchTerms}

-\\ Mozilla Firefox v

[ Datei : C:\Users\OEM\AppData\Roaming\Mozilla\Firefox\Profiles\nc1wdhkw.default\prefs.js ]

Zeile gefunden : user_pref("browser.search.defaultengine", "Ask.com");
Zeile gefunden : user_pref("extensions.asktb.ff-original-keyword-url", "");

-\\ Google Chrome v

[ Datei : C:\Users\OEM\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [17161 octets] - [17/06/2014 16:50:51]
AdwCleaner[R1].txt - [11504 octets] - [17/06/2014 16:58:23]
AdwCleaner[S0].txt - [315 octets] - [17/06/2014 16:52:03]

########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [11624 octets] ##########

--- --- ---

AdwCleaner Logfile:

Code:

ATTFilter

# AdwCleaner v3.212 - Bericht erstellt am 17/06/2014 um 16:59:30
# Aktualisiert 05/06/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : OEM - OEM-PC
# Gestartet von : C:\Users\OEM\Downloads\adwcleaner_3.212.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\WindowsProtectManger
Ordner Gelöscht : C:\Program Files (x86)\HomeTab
Ordner Gelöscht : C:\Program Files (x86)\jZip
Ordner Gelöscht : C:\Program Files (x86)\MSR
Ordner Gelöscht : C:\Program Files\HomeTab
Ordner Gelöscht : C:\Users\Gast\AppData\Local\Chromatic Browser
Ordner Gelöscht : C:\Users\Gast\AppData\Local\torch
Ordner Gelöscht : C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser
Ordner Gelöscht : C:\Users\HomeGroupUser$\AppData\Local\torch
Ordner Gelöscht : C:\Users\OEM\AppData\Local\apn
Ordner Gelöscht : C:\Users\OEM\AppData\Local\Babylon
Ordner Gelöscht : C:\Users\OEM\AppData\Local\Chromatic Browser
Ordner Gelöscht : C:\Users\OEM\AppData\Local\Genesis
Ordner Gelöscht : C:\Users\OEM\AppData\Local\jZip
Ordner Gelöscht : C:\Users\OEM\AppData\Local\torch
Ordner Gelöscht : C:\Users\OEM\AppData\Local\Temp\jZip
Ordner Gelöscht : C:\Users\OEM\AppData\Roaming\SupTab
Ordner Gelöscht : C:\Users\OEM\Documents\PC Speed Maximizer
Ordner Gelöscht : C:\Users\OEM\AppData\Roaming\Mozilla\Firefox\Profiles\nc1wdhkw.default\jziptoolbargaw
Ordner Gelöscht : C:\Users\OEM\AppData\Roaming\Mozilla\Firefox\Profiles\nc1wdhkw.default\Extensions\59def0ae-3df8-4e87-8551-8d6b609a202a@97824100-f5d8-46fa-8c09-0b959f58c578.com
Datei Gelöscht : C:\Windows\System32\GFilterSvc.exe
Datei Gelöscht : C:\Windows\System32\roboot64.exe
Datei Gelöscht : C:\Users\OEM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\jZip.lnk
Datei Gelöscht : C:\Users\OEM\AppData\Roaming\Mozilla\Firefox\Profiles\nc1wdhkw.default\searchplugins\Babylon.xml
Datei Gelöscht : C:\Users\OEM\AppData\Roaming\Mozilla\Firefox\Profiles\nc1wdhkw.default\user.js
Datei Gelöscht : C:\Windows\System32\Tasks\Browser Updater
Datei Gelöscht : C:\Windows\System32\Tasks\fsupdate

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\jZip.file
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\avg-secure-search-installer_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\avg-secure-search-installer_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\BabMaint_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\BabMaint_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Bubble Dock BSetup_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Bubble Dock BSetup_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Bubble Dock Update_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Bubble Dock Update_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Bubble Dock_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Bubble Dock_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Genesis_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Genesis_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\jZip_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\jZip_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Lollipop_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Lollipop_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyDeltaTB_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyDeltaTB_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Uninstall Bubble Dock_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Uninstall Bubble Dock_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\AppPath\jZip.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{3FC27B34-0C19-49DA-875E-1875DDD4A6B2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8DA8B89E-0C65-403B-8231-AB22ECFA0687}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A928E66C-F501-4E66-9953-855C712F93B2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B0E28FA0-DF07-44B6-95CE-48BE26DB9266}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E6B4EE8F-C38E-4994-BE28-229A3F92262C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FCA8936E-403A-4487-A966-70F80F1D5A6A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3614D305-2DBB-4991-9297-750DD60FFC73}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7ABE12CA-E995-4AB4-9A4E-EF8820A20182}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CFD485F0-96BD-47CD-BB6D-CD7DDA95F102}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2102}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{8DA8B89E-0C65-403B-8231-AB22ECFA0687}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A928E66C-F501-4E66-9953-855C712F93B2}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{B0E28FA0-DF07-44B6-95CE-48BE26DB9266}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E6B4EE8F-C38E-4994-BE28-229A3F92262C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{FCA8936E-403A-4487-A966-70F80F1D5A6A}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2102}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CFD485F0-96BD-47CD-BB6D-CD7DDA95F102}
Schlüssel Gelöscht : HKCU\Software\genesis
Schlüssel Gelöscht : HKCU\Software\jZip
Schlüssel Gelöscht : HKCU\Software\Nosibay
Schlüssel Gelöscht : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Schlüssel Gelöscht : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Schlüssel Gelöscht : HKLM\Software\jZip
Schlüssel Gelöscht : HKLM\Software\SearchquSRTB
Schlüssel Gelöscht : HKLM\Software\SupDp
Schlüssel Gelöscht : HKLM\Software\SupTab
Schlüssel Gelöscht : HKLM\Software\Uniblue
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{206a7328-437f-4bd9-b53e-12bfee24d588}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\jZip
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\DataMngr
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\DivX\Install\Setup\WizardLayout\ConduitToolbar
Daten Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SupTab\SEARCH~2.DLL

***** [ Browser ] *****

-\\ Internet Explorer v9.0.8112.16555

Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Start Default_Page_URL]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Default_Page_URL]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [Start Page]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [Start Default_Page_URL]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [Search Page]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Start Page]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Start Default_Page_URL]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Search Page]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [(Default)]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]

-\\ Mozilla Firefox v

[ Datei : C:\Users\OEM\AppData\Roaming\Mozilla\Firefox\Profiles\nc1wdhkw.default\prefs.js ]

Zeile gelöscht : user_pref("browser.search.defaultengine", "Ask.com");
Zeile gelöscht : user_pref("extensions.asktb.ff-original-keyword-url", "");

-\\ Google Chrome v

[ Datei : C:\Users\OEM\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [17161 octets] - [17/06/2014 16:50:51]
AdwCleaner[R1].txt - [11793 octets] - [17/06/2014 16:58:23]
AdwCleaner[S0].txt - [315 octets] - [17/06/2014 16:52:03]
AdwCleaner[S1].txt - [9535 octets] - [17/06/2014 16:59:30]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [9595 octets] ##########

--- --- ---

AdwCleaner Logfile:

Code:

ATTFilter

# AdwCleaner v3.214 - Bericht erstellt am 01/07/2014 um 09:36:03
# Aktualisiert 29/06/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : OEM - OEM-PC
# Gestartet von : C:\Users\OEM\Downloads\adwcleaner_3.214.exe
# Option : Suchen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Datei Gefunden : C:\Users\OEM\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\jZip.lnk
Datei Gefunden : C:\Users\OEM\AppData\Roaming\Mozilla\Firefox\Profiles\nc1wdhkw.default\user.js
Datei Gefunden : C:\Windows\System32\Tasks\Browser Updater
Ordner Gefunden : C:\ProgramData\Babylon
Ordner Gefunden : C:\Users\OEM\AppData\Local\Babylon
Ordner Gefunden : C:\Users\OEM\AppData\Local\pgcchelper
Ordner Gefunden : C:\Users\OEM\AppData\Roaming\Babylon

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\adawarebp
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Wert Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [pgcchelper]

***** [ Browser ] *****

-\\ Internet Explorer v9.0.8112.16555


-\\ Mozilla Firefox v

[ Datei : C:\Users\OEM\AppData\Roaming\Mozilla\Firefox\Profiles\nc1wdhkw.default\prefs.js ]


-\\ Google Chrome v35.0.1916.153

[ Datei : C:\Users\OEM\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [17161 octets] - [17/06/2014 16:50:51]
AdwCleaner[R1].txt - [11793 octets] - [17/06/2014 16:58:23]
AdwCleaner[R2].txt - [2336 octets] - [01/07/2014 09:36:03]
AdwCleaner[S0].txt - [315 octets] - [17/06/2014 16:52:03]
AdwCleaner[S1].txt - [9747 octets] - [17/06/2014 16:59:30]

########## EOF - C:\AdwCleaner\AdwCleaner[R2].txt - [2515 octets] ##########

--- --- ---

AdwCleaner Logfile:

Code:

ATTFilter

# AdwCleaner v3.214 - Bericht erstellt am 01/07/2014 um 09:43:29
# Aktualisiert 29/06/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : OEM - OEM-PC
# Gestartet von : C:\Users\OEM\Downloads\adwcleaner_3.214.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\Users\OEM\AppData\Local\Babylon
Ordner Gelöscht : C:\Users\OEM\AppData\Local\pgcchelper
Ordner Gelöscht : C:\Users\OEM\AppData\Roaming\Babylon
Datei Gelöscht : C:\Users\OEM\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\jZip.lnk
Datei Gelöscht : C:\Users\OEM\AppData\Roaming\Mozilla\Firefox\Profiles\nc1wdhkw.default\user.js
Datei Gelöscht : C:\Windows\System32\Tasks\Browser Updater

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Wert Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [pgcchelper]
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\adawarebp

***** [ Browser ] *****

-\\ Internet Explorer v9.0.8112.16555


-\\ Mozilla Firefox v

[ Datei : C:\Users\OEM\AppData\Roaming\Mozilla\Firefox\Profiles\nc1wdhkw.default\prefs.js ]


-\\ Google Chrome v35.0.1916.153

[ Datei : C:\Users\OEM\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [17161 octets] - [17/06/2014 16:50:51]
AdwCleaner[R1].txt - [11793 octets] - [17/06/2014 16:58:23]
AdwCleaner[R2].txt - [2603 octets] - [01/07/2014 09:36:03]
AdwCleaner[S0].txt - [315 octets] - [17/06/2014 16:52:03]
AdwCleaner[S1].txt - [9747 octets] - [17/06/2014 16:59:30]
AdwCleaner[S2].txt - [2516 octets] - [01/07/2014 09:43:29]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [2576 octets] ##########

--- --- ---

AdwCleaner Logfile:

Code:

ATTFilter

# AdwCleaner v3.214 - Bericht erstellt am 02/07/2014 um 10:39:56
# Aktualisiert 29/06/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : OEM - OEM-PC
# Gestartet von : C:\Users\OEM\Desktop\adwcleaner_3.214.exe
# Option : Suchen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Datei Gefunden : C:\Users\OEM\AppData\Roaming\Mozilla\Firefox\Profiles\nc1wdhkw.default\user.js
Datei Gefunden : C:\Windows\System32\Tasks\Browser Updater

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\adawarebp
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS

***** [ Browser ] *****

-\\ Internet Explorer v9.0.8112.16555


-\\ Mozilla Firefox v

[ Datei : C:\Users\OEM\AppData\Roaming\Mozilla\Firefox\Profiles\nc1wdhkw.default\prefs.js ]


-\\ Google Chrome v35.0.1916.153

[ Datei : C:\Users\OEM\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [17161 octets] - [17/06/2014 16:50:51]
AdwCleaner[R1].txt - [11793 octets] - [17/06/2014 16:58:23]
AdwCleaner[R2].txt - [2603 octets] - [01/07/2014 09:36:03]
AdwCleaner[R3].txt - [1253 octets] - [02/07/2014 10:39:56]
AdwCleaner[S0].txt - [315 octets] - [17/06/2014 16:52:03]
AdwCleaner[S1].txt - [9747 octets] - [17/06/2014 16:59:30]
AdwCleaner[S2].txt - [2664 octets] - [01/07/2014 09:43:29]

########## EOF - C:\AdwCleaner\AdwCleaner[R3].txt - [1492 octets] ##########

--- --- ---

AdwCleaner Logfile:

Code:

ATTFilter

# AdwCleaner v3.214 - Bericht erstellt am 02/07/2014 um 10:44:43
# Aktualisiert 29/06/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : OEM - OEM-PC
# Gestartet von : C:\Users\OEM\Desktop\adwcleaner_3.214.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Datei Gelöscht : C:\Users\OEM\AppData\Roaming\Mozilla\Firefox\Profiles\nc1wdhkw.default\user.js
Datei Gelöscht : C:\Windows\System32\Tasks\Browser Updater

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\adawarebp

***** [ Browser ] *****

-\\ Internet Explorer v9.0.8112.16555


-\\ Mozilla Firefox v

[ Datei : C:\Users\OEM\AppData\Roaming\Mozilla\Firefox\Profiles\nc1wdhkw.default\prefs.js ]


-\\ Google Chrome v35.0.1916.153

[ Datei : C:\Users\OEM\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [17161 octets] - [17/06/2014 16:50:51]
AdwCleaner[R1].txt - [11793 octets] - [17/06/2014 16:58:23]
AdwCleaner[R2].txt - [2603 octets] - [01/07/2014 09:36:03]
AdwCleaner[R3].txt - [1572 octets] - [02/07/2014 10:39:56]
AdwCleaner[S0].txt - [315 octets] - [17/06/2014 16:52:03]
AdwCleaner[S1].txt - [9747 octets] - [17/06/2014 16:59:30]
AdwCleaner[S2].txt - [2664 octets] - [01/07/2014 09:43:29]
AdwCleaner[S3].txt - [1493 octets] - [02/07/2014 10:44:43]

########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [1553 octets] ##########

--- --- ---

cosinus · 02.07.2014, 10:14

JRT - Junkware Removal Tool

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

Frisches Log mit FRST

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

ntichelper · 02.07.2014, 16:09

OK,
vielen Dank
hier die Log-Files

Code:

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by OEM on 02.07.2014 at 16:30:07,83
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\boost_interprocess"



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 02.07.2014 at 16:35:33,59
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-07-2014
Ran by OEM (administrator) on OEM-PC on 02-07-2014 17:03:14
Running from C:\Users\OEM\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 9
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(AMD) C:\Windows\System32\atieclxx.exe
() C:\Windows\System32\QUTIL64.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_WT50RP.EXE
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Skype Technologies S.A.) C:\C\Programme\Skype\Phone\Skype.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Desktop.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11057768 2010-07-06] (Realtek Semiconductor)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [FUFAXRCV] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe [502952 2012-07-09] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [FUFAXSTM] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe [863400 2012-07-09] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1058912 2012-04-02] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [220744 2011-12-16] (Geek Software GmbH)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-04-27] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [InboxMonitor] => "C:\Program Files (x86)\Nuance\PDF Professional 7\InboxMonitor.exe" /run
HKU\S-1-5-21-1422302985-1899904796-1242127876-1000\...\Run: [Skype] => C:\C\Programme\Skype\Phone\Skype.exe [21444224 2014-05-08] (Skype Technologies S.A.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\vpngui.exe.lnk
ShortcutTarget: vpngui.exe.lnk -> C:\Windows\Installer\{5FDC06BF-3D3D-4367-8FFB-4FAFCB61972D}\Icon09DB8A851.exe ()
Startup: C:\Users\OEM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.0.lnk
ShortcutTarget: OpenOffice.org 3.0.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

ProxyServer: http=127.0.0.1:8118;https=127.0.0.1:8118
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {6CC1B62A-6DFF-4198-B829-4F0C304A1671} URL = hxxp://www.google.de/search?q={searchTerms}&hl=de&gl=de&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
SearchScopes: HKCU - 8D9A5D0AC1F445F0B4735730804E35EE URL = hxxp://dts.search-results.com/sr?src=ieb&gct=ds&appid=110&systemid=102&apn_dtid=BND102&apn_ptnrs=AG7&o=APN10646&apn_uid=8204411260354610&q={searchTerms}
SearchScopes: HKCU - {6CC1B62A-6DFF-4198-B829-4F0C304A1671} URL = hxxp://www.google.de/search?q={searchTerms}&hl=de&gl=de&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
SearchScopes: HKCU - {BAF3C2BB-52DF-48D1-B496-CC19B2CCED73} URL = hxxp://www.google.de/search?q={searchTerms}
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: No Name - {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -  No File
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: No Name - {b31d1ab1-5453-4ed1-97e5-c377f9532024} -  No File
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - No Name - {b31d1ab1-5453-4ed1-97e5-c377f9532024} -  No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} -  No File
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{A55F4236-B909-4382-8495-41190DF1DF95}: [NameServer]8.8.8.8,8.8.4.4

FireFox:
========
FF ProfilePath: C:\Users\OEM\AppData\Roaming\Mozilla\Firefox\Profiles\nc1wdhkw.default
FF Homepage: user_pref("browser.startup.homepage", );
FF NetworkProxy: "type", 1
FF NetworkProxy: "http", "127.0.0.1");user_pref("network.proxy.http_port", 8118);user_pref("network.proxy.ssl", "127.0.0.1");user_pref("network.proxy.ssl_port", 8118
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @Skype Technologies S.A..com/Skype Web Plugin - C:\Program Files (x86)\SkypeWebPlugin\npSkypeWebPlugin64.dll (Skype)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @Skype Technologies S.A..com/Skype Web Plugin - C:\Program Files (x86)\SkypeWebPlugin\npSkypeWebPlugin.dll (Skype)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @TrendMicro.com/FFExtension - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension\components\npToolbarChrome.dll No File
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: geomind.it/DbMap3dFlyer - C:\Program Files (x86)\Abaco\DbMAP 3D Flyer Plugin\npGeoFlyerPlugin.dll (Geomind Srl)
FF user.js: detected! => C:\Users\OEM\AppData\Roaming\Mozilla\Firefox\Profiles\nc1wdhkw.default\user.js
FF HKLM-x32\...\Firefox\Extensions: [{821ACB10-2378-4F92-980F-CEAEB1CE2D5B}] - C:\Windows\Installer\{55745140-B8F5-4B64-B352-8AD1544B8FDC}\{821ACB10-2378-4F92-980F-CEAEB1CE2D5B}.xpi
FF Extension: Download Protect - C:\Windows\Installer\{55745140-B8F5-4B64-B352-8AD1544B8FDC}\{821ACB10-2378-4F92-980F-CEAEB1CE2D5B}.xpi [2014-07-02]

Chrome: 
=======
CHR HomePage: hxxp://start.hometab.com/?1=1__PARAM__
CHR DefaultSearchURL: hxxp://www.google.de/search?q={searchTerms}&hl=de&gl=de
CHR DefaultNewTabURL: hxxp://www.google.de/?hl=de&gl=de
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\OEM\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.4.600\_platform_specific\win_x86\widevinecdmadapter.dll ()
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\pdf.dll ()
CHR Plugin: (DbMap3dFlyer) - C:\Program Files (x86)\Abaco\DbMAP 3D Flyer Plugin\npGeoFlyerPlugin.dll (Geomind Srl)
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll No File
CHR Plugin: (DivX Plus Web Player) - C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
CHR Plugin: (Java Deployment Toolkit 7.0.550.14) - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Java(TM) Platform SE 7 U55) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
CHR Plugin: (Skype Web Plugin) - C:\Program Files (x86)\SkypeWebPlugin\npSkypeWebPlugin.dll (Skype)
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
CHR Plugin: (Windows Activation Technologies) - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
CHR Extension: (Download Protect) - C:\Users\OEM\AppData\Local\Google\Chrome\User Data\Default\Extensions\eaneilmmckmcpebnpbpccpbjjgiofplg [2014-07-01]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-04-11]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 autochkd; C:\Windows\system32\QUTIL64.exe [106496 2012-09-30] () [File not signed]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390720 2014-04-11] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1764992 2014-04-11] (Microsoft Corporation)
S2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [135824 2011-12-12] (Seiko Epson Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation)
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation)
S2 SkypeUpdate; C:\C\Programme\Skype\Updater\Updater.exe [172192 2013-10-23] (Skype Technologies)

==================== Drivers (Whitelisted) ====================

R3 CVPNDRVA; C:\Windows\system32\Drivers\CVPNDRVA.sys [306536 2011-03-04] ()
R3 MODEMCSA; C:\Windows\System32\drivers\MODEMCSA.sys [24064 2009-07-14] (Microsoft Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-16] ()
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()
U2 TMAgent; 

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-07-02 16:35 - 2014-07-02 16:35 - 00000693 _____ () C:\Users\OEM\Desktop\JRT.txt
2014-07-02 15:39 - 2014-07-02 15:38 - 01016261 _____ (Thisisu) C:\Users\OEM\Desktop\JRT.exe
2014-07-02 13:47 - 2014-07-02 13:47 - 00001209 _____ () C:\Users\OEM\Desktop\abcde.cer
2014-07-02 13:37 - 2014-07-02 13:37 - 00004585 _____ () C:\Users\OEM\Downloads\18583C190000000079E8 (6).pfx
2014-07-02 10:39 - 2014-07-01 09:32 - 01346519 _____ () C:\Users\OEM\Desktop\adwcleaner_3.214.exe
2014-07-02 09:52 - 2014-07-02 09:53 - 00037741 _____ () C:\Users\OEM\Desktop\Addition.txt
2014-07-02 09:49 - 2014-07-02 17:03 - 00016969 _____ () C:\Users\OEM\Desktop\FRST.txt
2014-07-02 09:48 - 2014-07-02 09:48 - 00000000 ____D () C:\Users\OEM\Desktop\FRST-OlderVersion
2014-07-02 09:47 - 2014-07-02 09:48 - 02083840 _____ (Farbar) C:\Users\OEM\Desktop\FRST64.exe
2014-07-01 21:13 - 2014-07-01 21:13 - 00004585 _____ () C:\Users\OEM\Downloads\18583C190000000079E8 (5).pfx
2014-07-01 20:26 - 2014-07-01 20:26 - 00004585 _____ () C:\Users\OEM\Downloads\18583C190000000079E8 (4).pfx
2014-07-01 20:25 - 2014-07-01 20:26 - 00004585 _____ () C:\Users\OEM\Downloads\18583C190000000079E8 (3).pfx
2014-07-01 20:12 - 2014-07-01 20:12 - 00004585 _____ () C:\Users\OEM\Downloads\18583C190000000079E8 (2).pfx
2014-07-01 20:12 - 2014-07-01 20:12 - 00004585 _____ () C:\Users\OEM\Downloads\18583C190000000079E8 (1).pfx
2014-07-01 17:38 - 2014-07-01 19:21 - 00000000 ____D () C:\Users\OEM\AppData\Local\Google
2014-07-01 12:01 - 2014-07-01 12:02 - 00275464 _____ () C:\Windows\Minidump\070114-17706-01.dmp
2014-07-01 12:01 - 2014-07-01 12:01 - 402891399 _____ () C:\Windows\MEMORY.DMP
2014-07-01 11:02 - 2014-07-01 11:02 - 00000000 _____ () C:\Users\OEM\defogger_reenable
2014-07-01 10:57 - 2014-07-01 10:57 - 00003832 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1404205045
2014-07-01 10:57 - 2014-07-01 10:57 - 00001133 _____ () C:\Users\Public\Desktop\Opera.lnk
2014-07-01 10:57 - 2014-07-01 10:57 - 00001133 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2014-07-01 10:57 - 2014-07-01 10:57 - 00000000 ____D () C:\Users\OEM\AppData\Roaming\Opera Software
2014-07-01 10:57 - 2014-07-01 10:57 - 00000000 ____D () C:\Users\OEM\AppData\Local\Opera Software
2014-07-01 10:57 - 2014-07-01 10:57 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-07-01 10:52 - 2014-07-01 10:54 - 27641968 _____ (Opera Software ASA) C:\Users\OEM\Downloads\Opera_22.0.1471.70_Setup.exe
2014-07-01 10:21 - 2014-07-01 10:21 - 00000000 ____D () C:\Users\OEM\AppData\Local\Google_old
2014-07-01 09:46 - 2014-07-02 10:46 - 00000614 _____ () C:\Windows\PFRO.log
2014-07-01 09:12 - 2014-07-02 15:39 - 00000000 ____D () C:\Users\OEM\Documents\2014_07_01_download_protect_removal
2014-07-01 09:03 - 2014-07-01 09:52 - 00000000 ____D () C:\Users\OEM\Downloads\FRST-OlderVersion
2014-07-01 09:03 - 2014-07-01 09:06 - 00052417 _____ () C:\Users\OEM\Downloads\FRST.txt
2014-06-30 12:10 - 2014-06-30 12:10 - 00057328 _____ () C:\Users\OEM\Downloads\201400249228-BZ.zip
2014-06-30 12:10 - 2014-06-30 12:10 - 00057328 _____ () C:\Users\OEM\Downloads\201400249228-BZ (1).zip
2014-06-30 07:39 - 2014-07-02 10:46 - 00000448 _____ () C:\Windows\setupact.log
2014-06-30 07:39 - 2014-06-30 07:39 - 00000000 _____ () C:\Windows\setuperr.log
2014-06-29 16:06 - 2014-06-29 16:06 - 04814144 _____ (Piriform Ltd) C:\Users\OEM\Downloads\ccsetup415pro.exe
2014-06-29 15:37 - 2014-06-29 15:37 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\OEM\Downloads\SpyHunter-Installer.exe
2014-06-26 16:59 - 2014-06-26 16:59 - 00000000 ____D () C:\Users\OEM\AppData\Roaming\LavasoftStatistics
2014-06-26 16:44 - 2014-06-26 16:44 - 00000000 ____D () C:\Program Files\Lavasoft
2014-06-26 16:42 - 2014-07-02 10:37 - 00000000 ____D () C:\Users\OEM\AppData\Roaming\Lavasoft
2014-06-26 16:40 - 2014-06-26 16:40 - 01707144 _____ () C:\Users\OEM\Downloads\Adaware112_Installer.exe
2014-06-26 16:40 - 2014-06-26 16:40 - 00000000 ____D () C:\ProgramData\Lavasoft
2014-06-26 15:49 - 2014-06-26 15:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-06-26 15:46 - 2014-07-02 16:51 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-26 15:46 - 2014-07-02 15:51 - 00001100 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-26 15:46 - 2014-06-26 15:49 - 00000000 ____D () C:\Program Files (x86)\Google
2014-06-26 15:46 - 2014-06-26 15:46 - 00004100 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-26 15:46 - 2014-06-26 15:46 - 00003848 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-26 15:45 - 2014-06-26 15:46 - 00895120 _____ (Google Inc.) C:\Users\OEM\Downloads\ChromeSetup.exe
2014-06-23 13:04 - 2014-06-23 13:04 - 00057308 _____ () C:\Users\OEM\Downloads\201400235742-BZ.zip
2014-06-22 18:28 - 2014-06-22 18:33 - 15089688 _____ (Ross-Tech, LLC) C:\Users\OEM\Downloads\VCDS-Release-12.12.0-Installer.exe
2014-06-21 08:03 - 2014-06-21 08:03 - 00057349 _____ () C:\Users\OEM\Downloads\201400230848-BZ.zip
2014-06-20 13:35 - 2014-06-20 13:35 - 00057322 _____ () C:\Users\OEM\Downloads\201400222941-BZ (3).zip
2014-06-20 13:33 - 2014-06-20 13:33 - 00057322 _____ () C:\Users\OEM\Downloads\201400222941-BZ (2).zip
2014-06-20 13:32 - 2014-06-20 13:32 - 00057322 _____ () C:\Users\OEM\Downloads\201400222941-BZ (1).zip
2014-06-20 13:03 - 2014-06-20 13:03 - 00001178 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2014-06-20 13:03 - 2014-06-20 13:03 - 00001166 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk
2014-06-20 13:03 - 2014-06-20 13:03 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2014-06-18 22:27 - 2014-06-18 22:27 - 00065342 _____ () C:\Users\OEM\Downloads\Shortcut.txt
2014-06-18 21:57 - 2014-06-18 21:58 - 04748896 _____ (Piriform Ltd) C:\Users\OEM\Downloads\ccsetup414 (3).exe
2014-06-18 21:56 - 2014-06-18 21:57 - 04748896 _____ (Piriform Ltd) C:\Users\OEM\Downloads\ccsetup414 (2).exe
2014-06-18 19:39 - 2014-06-18 19:39 - 00001200 _____ () C:\Windows\system32\cc_20140618_193916.reg
2014-06-18 19:38 - 2014-06-18 19:38 - 00031986 _____ () C:\Windows\system32\cc_20140618_193854.reg
2014-06-18 12:39 - 2014-06-18 12:40 - 00854367 _____ () C:\Users\OEM\Downloads\SecurityCheck (1).exe
2014-06-18 12:38 - 2014-06-18 12:39 - 00854367 _____ () C:\Users\OEM\Downloads\SecurityCheck.exe
2014-06-18 12:33 - 2014-06-18 22:27 - 00024710 _____ () C:\Users\OEM\Downloads\Addition.txt
2014-06-18 12:30 - 2014-07-02 17:03 - 00000000 ____D () C:\FRST
2014-06-18 12:28 - 2014-07-01 09:03 - 02083328 _____ (Farbar) C:\Users\OEM\Downloads\FRST64.exe
2014-06-17 16:51 - 2014-06-17 16:51 - 00000000 ____D () C:\Windows\ERUNT
2014-06-17 16:51 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-06-17 16:50 - 2014-07-02 10:44 - 00000000 ____D () C:\AdwCleaner
2014-06-17 16:50 - 2014-06-17 16:50 - 01016261 _____ (Thisisu) C:\Users\OEM\Downloads\JRT_6.1.4.exe
2014-06-17 16:49 - 2014-06-17 16:50 - 01333465 _____ () C:\Users\OEM\Downloads\adwcleaner_3.212.exe
2014-06-17 12:39 - 2014-06-29 13:07 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-17 12:38 - 2014-06-17 12:38 - 00001106 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-06-17 12:38 - 2014-06-17 12:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-06-17 12:38 - 2014-06-17 12:38 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-06-17 12:38 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-06-17 12:38 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-06-17 12:34 - 2014-06-17 12:34 - 02347384 _____ (ESET) C:\Users\OEM\Downloads\esetsmartinstaller_deu.exe
2014-06-17 12:32 - 2014-06-17 12:33 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\OEM\Downloads\mbam-setup-2.0.2.1012 (1).exe
2014-06-17 11:46 - 2014-06-17 11:46 - 00057322 _____ () C:\Users\OEM\Downloads\201400222941-BZ.zip
2014-06-16 21:50 - 2014-06-16 21:50 - 01078591 _____ () C:\Users\OEM\Downloads\Unlocker1.9.2 (1).exe
2014-06-16 21:49 - 2014-06-18 14:33 - 00000000 ____D () C:\Program Files\Unlocker
2014-06-16 21:49 - 2014-06-16 21:49 - 00000000 ____D () C:\Users\OEM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
2014-06-16 21:48 - 2014-06-16 21:49 - 01078591 _____ () C:\Users\OEM\Downloads\Unlocker1.9.2.exe
2014-06-16 20:19 - 2014-06-16 20:20 - 04748896 _____ (Piriform Ltd) C:\Users\OEM\Downloads\ccsetup414 (1).exe
2014-06-16 20:18 - 2014-06-16 20:19 - 04748896 _____ (Piriform Ltd) C:\Users\OEM\Downloads\ccsetup414.exe
2014-06-16 16:24 - 2014-06-16 16:24 - 00057357 _____ () C:\Users\OEM\Downloads\201400220464-BZ.zip
2014-06-16 16:24 - 2014-06-16 16:24 - 00057357 _____ () C:\Users\OEM\Downloads\201400220464-BZ (1).zip
2014-06-15 13:51 - 2014-06-15 13:51 - 00325586 _____ () C:\Windows\system32\cc_20140615_135103.reg
2014-06-15 12:37 - 2014-06-15 13:46 - 00001914 _____ () C:\Windows\SysWOW64\${LOGFILE}
2014-06-15 12:28 - 2014-06-17 16:59 - 00000000 ____D () C:\Windows\System32\Tasks\Browser Updater
2014-06-15 12:22 - 2014-06-16 21:54 - 00000000 ____D () C:\Users\Administrator
2014-06-15 12:22 - 2014-06-15 13:16 - 00000000 ____D () C:\ProgramData\28e74f1e72de16b9
2014-06-15 12:22 - 2014-06-15 12:22 - 00000000 ____D () C:\Users\OEM\AppData\Local\Packages
2014-06-15 12:22 - 2014-06-15 12:22 - 00000000 ____D () C:\Users\OEM\AppData\Local\Comodo
2014-06-15 12:22 - 2014-06-15 12:22 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-06-15 12:22 - 2014-06-15 12:22 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-06-15 12:22 - 2014-06-15 12:22 - 00000000 ____D () C:\Users\HomeGroupUser$
2014-06-15 12:22 - 2014-06-15 12:22 - 00000000 ____D () C:\Users\Gast\AppData\Local\Google
2014-06-15 12:22 - 2014-06-15 12:22 - 00000000 ____D () C:\Users\Gast\AppData\Local\Comodo
2014-06-15 12:22 - 2014-06-15 12:22 - 00000000 ____D () C:\Users\Gast
2014-06-15 12:22 - 2014-06-15 12:22 - 00000000 _____ () C:\Windows\SysWOW64\Number of results
2014-06-15 12:19 - 2014-04-09 07:55 - 00034376 _____ () C:\Windows\Launcher.exe
2014-06-15 12:16 - 2014-06-15 12:16 - 00003158 _____ () C:\Windows\System32\Tasks\{15DD6F64-0DA6-4526-94EA-D06CF858DF2C}
2014-06-15 11:55 - 2014-06-15 11:55 - 00013048 _____ () C:\Users\OEM\AppData\Roaming\Bubble Dock.installation.log
2014-06-15 11:03 - 2014-06-15 11:03 - 00212992 _____ () C:\Users\OEM\Downloads\Autoveicoli_GA_OUT (2).xls
2014-06-15 11:03 - 2014-06-15 11:03 - 00212992 _____ () C:\Users\OEM\Downloads\Autoveicoli_GA_OUT (1).xls
2014-06-15 11:01 - 2014-06-15 11:01 - 00763904 _____ () C:\Users\OEM\Downloads\Fringe_benefit_2013.xls
2014-06-14 09:34 - 2014-06-14 09:34 - 00057346 _____ () C:\Users\OEM\Downloads\201400216562-BZ.zip
2014-06-12 21:30 - 2014-06-12 21:30 - 00195005 _____ () C:\Users\OEM\Downloads\Newsletter n.20 del 12-06-2014.pdf.zip
2014-06-12 16:40 - 2014-06-08 11:13 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-12 16:40 - 2014-06-08 11:08 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-12 16:40 - 2014-05-28 20:53 - 17857536 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-12 16:40 - 2014-05-28 20:37 - 02338816 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-12 16:40 - 2014-05-28 20:35 - 10890240 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-12 16:40 - 2014-05-28 20:31 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-12 16:40 - 2014-05-28 20:31 - 01348608 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-12 16:40 - 2014-05-28 20:30 - 01494016 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-12 16:40 - 2014-05-28 20:30 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-06-12 16:40 - 2014-05-28 20:29 - 02148352 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-12 16:40 - 2014-05-28 20:29 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-06-12 16:40 - 2014-05-28 20:29 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-12 16:40 - 2014-05-28 20:29 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-12 16:40 - 2014-05-28 20:29 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-12 16:40 - 2014-05-28 20:29 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-12 16:40 - 2014-05-28 20:28 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-12 16:40 - 2014-05-28 20:28 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-12 16:40 - 2014-05-28 20:28 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-12 16:40 - 2014-05-28 20:28 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-12 16:40 - 2014-05-28 20:28 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-06-12 16:40 - 2014-05-28 20:28 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-06-12 16:40 - 2014-05-28 20:28 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-06-12 16:40 - 2014-05-28 20:27 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-12 16:40 - 2014-05-28 18:48 - 12356608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-12 16:40 - 2014-05-28 18:39 - 01810432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-12 16:40 - 2014-05-28 18:38 - 09711104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-12 16:40 - 2014-05-28 18:33 - 01106432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-12 16:40 - 2014-05-28 18:32 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-12 16:40 - 2014-05-28 18:32 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-12 16:40 - 2014-05-28 18:31 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-06-12 16:40 - 2014-05-28 18:31 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-12 16:40 - 2014-05-28 18:30 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-12 16:40 - 2014-05-28 18:30 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-06-12 16:40 - 2014-05-28 18:30 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-12 16:40 - 2014-05-28 18:30 - 00421376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-06-12 16:40 - 2014-05-28 18:30 - 00353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-12 16:40 - 2014-05-28 18:30 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-06-12 16:40 - 2014-05-28 18:30 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-06-12 16:40 - 2014-05-28 18:29 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-12 16:40 - 2014-05-28 18:29 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-12 16:40 - 2014-05-28 18:29 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-12 16:40 - 2014-05-28 18:29 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-06-12 16:40 - 2014-05-28 18:29 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-06-12 16:40 - 2014-05-28 18:28 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-06-12 16:40 - 2014-04-25 04:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-06-12 16:40 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-06-12 16:40 - 2014-04-05 04:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-12 16:40 - 2014-04-05 04:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-06-12 16:40 - 2014-03-26 16:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-06-12 16:40 - 2014-03-26 16:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-06-12 16:40 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-06-12 16:40 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-06-12 16:40 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-06-12 16:40 - 2014-03-26 16:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-06-12 16:40 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2014-06-12 16:40 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-06-11 08:50 - 2014-06-11 08:50 - 00057325 _____ () C:\Users\OEM\Downloads\201400211881-BZ.zip
2014-06-10 09:28 - 2014-06-10 09:28 - 00057323 _____ () C:\Users\OEM\Downloads\201400209914-BZ.zip
2014-06-10 09:28 - 2014-06-10 09:28 - 00057323 _____ () C:\Users\OEM\Downloads\201400209914-BZ (1).zip
2014-06-09 11:19 - 2014-06-09 11:19 - 00057348 _____ () C:\Users\OEM\Downloads\201400207640-BZ.zip
2014-06-08 11:12 - 2014-06-08 11:12 - 00057347 _____ () C:\Users\OEM\Downloads\201400205382-BZ (7).zip
2014-06-08 10:50 - 2014-06-08 10:50 - 00057347 _____ () C:\Users\OEM\Downloads\201400205382-BZ (6).zip
2014-06-08 08:54 - 2014-06-08 08:54 - 00057347 _____ () C:\Users\OEM\Downloads\201400205382-BZ (5).zip
2014-06-08 08:53 - 2014-06-08 08:53 - 00057347 _____ () C:\Users\OEM\Downloads\201400205382-BZ (4).zip
2014-06-08 08:52 - 2014-06-08 08:52 - 00057347 _____ () C:\Users\OEM\Downloads\201400205382-BZ (3).zip
2014-06-08 08:52 - 2014-06-08 08:52 - 00057347 _____ () C:\Users\OEM\Downloads\201400205382-BZ (2).zip
2014-06-08 08:52 - 2014-06-08 08:52 - 00057347 _____ () C:\Users\OEM\Downloads\201400205382-BZ (1).zip
2014-06-08 08:51 - 2014-06-08 08:52 - 00057347 _____ () C:\Users\OEM\Downloads\201400205382-BZ.zip
2014-06-03 19:06 - 2014-06-03 19:06 - 00000125 _____ () C:\Users\OEM\Downloads\unbenannt (5).txt

==================== One Month Modified Files and Folders =======

2014-07-02 17:03 - 2014-07-02 09:49 - 00016969 _____ () C:\Users\OEM\Desktop\FRST.txt
2014-07-02 17:03 - 2014-06-18 12:30 - 00000000 ____D () C:\FRST
2014-07-02 17:00 - 2011-08-22 20:31 - 00000000 ____D () C:\Users\OEM\AppData\Roaming\Skype
2014-07-02 16:51 - 2014-06-26 15:46 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-02 16:35 - 2014-07-02 16:35 - 00000693 _____ () C:\Users\OEM\Desktop\JRT.txt
2014-07-02 16:18 - 2012-04-13 15:44 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-02 15:51 - 2014-06-26 15:46 - 00001100 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-02 15:39 - 2014-07-01 09:12 - 00000000 ____D () C:\Users\OEM\Documents\2014_07_01_download_protect_removal
2014-07-02 15:38 - 2014-07-02 15:39 - 01016261 _____ (Thisisu) C:\Users\OEM\Desktop\JRT.exe
2014-07-02 15:34 - 2013-10-25 19:28 - 02035134 _____ () C:\Windows\WindowsUpdate.log
2014-07-02 15:33 - 2012-08-05 18:15 - 00000000 _____ () C:\Windows\system32\Drivers\lvuvc.hs
2014-07-02 13:47 - 2014-07-02 13:47 - 00001209 _____ () C:\Users\OEM\Desktop\abcde.cer
2014-07-02 13:37 - 2014-07-02 13:37 - 00004585 _____ () C:\Users\OEM\Downloads\18583C190000000079E8 (6).pfx
2014-07-02 10:54 - 2009-07-14 06:45 - 00015152 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-02 10:54 - 2009-07-14 06:45 - 00015152 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-02 10:46 - 2014-07-01 09:46 - 00000614 _____ () C:\Windows\PFRO.log
2014-07-02 10:46 - 2014-06-30 07:39 - 00000448 _____ () C:\Windows\setupact.log
2014-07-02 10:46 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-02 10:44 - 2014-06-17 16:50 - 00000000 ____D () C:\AdwCleaner
2014-07-02 10:37 - 2014-06-26 16:42 - 00000000 ____D () C:\Users\OEM\AppData\Roaming\Lavasoft
2014-07-02 09:53 - 2014-07-02 09:52 - 00037741 _____ () C:\Users\OEM\Desktop\Addition.txt
2014-07-02 09:48 - 2014-07-02 09:48 - 00000000 ____D () C:\Users\OEM\Desktop\FRST-OlderVersion
2014-07-02 09:48 - 2014-07-02 09:47 - 02083840 _____ (Farbar) C:\Users\OEM\Desktop\FRST64.exe
2014-07-02 09:46 - 2011-06-24 19:22 - 00003914 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{78DBB7A4-C6CC-4259-8C64-E43675B223EE}
2014-07-02 07:59 - 2011-04-07 09:44 - 00000000 ___RD () C:\Users\OEM\Documents\Anfrage
2014-07-02 07:26 - 2012-12-22 23:11 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-07-01 21:13 - 2014-07-01 21:13 - 00004585 _____ () C:\Users\OEM\Downloads\18583C190000000079E8 (5).pfx
2014-07-01 20:26 - 2014-07-01 20:26 - 00004585 _____ () C:\Users\OEM\Downloads\18583C190000000079E8 (4).pfx
2014-07-01 20:26 - 2014-07-01 20:25 - 00004585 _____ () C:\Users\OEM\Downloads\18583C190000000079E8 (3).pfx
2014-07-01 20:12 - 2014-07-01 20:12 - 00004585 _____ () C:\Users\OEM\Downloads\18583C190000000079E8 (2).pfx
2014-07-01 20:12 - 2014-07-01 20:12 - 00004585 _____ () C:\Users\OEM\Downloads\18583C190000000079E8 (1).pfx
2014-07-01 19:30 - 2011-04-07 09:38 - 00000000 ____D () C:\Users\OEM\Desktop\NeuhofWerbung
2014-07-01 19:27 - 2013-01-13 18:18 - 01170944 ___SH () C:\Users\OEM\Downloads\Thumbs.db
2014-07-01 19:27 - 2011-08-03 14:55 - 02096640 ___SH () C:\Users\OEM\Desktop\Thumbs.db
2014-07-01 19:21 - 2014-07-01 17:38 - 00000000 ____D () C:\Users\OEM\AppData\Local\Google
2014-07-01 12:02 - 2014-07-01 12:01 - 00275464 _____ () C:\Windows\Minidump\070114-17706-01.dmp
2014-07-01 12:01 - 2014-07-01 12:01 - 402891399 _____ () C:\Windows\MEMORY.DMP
2014-07-01 12:01 - 2012-11-15 23:36 - 00000000 ____D () C:\Windows\Minidump
2014-07-01 11:02 - 2014-07-01 11:02 - 00000000 _____ () C:\Users\OEM\defogger_reenable
2014-07-01 11:02 - 2011-02-28 18:16 - 00000000 ____D () C:\Users\OEM
2014-07-01 10:57 - 2014-07-01 10:57 - 00003832 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1404205045
2014-07-01 10:57 - 2014-07-01 10:57 - 00001133 _____ () C:\Users\Public\Desktop\Opera.lnk
2014-07-01 10:57 - 2014-07-01 10:57 - 00001133 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2014-07-01 10:57 - 2014-07-01 10:57 - 00000000 ____D () C:\Users\OEM\AppData\Roaming\Opera Software
2014-07-01 10:57 - 2014-07-01 10:57 - 00000000 ____D () C:\Users\OEM\AppData\Local\Opera Software
2014-07-01 10:57 - 2014-07-01 10:57 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-07-01 10:54 - 2014-07-01 10:52 - 27641968 _____ (Opera Software ASA) C:\Users\OEM\Downloads\Opera_22.0.1471.70_Setup.exe
2014-07-01 10:21 - 2014-07-01 10:21 - 00000000 ____D () C:\Users\OEM\AppData\Local\Google_old
2014-07-01 09:52 - 2014-07-01 09:03 - 00000000 ____D () C:\Users\OEM\Downloads\FRST-OlderVersion
2014-07-01 09:32 - 2014-07-02 10:39 - 01346519 _____ () C:\Users\OEM\Desktop\adwcleaner_3.214.exe
2014-07-01 09:23 - 2013-09-29 20:48 - 00000000 ____D () C:\ProgramData\DivX
2014-07-01 09:06 - 2014-07-01 09:03 - 00052417 _____ () C:\Users\OEM\Downloads\FRST.txt
2014-07-01 09:03 - 2014-06-18 12:28 - 02083328 _____ (Farbar) C:\Users\OEM\Downloads\FRST64.exe
2014-06-30 12:10 - 2014-06-30 12:10 - 00057328 _____ () C:\Users\OEM\Downloads\201400249228-BZ.zip
2014-06-30 12:10 - 2014-06-30 12:10 - 00057328 _____ () C:\Users\OEM\Downloads\201400249228-BZ (1).zip
2014-06-30 07:39 - 2014-06-30 07:39 - 00000000 _____ () C:\Windows\setuperr.log
2014-06-29 16:24 - 2012-09-27 22:45 - 00000000 ____D () C:\Windows\pss
2014-06-29 16:06 - 2014-06-29 16:06 - 04814144 _____ (Piriform Ltd) C:\Users\OEM\Downloads\ccsetup415pro.exe
2014-06-29 15:37 - 2014-06-29 15:37 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\OEM\Downloads\SpyHunter-Installer.exe
2014-06-29 13:07 - 2014-06-17 12:39 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-26 16:59 - 2014-06-26 16:59 - 00000000 ____D () C:\Users\OEM\AppData\Roaming\LavasoftStatistics
2014-06-26 16:44 - 2014-06-26 16:44 - 00000000 ____D () C:\Program Files\Lavasoft
2014-06-26 16:40 - 2014-06-26 16:40 - 01707144 _____ () C:\Users\OEM\Downloads\Adaware112_Installer.exe
2014-06-26 16:40 - 2014-06-26 16:40 - 00000000 ____D () C:\ProgramData\Lavasoft
2014-06-26 15:49 - 2014-06-26 15:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-06-26 15:49 - 2014-06-26 15:46 - 00000000 ____D () C:\Program Files (x86)\Google
2014-06-26 15:46 - 2014-06-26 15:46 - 00004100 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-26 15:46 - 2014-06-26 15:46 - 00003848 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-26 15:46 - 2014-06-26 15:45 - 00895120 _____ (Google Inc.) C:\Users\OEM\Downloads\ChromeSetup.exe
2014-06-23 13:04 - 2014-06-23 13:04 - 00057308 _____ () C:\Users\OEM\Downloads\201400235742-BZ.zip
2014-06-22 18:34 - 2009-07-14 19:58 - 00699432 _____ () C:\Windows\system32\perfh007.dat
2014-06-22 18:34 - 2009-07-14 19:58 - 00149572 _____ () C:\Windows\system32\perfc007.dat
2014-06-22 18:34 - 2009-07-14 07:13 - 01620684 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-22 18:33 - 2014-06-22 18:28 - 15089688 _____ (Ross-Tech, LLC) C:\Users\OEM\Downloads\VCDS-Release-12.12.0-Installer.exe
2014-06-21 08:03 - 2014-06-21 08:03 - 00057349 _____ () C:\Users\OEM\Downloads\201400230848-BZ.zip
2014-06-20 14:00 - 2011-02-28 18:35 - 00097432 _____ () C:\Users\OEM\AppData\Local\GDIPFONTCACHEV1.DAT
2014-06-20 13:59 - 2009-07-14 06:45 - 00407824 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-06-20 13:35 - 2014-06-20 13:35 - 00057322 _____ () C:\Users\OEM\Downloads\201400222941-BZ (3).zip
2014-06-20 13:33 - 2014-06-20 13:33 - 00057322 _____ () C:\Users\OEM\Downloads\201400222941-BZ (2).zip
2014-06-20 13:32 - 2014-06-20 13:32 - 00057322 _____ () C:\Users\OEM\Downloads\201400222941-BZ (1).zip
2014-06-20 13:29 - 2013-10-31 15:16 - 00000000 ____D () C:\Users\OEM\AppData\Roaming\TeamViewer
2014-06-20 13:03 - 2014-06-20 13:03 - 00001178 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2014-06-20 13:03 - 2014-06-20 13:03 - 00001166 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk
2014-06-20 13:03 - 2014-06-20 13:03 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2014-06-19 16:16 - 2014-03-23 20:46 - 00000000 ____D () C:\Users\OEM\Desktop\Staudacher
2014-06-18 22:27 - 2014-06-18 22:27 - 00065342 _____ () C:\Users\OEM\Downloads\Shortcut.txt
2014-06-18 22:27 - 2014-06-18 12:33 - 00024710 _____ () C:\Users\OEM\Downloads\Addition.txt
2014-06-18 21:58 - 2014-06-18 21:57 - 04748896 _____ (Piriform Ltd) C:\Users\OEM\Downloads\ccsetup414 (3).exe
2014-06-18 21:57 - 2014-06-18 21:56 - 04748896 _____ (Piriform Ltd) C:\Users\OEM\Downloads\ccsetup414 (2).exe
2014-06-18 19:39 - 2014-06-18 19:39 - 00001200 _____ () C:\Windows\system32\cc_20140618_193916.reg
2014-06-18 19:38 - 2014-06-18 19:38 - 00031986 _____ () C:\Windows\system32\cc_20140618_193854.reg
2014-06-18 14:33 - 2014-06-16 21:49 - 00000000 ____D () C:\Program Files\Unlocker
2014-06-18 13:03 - 2009-07-14 05:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-06-18 12:40 - 2014-06-18 12:39 - 00854367 _____ () C:\Users\OEM\Downloads\SecurityCheck (1).exe
2014-06-18 12:39 - 2014-06-18 12:38 - 00854367 _____ () C:\Users\OEM\Downloads\SecurityCheck.exe
2014-06-17 16:59 - 2014-06-15 12:28 - 00000000 ____D () C:\Windows\System32\Tasks\Browser Updater
2014-06-17 16:51 - 2014-06-17 16:51 - 00000000 ____D () C:\Windows\ERUNT
2014-06-17 16:50 - 2014-06-17 16:50 - 01016261 _____ (Thisisu) C:\Users\OEM\Downloads\JRT_6.1.4.exe
2014-06-17 16:50 - 2014-06-17 16:49 - 01333465 _____ () C:\Users\OEM\Downloads\adwcleaner_3.212.exe
2014-06-17 12:38 - 2014-06-17 12:38 - 00001106 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-06-17 12:38 - 2014-06-17 12:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-06-17 12:38 - 2014-06-17 12:38 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-06-17 12:38 - 2013-10-28 19:44 - 00000000 ____D () C:\Users\OEM\AppData\Roaming\Malwarebytes
2014-06-17 12:38 - 2013-10-28 19:44 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-17 12:34 - 2014-06-17 12:34 - 02347384 _____ (ESET) C:\Users\OEM\Downloads\esetsmartinstaller_deu.exe
2014-06-17 12:33 - 2014-06-17 12:32 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\OEM\Downloads\mbam-setup-2.0.2.1012 (1).exe
2014-06-17 11:46 - 2014-06-17 11:46 - 00057322 _____ () C:\Users\OEM\Downloads\201400222941-BZ.zip
2014-06-16 21:54 - 2014-06-15 12:22 - 00000000 ____D () C:\Users\Administrator
2014-06-16 21:50 - 2014-06-16 21:50 - 01078591 _____ () C:\Users\OEM\Downloads\Unlocker1.9.2 (1).exe
2014-06-16 21:49 - 2014-06-16 21:49 - 00000000 ____D () C:\Users\OEM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
2014-06-16 21:49 - 2014-06-16 21:48 - 01078591 _____ () C:\Users\OEM\Downloads\Unlocker1.9.2.exe
2014-06-16 20:20 - 2014-06-16 20:19 - 04748896 _____ (Piriform Ltd) C:\Users\OEM\Downloads\ccsetup414 (1).exe
2014-06-16 20:19 - 2014-06-16 20:18 - 04748896 _____ (Piriform Ltd) C:\Users\OEM\Downloads\ccsetup414.exe
2014-06-16 16:24 - 2014-06-16 16:24 - 00057357 _____ () C:\Users\OEM\Downloads\201400220464-BZ.zip
2014-06-16 16:24 - 2014-06-16 16:24 - 00057357 _____ () C:\Users\OEM\Downloads\201400220464-BZ (1).zip
2014-06-15 14:48 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-06-15 13:56 - 2014-01-03 22:18 - 00001409 _____ () C:\Users\OEM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2014-06-15 13:51 - 2014-06-15 13:51 - 00325586 _____ () C:\Windows\system32\cc_20140615_135103.reg
2014-06-15 13:47 - 2011-02-28 18:10 - 00000000 ____D () C:\Windows\Panther
2014-06-15 13:46 - 2014-06-15 12:37 - 00001914 _____ () C:\Windows\SysWOW64\${LOGFILE}
2014-06-15 13:16 - 2014-06-15 12:22 - 00000000 ____D () C:\ProgramData\28e74f1e72de16b9
2014-06-15 12:22 - 2014-06-15 12:22 - 00000000 ____D () C:\Users\OEM\AppData\Local\Packages
2014-06-15 12:22 - 2014-06-15 12:22 - 00000000 ____D () C:\Users\OEM\AppData\Local\Comodo
2014-06-15 12:22 - 2014-06-15 12:22 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-06-15 12:22 - 2014-06-15 12:22 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-06-15 12:22 - 2014-06-15 12:22 - 00000000 ____D () C:\Users\HomeGroupUser$
2014-06-15 12:22 - 2014-06-15 12:22 - 00000000 ____D () C:\Users\Gast\AppData\Local\Google
2014-06-15 12:22 - 2014-06-15 12:22 - 00000000 ____D () C:\Users\Gast\AppData\Local\Comodo
2014-06-15 12:22 - 2014-06-15 12:22 - 00000000 ____D () C:\Users\Gast
2014-06-15 12:22 - 2014-06-15 12:22 - 00000000 _____ () C:\Windows\SysWOW64\Number of results
2014-06-15 12:22 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-06-15 12:16 - 2014-06-15 12:16 - 00003158 _____ () C:\Windows\System32\Tasks\{15DD6F64-0DA6-4526-94EA-D06CF858DF2C}
2014-06-15 11:55 - 2014-06-15 11:55 - 00013048 _____ () C:\Users\OEM\AppData\Roaming\Bubble Dock.installation.log
2014-06-15 11:03 - 2014-06-15 11:03 - 00212992 _____ () C:\Users\OEM\Downloads\Autoveicoli_GA_OUT (2).xls
2014-06-15 11:03 - 2014-06-15 11:03 - 00212992 _____ () C:\Users\OEM\Downloads\Autoveicoli_GA_OUT (1).xls
2014-06-15 11:01 - 2014-06-15 11:01 - 00763904 _____ () C:\Users\OEM\Downloads\Fringe_benefit_2013.xls
2014-06-15 08:28 - 2009-07-14 07:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-06-14 09:34 - 2014-06-14 09:34 - 00057346 _____ () C:\Users\OEM\Downloads\201400216562-BZ.zip
2014-06-13 07:40 - 2014-05-06 22:33 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-06-12 23:26 - 2013-08-15 11:41 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-12 23:24 - 2011-04-06 18:56 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-06-12 21:30 - 2014-06-12 21:30 - 00195005 _____ () C:\Users\OEM\Downloads\Newsletter n.20 del 12-06-2014.pdf.zip
2014-06-12 14:26 - 2011-02-28 18:16 - 00000000 ____D () C:\Users\OEM\AppData\Local\VirtualStore
2014-06-12 14:25 - 2013-08-26 19:18 - 00001829 _____ () C:\Users\OEM\Sti_Trace.log
2014-06-11 08:50 - 2014-06-11 08:50 - 00057325 _____ () C:\Users\OEM\Downloads\201400211881-BZ.zip
2014-06-10 09:28 - 2014-06-10 09:28 - 00057323 _____ () C:\Users\OEM\Downloads\201400209914-BZ.zip
2014-06-10 09:28 - 2014-06-10 09:28 - 00057323 _____ () C:\Users\OEM\Downloads\201400209914-BZ (1).zip
2014-06-09 14:18 - 2012-01-11 19:47 - 00000000 ___RD () C:\Users\OEM\Desktop\Alpenstadt
2014-06-09 11:19 - 2014-06-09 11:19 - 00057348 _____ () C:\Users\OEM\Downloads\201400207640-BZ.zip
2014-06-08 11:13 - 2014-06-12 16:40 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-08 11:12 - 2014-06-08 11:12 - 00057347 _____ () C:\Users\OEM\Downloads\201400205382-BZ (7).zip
2014-06-08 11:08 - 2014-06-12 16:40 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-08 10:50 - 2014-06-08 10:50 - 00057347 _____ () C:\Users\OEM\Downloads\201400205382-BZ (6).zip
2014-06-08 08:54 - 2014-06-08 08:54 - 00057347 _____ () C:\Users\OEM\Downloads\201400205382-BZ (5).zip
2014-06-08 08:53 - 2014-06-08 08:53 - 00057347 _____ () C:\Users\OEM\Downloads\201400205382-BZ (4).zip
2014-06-08 08:52 - 2014-06-08 08:52 - 00057347 _____ () C:\Users\OEM\Downloads\201400205382-BZ (3).zip
2014-06-08 08:52 - 2014-06-08 08:52 - 00057347 _____ () C:\Users\OEM\Downloads\201400205382-BZ (2).zip
2014-06-08 08:52 - 2014-06-08 08:52 - 00057347 _____ () C:\Users\OEM\Downloads\201400205382-BZ (1).zip
2014-06-08 08:52 - 2014-06-08 08:51 - 00057347 _____ () C:\Users\OEM\Downloads\201400205382-BZ.zip
2014-06-03 19:06 - 2014-06-03 19:06 - 00000125 _____ () C:\Users\OEM\Downloads\unbenannt (5).txt
2014-06-03 07:21 - 2012-01-22 14:32 - 00000000 ____D () C:\ProgramData\Skype
2014-06-02 11:05 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache

Some content of TEMP:
====================
C:\Users\OEM\AppData\Local\Temp\Quarantine.exe
C:\Users\OEM\AppData\Local\Temp\RSPUpgradeInstaller.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-06-30 19:39

==================== End Of Log ============================

--- --- ---

--- --- ---

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-07-2014
Ran by OEM at 2014-07-02 17:04:08
Running from C:\Users\OEM\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Microsoft Security Essentials (Disabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Disabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

==================== Installed Programs ======================

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.7.1.19610 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 2.7.1.19610 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Reader X (10.1.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.10 - Adobe Systems Incorporated)
AllDup 3.4.18 (HKLM-x32\...\AllDup_is1) (Version: 3.4.18 - Michael Thummerer Software Design)
Any Video Converter 5 5.0.3 (HKLM-x32\...\Any Video Converter 5_is1) (Version:  - Any-Video-Converter.com)
ATI Catalyst Install Manager (HKLM\...\{CA8DDA79-7051-D445-E00B-67B8A373CF07}) (Version: 3.0.812.0 - ATI Technologies, Inc.)
AviSynth 2.5 (HKLM-x32\...\AviSynth) (Version:  - )
AvsP (HKLM-x32\...\AvsP_is1) (Version:  - )
Bing Bar (HKLM-x32\...\{3365E735-48A6-4194-9988-CE59AC5AE503}) (Version: 7.3.132.0 - Microsoft Corporation)
Catalyst Control Center Core Implementation (x32 Version: 2010.0210.2206.39615 - ATI) Hidden
Catalyst Control Center Graphics Full Existing (x32 Version: 2010.0210.2206.39615 - ATI) Hidden
Catalyst Control Center Graphics Full New (x32 Version: 2010.0210.2206.39615 - ATI) Hidden
Catalyst Control Center Graphics Light (x32 Version: 2010.0210.2206.39615 - ATI) Hidden
Catalyst Control Center Graphics Previews Vista (x32 Version: 2010.0210.2206.39615 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2011.0126.1749.31909 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2010.0210.2206.39615 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2010.0210.2205.39615 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2010.0210.2205.39615 - ATI) Hidden
CCC Help Dutch (x32 Version: 2010.0210.2205.39615 - ATI) Hidden
CCC Help English (x32 Version: 2010.0210.2205.39615 - ATI) Hidden
CCC Help Finnish (x32 Version: 2010.0210.2205.39615 - ATI) Hidden
CCC Help French (x32 Version: 2010.0210.2205.39615 - ATI) Hidden
CCC Help Greek (x32 Version: 2010.0210.2205.39615 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2010.0210.2205.39615 - ATI) Hidden
CCC Help Italian (x32 Version: 2010.0210.2205.39615 - ATI) Hidden
CCC Help Japanese (x32 Version: 2010.0210.2205.39615 - ATI) Hidden
CCC Help Korean (x32 Version: 2010.0210.2205.39615 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2010.0210.2205.39615 - ATI) Hidden
CCC Help Polish (x32 Version: 2010.0210.2205.39615 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2010.0210.2205.39615 - ATI) Hidden
CCC Help Russian (x32 Version: 2010.0210.2205.39615 - ATI) Hidden
CCC Help Spanish (x32 Version: 2010.0210.2205.39615 - ATI) Hidden
CCC Help Swedish (x32 Version: 2010.0210.2205.39615 - ATI) Hidden
CCC Help Thai (x32 Version: 2010.0210.2205.39615 - ATI) Hidden
CCC Help Turkish (x32 Version: 2010.0210.2205.39615 - ATI) Hidden
ccc-utility64 (Version: 2010.0210.2206.39615 - ATI) Hidden
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.3.8.2513 - CDBurnerXP)
Cisco Systems VPN Client 5.0.07.0440 (HKLM\...\{5FDC06BF-3D3D-4367-8FFB-4FAFCB61972D}) (Version: 5.0.7 - Cisco Systems, Inc.)
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Comunicazioni2011 (HKLM-x32\...\Comunicazioni2011) (Version: 1.0.0.0 - Agenzia delle Entrate - Sogei)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DbMAP 3D Flyer Plugin  v.2.1.6r10 (HKLM-x32\...\DbMAP 3D Flyer Plugin) (Version: 2.1.6r10 - GeoMind Srl)
Druckerdeinstallation für EPSON WF-2530 Series (HKLM\...\EPSON WF-2530 Series) (Version:  - SEIKO EPSON Corporation)
DVD slideshow GUI 0.9.4.1 (HKLM-x32\...\BE37E547-62DF-43C8-AE6A-D03E82BC67A2_is1) (Version: DVD slideshow GUI 0.9.4.1 - Tin2tin)
Epson Benutzerhandbuch WF-2530 Series (HKLM-x32\...\WF-2530 Series Useg) (Version:  - )
Epson Connect Guide (HKLM-x32\...\Epson Connect Guide) (Version:  - )
Epson Event Manager (HKLM-x32\...\{8F01524C-0676-4CC1-B4AE-64753C723391}) (Version: 3.01.0005 - Seiko Epson Corporation)
Epson FAX Utility (HKLM-x32\...\{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}) (Version: 1.31.00 - SEIKO EPSON CORPORATION)
Epson Netzwerkhandbuch WF-2530 Series (HKLM-x32\...\WF-2530 Series Netg) (Version:  - )
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.6.0 - SEIKO EPSON CORPORATION)
ffdshow [rev 3029] [2009-07-10] (HKLM-x32\...\ffdshow_is1) (Version: 1.0 - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
GUI for dvdauthor 1.07 (HKLM-x32\...\GUI for dvdauthor) (Version: 1.07 - Boraxsoft)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.5.0 - LIGHTNING UK!)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217040FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 24 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216024FF}) (Version: 6.0.240 - Oracle)
Java(TM) 6 Update 26 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416026FF}) (Version: 6.0.260 - Oracle)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
K-Lite Mega Codec Pack 6.9.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 6.9.0 - )
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
MediaHuman YouTube to MP3 Converter version 3.1.5 (HKLM-x32\...\MediaHuman YouTube to MP3 Converter_is1) (Version: 3.1.5 - )
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Antimalware Service DE-DE Language Pack (Version: 3.0.8402.2 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007F-0407-0000-0000000FF1CE}) (Version: 14.0.5139.5001 - Microsoft Corporation)
Microsoft Office Standard Edition 2003 (HKLM-x32\...\{91120407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) Hidden
Microsoft Security Client DE-DE Language Pack (Version: 2.1.1116.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
ModuliControllo2013 (HKLM-x32\...\ModuliControllo2013) (Version: 5.0.5.0 - Sogei S.p.A)
ModuliControlloIRA2013 (HKLM-x32\...\ModuliControlloIRA2013) (Version: 1.0.2.0 - Sogei S.p.A)
ModuliControlloIVC (HKLM-x32\...\ModuliControlloIVC) (Version: 2.0.0.0 - Sogei S.p.A)
ModuliControlloStudi2013 (HKLM-x32\...\ModuliControlloStudi2013) (Version: 1.0.1.0 - Agenzia delle Entrate - Sogei)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
OpenOffice.org 3.0 (HKLM-x32\...\{DCC4BA6D-4790-402E-AFC7-2185F638783E}) (Version: 3.0.9358 - OpenOffice.org)
Opera Stable 22.0.1471.70 (HKLM-x32\...\Opera 22.0.1471.70) (Version: 22.0.1471.70 - Opera Software ASA)
PCI Soft Voice SoftRing Modem with SmartCP (HKLM\...\CNXT_MODEM_PCI_HSF) (Version: 7.80.6.0 - Conexant Systems)
PDF24 Creator 4.1.2 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.2.0 - Frank Heindörfer, Philip Chinery)
pgcchelper (HKCU\...\pgcchelper) (Version:  - )
quifoto.it (HKLM-x32\...\it.quifoto.editor.001F9DF2D0BAABEB11F42CCEE43224607B61109C.1) (Version: 1.4.6.913 - myphotobook GmbH)
quifoto.it (x32 Version: 1.4.6 - myphotobook GmbH) Hidden
Realtek Ethernet Controller Driver For Windows 7 (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.23.623.2010 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6151 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.4.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.4.0 - Renesas Electronics Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{BB285C9F-C821-4770-8970-56C4AB52C87E}) (Version: 7.2.15747.10003 - Microsoft Corporation)
Skype Web Plugin (HKLM-x32\...\{B51DD93B-3CB5-4D9D-BFF2-FD19DBBBFD9A}) (Version: 2.9.13008.18866 - Skype Technologies S.A.)
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
Sunny Explorer (HKLM-x32\...\{39FCD08F-E311-4959-84B9-1012023724B9}) (Version: 1.3.4 - SMA Solar Technology AG)
System Update kb70007 (x32 Version: 1.0.0 - MSR) Hidden
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.29480 - TeamViewer)
UnicoOnLine PF 2011 (HKCU\...\UnicoOnLine PF 2011) (Version:  - Agenzia delle Entrate)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
Validazione_F24 (HKLM-x32\...\Validazione_F24) (Version: 3.0.8.0 - Agenzia delle Entrate)
Validazione_F24EP (HKLM-x32\...\Validazione_F24EP) (Version: 1.3.9.0 - Agenzia delle Entrate)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Visitenkarten in 2 Minuten (HKLM-x32\...\Visitenkarten in 2 Minuten) (Version:  - )
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Xvid 1.1.3 final uninstall (HKLM-x32\...\Xvid_is1) (Version: 1.1 - Xvid team (Koepi))

==================== Restore Points  =========================

11-06-2014 17:06:44 Windows Update
12-06-2014 21:20:36 Windows Update
16-06-2014 14:38:37 Windows Update
20-06-2014 11:50:49 Windows Update
23-06-2014 17:02:05 Windows Update
26-06-2014 14:40:38 AA11
27-06-2014 08:05:21 Windows Update
30-06-2014 17:13:22 AA11
30-06-2014 18:36:35 Windows Update
02-07-2014 08:35:41 AA11

==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {1D19AC1D-3476-4F28-8141-3EE07474FDD9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-06-26] (Google Inc.)
Task: {24E6E177-7653-4936-8A3F-D1E2042CAAF9} - System32\Tasks\{A1A97481-3174-4C7C-A86E-D2B402B8D6B6} => E:\prezi.exe
Task: {35FE46EF-ED66-4468-9482-C5DBD24D2C7B} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {46DA1FD1-179A-43AA-B9E0-97017D63A15B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-15] (Adobe Systems Incorporated)
Task: {C272827B-3627-48DE-9D8F-F50BF093863F} - System32\Tasks\{8E309394-75C7-4F14-A7B9-81DB6EEE0FC6} => Firefox.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&amp;ver=5.5.59.124&amp;LastError=2
Task: {CB6121C8-B5F4-4DE6-8B61-C8ADFCD92F64} - \Browser Updater\Browser Updater No Task File <==== ATTENTION
Task: {D6170242-A1F1-4C17-9847-0A3ED31A8719} - \fsupdate No Task File <==== ATTENTION
Task: {E65CAA4F-2444-41E1-8E80-D056E4B698D7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-06-26] (Google Inc.)
Task: {ECCEE9AD-B29F-4C39-A6DE-D8822C6C27AB} - System32\Tasks\Opera scheduled Autoupdate 1404205045 => C:\Program Files (x86)\Opera\launcher.exe [2014-06-16] (Opera Software)
Task: {FE25EA72-6849-47C0-B907-1DC73CC988D9} - System32\Tasks\{0BE869A8-9C70-457C-B21E-D53E0DCD4DA7} => Firefox.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&amp;ver=5.10.0.116&amp;LastError=2
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2011-12-19 20:39 - 2005-03-12 01:07 - 00087040 _____ () C:\Windows\System32\pdfcmnnt.dll
2012-09-30 10:34 - 2012-09-30 10:34 - 00106496 _____ () C:\Windows\system32\QUTIL64.exe
2010-07-15 06:44 - 2010-07-15 06:44 - 00020032 _____ () C:\Program Files\Unlocker\UnlockerCOM.dll
2011-03-04 12:49 - 2011-03-04 12:49 - 00202752 _____ () C:\Program Files (x86)\Cisco Systems\VPN Client\vpnapi.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\TEMP:A8AF8B49
AlternateDataStreams: C:\ProgramData\TEMP:AD022376

==================== Safe Mode (whitelisted) ===================


==================== EXE Association (whitelisted) =============


==================== MSCONFIG/TASK MANAGER disabled items =========


==================== Faulty Device Manager Devices =============

Name: Bluetooth-Peripheriegerät
Description: Bluetooth-Peripheriegerät
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Lexmark X422
Description: Lexmark X422
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Lexmark
Service: usbscan
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Bluetooth-Peripheriegerät
Description: Bluetooth-Peripheriegerät
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Cisco Systems VPN Adapter for 64-bit Windows
Description: Cisco Systems VPN Adapter for 64-bit Windows
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: CVirtA
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============

Microsoft Office Sessions:
=========================

==================== Memory info =========================== 

Percentage of memory in use: 54%
Total physical RAM: 1791.05 MB
Available physical RAM: 823.54 MB
Total Pagefile: 3582.1 MB
Available Pagefile: 2225.23 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.66 GB) (Free:357.69 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 324A99B4)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=466 GB) - (Type=07 NTFS)

==================== End Of Log ============================

cosinus · 02.07.2014, 23:29

Okay, dann Kontrollscans mit MBAM und ESET bitte:

Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

01.07.2014, 19:20	#6
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Windows 7: Download Protect 2.2.1 in Google Chrome Bitte auch ne neue Addition.txt erstellen, dazu FRST starten und einen Haken setzen bei Addition.txt, dann auf Scan klicken. __________________ --> Windows 7: Download Protect 2.2.1 in Google Chrome

Windows 7: Download Protect 2.2.1 in Google Chrome

Log-Analyse und Auswertung: Windows 7: Download Protect 2.2.1 in Google Chrome