HD video codec download Trojaner?

dösen · 02.07.2014, 12:52

Hallo Trojaner-board Team,

hab seit kurzem diesen bescheuerten HD Video Codec runtergeladen und hab jetzt den Salat. Überall Ads im Chrome, Avira blockiert ständig irgendwelche Angriffe. Hab jetzt schon öfters gescannt mit verschiedenen Programmen, aber alles ohne Erfolg, werde diese Malware einfach nicht los.. Bitte um Hilfe!!

ps: Ich habe bereits einen anderen Thread zu diesem Thema gefunden, aber ich war mir nicht sicher, ob die Schritte bei mir auch funktionieren würden. Zudem kann ich mit log-Dateien nicht viel anfangen.

Grüße,
dösen

deeprybka · 02.07.2014, 12:54

Mein Name ist Jürgen und ich werde Dir bei Deinem Problem behilflich sein. Zusammen schaffen wir das...

Bitte arbeite alle Schritte der Reihe nach ab.
Lese die Anleitungen sorgfältig durch bevor Du beginnst. Wenn es Probleme gibt oder Du etwas nicht verstehst, dann stoppe mit Deiner Ausführung und beschreibe mir das Problem.
Führe bitte nur Scans durch, zu denen Du von mir aufgefordert wurdest.
Bitte kein Crossposting (posten in mehreren Foren).
Installiere oder deinstalliere während der Bereinigung keine Software, außer Du wurdest dazu aufgefordert.
Speichere alle unsere Tools auf dem Desktop ab.
Poste die Logfiles direkt in Deinen Thread in Code-Tags.
Bedenke, dass wir hier alle während unserer Freizeit tätig sind, wenn du innerhalb von 24 Stunden nichts von mir liest, dann schreibe mir bitte eine PM.

Hinweis:
Ich kann Dir niemals eine Garantie geben, dass wir alle schädlichen Dateien finden werden.
Eine Formatierung ist meist der schnellere und immer der sicherste Weg, aber auch nur bei wirklicher Malware empfehlenswert.
Adware & Co. können wir sehr gut entfernen.
Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis Du mein clean bekommst.

Los geht's:

Schritt 1

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Lesestoff
Posten in CODE-Tags: So gehts...
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert uns massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

dösen · 02.07.2014, 13:10

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-07-2014
Ran by Doro Gabriel at 2014-07-02 14:05:46
Running from C:\Users\Doro Gabriel\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Ad-Aware Antivirus (Disabled - Out of date) {D87B6541-12A1-DAEA-0033-9B8057AAB996}
AS: Ad-Aware Antivirus (Disabled - Out of date) {631A84A5-349B-D564-3A83-A0F22C2DF32B}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Ad-Aware Firewall (Disabled) {E040E464-58CE-DBB2-2B6C-32B5A979FEED}

==================== Installed Programs ======================

 Update for Microsoft Office 2007 (KB2508958) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version:  - Microsoft)
Acer Bio Protection (HKLM-x32\...\InstallShield_{E09664BB-BB08-45FA-87D1-33EAB0E017F5}) (Version: 6.2.56 - Egis Technology Inc.)
Ad-Aware Antivirus (HKLM\...\{9F965DAA-2FFD-41E3-8125-893BFBBE01D6}_AdAwareUpdater) (Version: 11.2.5952.0 - Lavasoft)
AdAwareInstaller (Version: 11.2.5952.0 - Lavasoft) Hidden
AdAwareUpdater (Version: 11.2.5952.0 - Lavasoft) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 1.5.3.9120 - Adobe Systems Inc.) Hidden
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Community Help (x32 Version: 3.0.0 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Media Player (x32 Version: 1.8 - Adobe Systems Incorporated) Hidden
Adobe Reader X (10.1.0) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.0 - Adobe Systems Incorporated)
Akamai NetSession Interface (HKCU\...\Akamai) (Version:  - Akamai Technologies, Inc)
ALPS Touch Pad Driver (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.105.2002.1410 - Alps Electric)
AntimalwareEngine (Version: 3.0.0.56 - Lavasoft) Hidden
Apple Application Support (HKLM-x32\...\{63EC2120-1742-4625-AA47-C6A8AEC9C64C}) (Version: 2.2.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{7446FE8D-C1F9-4D42-AAAE-5DBCE58605A6}) (Version: 6.0.0.59 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArchiCAD 14 INT (HKLM\...\001FFF2FFF14FF00FF0701F01F02F000-R1) (Version: 14.0 - Graphisoft)
ATI AVIVO64 Codecs (Version: 10.11.0.41111 - ATI Technologies Inc.) Hidden
ATI Catalyst Install Manager (HKLM\...\{46DBD179-D24A-A447-6645-62493CC11138}) (Version: 3.0.750.0 - ATI Technologies, Inc.)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
AutoCAD 2011 - Deutsch (HKLM\...\AutoCAD 2011 - Deutsch) (Version: 18.1.49.0 - Autodesk)
AutoCAD 2011 - Deutsch (Version: 18.1.116.0 - Autodesk) Hidden
AutoCAD 2011 - Deutsch Version 2.1 (HKLM\...\AutoCAD 2011 - Deutsch Version 2.1) (Version: 1 - Autodesk)
AutoCAD 2011 Language Pack - Deutsch (Version: 18.1.49.0 - Autodesk) Hidden
Autodesk 3ds Max Design 2012 64-bit - English (HKLM\...\Autodesk 3ds Max Design 2012 64-bit - English) (Version: 14.0 - Autodesk)
Autodesk 3ds Max Design 2012 64-bit - English (Version: 14.0 - Autodesk) Hidden
Autodesk Backburner 2012.0.0 (HKLM-x32\...\{3D347E6D-5A03-4342-B5BA-6A771885F379}) (Version: 2012.0.0 - Autodesk, Inc.)
Autodesk Design Review 2012 (HKLM-x32\...\Autodesk Design Review 2012) (Version: 12.0.0.93 - Autodesk, Inc.)
Autodesk Design Review 2012 (x32 Version: 12.0.0.93 - Autodesk, Inc.) Hidden
Autodesk DirectConnect 2012 64-bit (HKLM\...\Autodesk DirectConnect 2012 64-bit) (Version: 6.0.443.0 - Autodesk)
Autodesk DirectConnect 2012 64-bit (Version: 6.0.443.0 - Autodesk) Hidden
Autodesk FBX Plug-in 2012.0 - 3ds Max Design 2012 64-bit (HKLM\...\Autodesk FBX Plug-in 2012.0 - 3ds Max Design 2012 64-bit) (Version:  - Autodesk)
Autodesk MatchMover 2012 64-bit (HKLM\...\{4529F749-C362-4119-AFA0-0A3F1CA924AB}) (Version: 14.00.0000 - Autodesk)
Autodesk Material Library 2011 (HKLM-x32\...\{9DEABCB6-B759-4D52-92F8-51B34A2B4D40}) (Version: 2.0.0.49 - Autodesk)
Autodesk Material Library 2011 Base Image library (HKLM-x32\...\{CD1E078C-A6B9-47DA-B035-6365C85C7832}) (Version: 2.0.0.49 - Autodesk)
Autodesk Material Library 2011 Medium Image library (HKLM-x32\...\{975951E7-14D0-49AF-A630-89680D12D7F6}) (Version: 2.0.0.49 - Autodesk)
Autodesk Material Library 2012 (HKLM-x32\...\{8F0837C2-EE09-4903-88F3-1976FE7FFF4E}) (Version: 2.5.0.8 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2012 (HKLM-x32\...\{65420DC9-306E-4371-905F-F4DC3B418E52}) (Version: 2.5.0.8 - Autodesk)
Autodesk Material Library Low Resolution Image Library 2012 (HKLM-x32\...\{24FF088D-CDCF-480C-8A4B-98F14A54CAA8}) (Version: 2.5.0.8 - Autodesk)
Autodesk Material Library Medium Resolution Image Library 2012 (HKLM-x32\...\{B5751715-EC10-43D9-8C95-62E1368433EF}) (Version: 2.5.0.8 - Autodesk)
Autodesk Maya 2012 64-bit (HKLM\...\Autodesk Maya 2012 64-bit) (Version: 14.0.0.0 - Autodesk)
Autodesk Maya 2012 64-bit (Version: 14.0.0.0 - Autodesk) Hidden
Autodesk Revit Architecture 2012 (HKLM\...\Autodesk Revit Architecture 2012) (Version: 11.03.09231 - Autodesk)
Autodesk Softimage 2012 64-bit (HKLM\...\{7E8B0B79-FE18-446D-A0C7-F4CD3F4964BB}) (Version: 10.0.0000 - Autodesk)
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.4.672 - Avira)
AVS Audio Converter 7 (HKLM-x32\...\AVS Audio Converter_is1) (Version: 7.2.1.528 - Online Media Technologies Ltd.)
Battlefield Play4Free (HKCU\...\{87686C21-8A15-4b4d-A3F1-11141D9BE094}) (Version:  - EA Digital illusions)
BitTorrent (HKLM-x32\...\BitTorrent) (Version: 7.8.0.29610 - BitTorrent Inc.)
Broadcom Gigabit NetLink Controller (HKLM\...\{96F70DF8-160F-4F9C-9B9E-2A9B439B4EB9}) (Version: 12.26.01 - Broadcom Corporation)
Broadcom Wireless LAN Driver Installation Program for Windows7 (HKLM-x32\...\{88410D8F-8529-492B-B556-2394A29B811B}) (Version: 5.60.18.8 - Broadcom)
Canon MG5200 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5200_series) (Version:  - )
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Core Implementation (x32 Version: 2009.1111.2327.42077 - ATI) Hidden
Catalyst Control Center Graphics Full Existing (x32 Version: 2009.1111.2327.42077 - ATI) Hidden
Catalyst Control Center Graphics Full New (x32 Version: 2009.1111.2327.42077 - ATI) Hidden
Catalyst Control Center Graphics Light (x32 Version: 2009.1111.2327.42077 - ATI) Hidden
Catalyst Control Center Graphics Previews Vista (x32 Version: 2009.1111.2327.42077 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2009.1111.2327.42077 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2009.1111.2327.42077 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2009.1111.2326.42077 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2009.1111.2326.42077 - ATI) Hidden
CCC Help Czech (x32 Version: 2009.1111.2326.42077 - ATI) Hidden
CCC Help Danish (x32 Version: 2009.1111.2326.42077 - ATI) Hidden
CCC Help Dutch (x32 Version: 2009.1111.2326.42077 - ATI) Hidden
CCC Help English (x32 Version: 2009.1111.2326.42077 - ATI) Hidden
CCC Help Finnish (x32 Version: 2009.1111.2326.42077 - ATI) Hidden
CCC Help French (x32 Version: 2009.1111.2326.42077 - ATI) Hidden
CCC Help German (x32 Version: 2009.1111.2326.42077 - ATI) Hidden
CCC Help Greek (x32 Version: 2009.1111.2326.42077 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2009.1111.2326.42077 - ATI) Hidden
CCC Help Italian (x32 Version: 2009.1111.2326.42077 - ATI) Hidden
CCC Help Japanese (x32 Version: 2009.1111.2326.42077 - ATI) Hidden
CCC Help Korean (x32 Version: 2009.1111.2326.42077 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2009.1111.2326.42077 - ATI) Hidden
CCC Help Polish (x32 Version: 2009.1111.2326.42077 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2009.1111.2326.42077 - ATI) Hidden
CCC Help Russian (x32 Version: 2009.1111.2326.42077 - ATI) Hidden
CCC Help Spanish (x32 Version: 2009.1111.2326.42077 - ATI) Hidden
CCC Help Swedish (x32 Version: 2009.1111.2326.42077 - ATI) Hidden
CCC Help Thai (x32 Version: 2009.1111.2326.42077 - ATI) Hidden
CCC Help Turkish (x32 Version: 2009.1111.2326.42077 - ATI) Hidden
ccc-core-static (x32 Version: 2009.1111.2327.42077 - Ihr Firmenname) Hidden
ccc-utility64 (Version: 2009.1111.2327.42077 - ATI) Hidden
CINEMA 4D 11.514 (HKLM\...\MAXONB6EC381C) (Version: 11.514 - MAXON Computer GmbH)
Commandos 2: Men of Courage (HKLM-x32\...\Steam App 6830) (Version:  - Pyro Studios)
Composite 2012 64-bit (HKLM\...\{EA234BC3-39FE-4734-B72F-076086889F6D}) (Version: 7.0.0 - Autodesk)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version:  - Valve)
Dropbox (HKCU\...\Dropbox) (Version: 2.8.2 - Dropbox, Inc.)
EasyBits GO (HKCU\...\Game Organizer) (Version:  - EasyBits Media)
eMule (HKLM-x32\...\eMule) (Version:  - )
ENE CIR Receiver Driver (HKLM\...\2C293EC1A06665BB961CBA4EC7AFF4BF2BEAD042) (Version: 2.7.4.1 - ENE)
EverestPoker.com (HKCU\...\EverestPoker.com) (Version:  - )
FARO LS 1.1.406.58 (HKLM-x32\...\{951B0F30-9F1A-4BF6-B3DA-99EB0E917B1C}) (Version: 4.6.58.2 - FARO Scanner Production)
Fingerprint Solution (x32 Version: 6.1.56.0 - Egis Technology Inc.) Hidden
Flamingo 2.0 (HKLM-x32\...\{C475527D-AB5C-47D8-8C25-85CA3E42B5A4}) (Version: 2.0.30611.0 - Robert McNeel & Associates)
Flamingo nXt (HKLM\...\{D6CF21CA-976D-4E1D-BF53-01D503500C1F}) (Version: 3.1.2012.0410 - Robert McNeel & Associates)
Flamingo nXt de-de Language Pack (HKLM-x32\...\{E08C20AC-1FD2-439D-897D-C92FC2DF39F5}) (Version: 3.1.2012.0410 - Robert McNeel & Associates)
Full Tilt Poker (HKLM-x32\...\{D4C9692E-4EFA-4DA0-8B7F-9439466D9E31}) (Version: 4.63.10.WIN.FullTilt.COM - )
Google Chrome (HKCU\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)
Google Drive (HKLM-x32\...\{D9F75285-4864-461D-83DA-8D056BAC44D1}) (Version: 1.16.6866.4367 - Google, Inc.)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google SketchUp 8 (HKLM-x32\...\{4422D20B-F530-4E65-8504-31396C9BC066}) (Version: 3.0.3196 - Google, Inc.)
Google+ Auto Backup (HKCU\...\Google+ Auto Backup) (Version: 1.0.25.133 - Google, Inc.)
Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
Grasshopper (HKLM-x32\...\Grasshopper) (Version:  - )
Intel(R) Turbo Boost Technology Driver (HKLM-x32\...\{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}) (Version: 01.00.01.1002 - Intel Corporation)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - Intel Corporation)
IsoBuster 2.8 (HKLM-x32\...\IsoBuster_is1) (Version: 2.8 - Smart Projects)
iTunes (HKLM\...\{1493B2AE-0261-47D2-B1AA-F4DAD0F6C48B}) (Version: 10.7.0.21 - Apple Inc.)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 37 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216032FF}) (Version: 6.0.370 - Oracle)
Java(TM) 7 Update 1 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417001FF}) (Version: 7.0.10 - Oracle)
JMicron 1394 Filter Driver (HKLM-x32\...\{13C96625-28E4-4c58-ADE0-CDAFC64752EB}) (Version: 1.00.06.00 - JMicron Technology Corp.)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
Malwarebytes' Anti-Malware (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version:  - Malwarebytes Corporation)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft IntelliPoint 8.2 (HKLM\...\Microsoft IntelliPoint 8.2) (Version: 8.20.468.0 - Microsoft Corporation)
Microsoft IntelliPoint 8.2 (Version: 8.20.468.0 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft VC80 Support DLLs (x32 Version: 1.0.0 - McNeel & Associates) Hidden
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 x64 ATL Runtime 9.0.30729 (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 x64 CRT Runtime 9.0.30729 (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 x64 MFC Runtime 9.0.30729 (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 x64 OpenMP Runtime 9.0.30729 (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 x86 ATL Runtime 9.0.30729 (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 x86 CRT Runtime 9.0.30729 (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 x86 MFC Runtime 9.0.30729 (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 x86 OpenMP Runtime 9.0.30729 (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU (HKLM\...\Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU) (Version:  - Microsoft Corporation)
Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU (Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU Service Pack 1 (KB945140) (HKLM-x32\...\{90A80D89-A0E4-33C1-B13D-B93CB3496867}.KB945140) (Version: 1 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM-x32\...\{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Runtime (HKLM-x32\...\{299C0434-4F4E-341F-A916-4E07AEB35E79}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft_VC80_ATL_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Mozilla Firefox 27.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 27.0.1 (x86 de)) (Version: 27.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 27.0.1 - Mozilla)
NVIDIA PhysX Plug-in for Autodesk Maya 2012 64 bit (HKLM\...\{FC4AD39F-9DCE-4BD0-B7D0-7C81CEB9F04B}) (Version: 2.60.0216.1828 - NVIDIA Corporation)
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
PDF24 Creator 5.2.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 0.9.9 - Frank Heindörfer, Philip Chinery)
Pepakura Designer 3 (HKLM-x32\...\pepakura_designer3en) (Version:  - TamaSoftware)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
PokerStars.eu (HKLM-x32\...\PokerStars.eu) (Version:  - PokerStars.eu)
PokerStars.fr (HKLM-x32\...\PokerStars.fr) (Version:  - PokerStars.fr)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.990 - Even Balance, Inc.)
PxMergeModule (x32 Version: 1.00.0000 - Your Company Name) Hidden
QuickTime (HKLM-x32\...\{0E64B098-8018-4256-BA23-C316A43AD9B0}) (Version: 7.72.80.56 - Apple Inc.)
R for Windows 3.0.1 (HKLM\...\R for Windows 3.0.1_is1) (Version: 3.0.1 - R Core Team)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5972 - Realtek Semiconductor Corp.)
Revit Architecture 2012 (Version: 11.03.09231 - Autodesk) Hidden
Revit Architecture 2012 Language Pack - English (Version: 11.03.09231 - Autodesk) Hidden
Rhino RDK (HKLM-x32\...\Rhino RDK) (Version:  - )
Rhinoceros 4.0 (HKLM-x32\...\{5C2CBFFD-FC3B-4AA9-993B-CE2B8DA25B87}) (Version: 4.0.20118 - McNeel & Associates)
Rhinoceros 4.0 SR5b (HKLM-x32\...\{5B9E1A73-6A74-4DAF-AF1C-DDEBD79C942E}) (Version: 4.0.40226 - Robert McNeel & Associates)
Rhinoceros 4.0 SR8 (HKLM-x32\...\{95E1E426-EE9E-4F68-8F02-58A5A09B38F3}) (Version: 4.0.50401 - Robert McNeel & Associates)
SketchUp 2013 (HKLM-x32\...\{B75BC01B-4586-43F8-9349-D250DB98F26F}) (Version: 13.0.4812 - Trimble Navigation Limited)
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.10.9560 - Skype Technologies S.A.)
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
SopCast 3.8.3 (HKLM-x32\...\SopCast) (Version: 3.8.3 - www.sopcast.com)
Spotify (HKCU\...\Spotify) (Version: 0.9.6.81.gd359a796 - Spotify AB)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 14.0.4.0 - Synaptics Incorporated)
Torrent Stream 2.0.1 (HKCU\...\TorrentStream) (Version: 2.0.1 - Torrent Stream)
TT1281 Driver (HKLM-x32\...\{99B364F5-8051-4118-BFAA-FF466F151748}) (Version: 1.0.0.16 - LITEON)
Uninstall 1.0.0.1 (HKLM-x32\...\Uninstall_is1) (Version:  - )
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2473228) (Version: 1 - Microsoft Corporation)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{EA54F104-79D2-48CC-9ABC-91A63C43D353}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2881065) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{B7EF38F7-1D58-4085-A9A4-0F6C69A5AA1E}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
Veetle TV 0.9.18 (HKLM-x32\...\Veetle TV) (Version: 0.9.18 - Veetle, Inc)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{6DA2B636-698A-3294-BF4A-B5E11B238CDD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{8CCEA24C-51AE-3B71-9092-7D0C44DDA2DF}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{C3A57BB3-9AA6-3F6F-9395-6C062BDD5FC4}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{F6F09DD8-F39B-3A16-ADB9-C9E6B56903F9}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{04B34E21-5BEE-3D2B-8D3D-E3E80D253F64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{14866AAD-1F23-39AC-A62B-7091ED1ADE64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{4B90093A-5D9C-3956-8ABB-95848BE6EFAD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{B42E259C-E4D4-37F1-A1B2-EB9C4FC5A04D}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
VLC media player 2.1.0 (HKLM\...\VLC media player) (Version: 2.1.0 - VideoLAN)
V-Ray for Rhinoceros 4.0 (HKLM-x32\...\{54DBAF71-635A-45CB-A7DD-7EAB60F5C460}) (Version: 1.00.0000 - ASGvis, LLC)
WebSpades (HKLM\...\WebSpades) (Version: 2014.07.01.221247 - WebSpades)
WibuKey Setup (WibuKey Remove) (HKLM\...\{00060000-0000-1004-8002-0000C06B5161}) (Version: Version 6.00a of 2009-Dec-03 (Build 129) (Setup) - WIBU-SYSTEMS AG)
WindowsMangerProtect20.0.0.502 (HKLM-x32\...\WindowsMangerProtect) (Version: 20.0.0.502 - WindowsProtect LIMITED)
WinRAR 4.00 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.00.0 - win.rar GmbH)

==================== Restore Points  =========================

30-06-2014 14:51:43 Geplanter Prüfpunkt
02-07-2014 10:07:42 AA11

==================== Hosts content: ==========================

2009-07-14 04:34 - 2011-03-28 19:31 - 00002000 ____A C:\Windows\system32\Drivers\etc\hosts
0.0.0.0       localhost 
127.0.0.1 activate.adobe.com 
127.0.0.1 practivate.adobe.com 
127.0.0.1 ereg.adobe.com 
127.0.0.1 activate.wip3.adobe.com 
127.0.0.1 wip3.adobe.com 
127.0.0.1 3dns-3.adobe.com 
127.0.0.1 3dns-2.adobe.com 
127.0.0.1 adobe-dns.adobe.com 
127.0.0.1 adobe-dns-2.adobe.com 
127.0.0.1 adobe-dns-3.adobe.com 
127.0.0.1 ereg.wip3.adobe.com 
127.0.0.1 activate-sea.adobe.com 
127.0.0.1 wwis-dubc1-vip60.adobe.com 
127.0.0.1 activate-sjc0.adobe.com 
0.0.0.0       localhost 
127.0.0.1 activate.adobe.com 
127.0.0.1 practivate.adobe.com 
127.0.0.1 ereg.adobe.com 
127.0.0.1 activate.wip3.adobe.com 
127.0.0.1 wip3.adobe.com 
127.0.0.1 3dns-3.adobe.com 
127.0.0.1 3dns-2.adobe.com 
127.0.0.1 adobe-dns.adobe.com 
127.0.0.1 adobe-dns-2.adobe.com 
127.0.0.1 adobe-dns-3.adobe.com 
127.0.0.1 ereg.wip3.adobe.com 
127.0.0.1 activate-sea.adobe.com 
127.0.0.1 wwis-dubc1-vip60.adobe.com 


==================== Scheduled Tasks (whitelisted) =============

Task: {0BCB8F21-7044-4459-8474-53293EA59C4D} - System32\Tasks\{2A760783-25BA-4B91-AE60-E68777A40394} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2014-05-08] (Skype Technologies S.A.)
Task: {431BDC0C-F1D3-4F44-98E4-3A94AE3B5F13} - System32\Tasks\{D8723098-9F85-40A9-8807-BAFF6B697F29} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2014-05-08] (Skype Technologies S.A.)
Task: {76DACACD-20DB-42DA-B93D-88CAA2182A32} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-03-27] (Google Inc.)
Task: {80EDECDE-6BE6-4759-9DBA-9D0876329522} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => C:\Program Files\Microsoft IntelliPoint\IPoint.exe [2011-08-01] (Microsoft Corporation)
Task: {82C9D984-B353-4CE6-8B8D-155D25A0B72F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-03-27] (Google Inc.)
Task: {AB781E94-9E40-4049-8089-955C2F8B35B5} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {DC3BB3FC-8281-47AC-823D-7F3320D553CD} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-14] (Adobe Systems Incorporated)
Task: {E43647F6-69F6-44FE-8514-AAD07DB80ABB} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3542374432-354979354-222888450-1000Core => C:\Users\Doro Gabriel\AppData\Local\Google\Update\GoogleUpdate.exe [2012-12-01] (Google Inc.)
Task: {E741E59A-1E43-43F9-9C99-31338BD4F282} - System32\Tasks\AdobeAAMUpdater-1.0-DoroGabriel-PC-Doro Gabriel => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06] (Adobe Systems Incorporated)
Task: {FF6FC979-27AB-41E1-989F-618566506A98} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3542374432-354979354-222888450-1000UA => C:\Users\Doro Gabriel\AppData\Local\Google\Update\GoogleUpdate.exe [2012-12-01] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => ?
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => ?
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => ?
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3542374432-354979354-222888450-1000Core.job => ?
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3542374432-354979354-222888450-1000UA.job => ?

==================== Loaded Modules (whitelisted) =============

2008-05-26 19:24 - 2008-05-26 19:24 - 00103424 _____ () C:\Program Files (x86)\Acer Bio Protection\PwdFilterV64.DLL
2011-03-20 12:18 - 2005-03-12 01:07 - 00087040 _____ () C:\Windows\System32\pdfcmnnt.dll
2011-02-22 21:52 - 2011-02-22 21:52 - 00086016 _____ () C:\Program Files\Autodesk\3ds Max Design 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe
2009-07-29 14:10 - 2009-07-29 14:10 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2011-03-24 16:49 - 2011-03-24 16:49 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2011-03-21 14:37 - 2011-03-02 13:40 - 00164864 _____ () C:\Program Files\WinRAR\rarext.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 02082160 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareShellExtension.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00685904 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\SQLite.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 03393352 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\RCF.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00123776 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\boost_filesystem-vc100-mt-1_55.dll
2014-06-03 16:19 - 2014-06-03 16:19 - 00024440 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\boost_system-vc100-mt-1_55.dll
2014-07-01 16:36 - 2014-07-01 17:02 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-07-02 00:13 - 2014-07-02 00:13 - 00318752 _____ () C:\Program Files (x86)\WebSpades\updateWebSpades.exe
2014-07-02 11:20 - 2014-07-02 11:20 - 00318752 _____ () C:\Program Files (x86)\WebSpades\bin\utilWebSpades.exe
2014-06-03 16:18 - 2014-06-03 16:18 - 07715160 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareTray.exe
2014-06-03 16:18 - 2014-06-03 16:18 - 00055680 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\boost_date_time-vc100-mt-1_55.dll
2014-06-03 16:19 - 2014-06-03 16:19 - 00103800 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\boost_thread-vc100-mt-1_55.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00033656 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\boost_chrono-vc100-mt-1_55.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00500088 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\boost_locale-vc100-mt-1_55.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00364896 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\HtmlFramework.dll
2014-06-03 16:19 - 2014-06-03 16:19 - 00149840 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\libssh2.dll
2014-06-03 16:19 - 2014-06-03 16:19 - 00106824 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\zlib.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00066904 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\DllStorage.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00803696 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareTrayDefaultSkin.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00139608 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\Localization.dll
2014-06-03 15:47 - 2014-06-03 15:47 - 00706864 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareService.exe
2014-06-03 16:18 - 2014-06-03 16:18 - 10070888 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareServiceKernel.dll
2014-06-03 16:19 - 2014-06-03 16:19 - 00788856 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\boost_regex-vc100-mt-1_55.dll
2014-06-03 16:17 - 2014-06-03 16:17 - 00604520 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareActivation.dll
2014-06-03 16:19 - 2014-06-03 16:19 - 00158032 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\pugixml.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00360312 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareApplicationUpdater.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00142696 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareGamingMode.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00098648 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareReset.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00120152 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareTime.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00290168 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareDefinitionsUpdater.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00198024 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareDefinitionsUpdaterScheduler.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00417128 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareIgnoreList.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00245608 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareQuarantine.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00336752 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareAntiMalwareEngine.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00212336 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareAntiRootkitEngine.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00509808 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareScannerHistory.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00610144 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareScanner.dll
2014-06-03 16:19 - 2014-06-03 16:19 - 00035192 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\boost_timer-vc100-mt-1_55.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00326000 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareScannerScheduler.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00453496 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareRealTimeProtection.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00227688 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareIncompatibles.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00218976 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareAntiSpam.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00171368 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareAntiPhishing.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00786800 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareParentalControl.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 01936744 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareWebProtection.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00422256 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareEmailProtection.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00650608 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareNetworkProtection.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00358744 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwarePromo.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00298336 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareFeedback.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00371576 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareThreatWorkAlliance.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00154464 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\SecurityCenter.dll
2014-07-02 11:23 - 2014-06-28 03:45 - 00096544 _____ () C:\Program Files (x86)\WebSpades\bin\WebSpades.BrowserAdapter.exe
2011-11-02 00:26 - 2011-11-02 00:26 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2011-11-02 00:26 - 2011-11-02 00:26 - 01242472 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-06-24 20:02 - 2014-06-24 20:02 - 00043008 _____ () c:\Users\Doro Gabriel\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp3bavgo.dll
2013-08-23 21:01 - 2013-08-23 21:01 - 25100288 _____ () C:\Users\Doro Gabriel\AppData\Roaming\Dropbox\bin\libcef.dll
2014-06-26 16:39 - 2014-06-26 16:39 - 00098816 _____ () C:\Users\Doro Gabriel\AppData\Local\Temp\_MEI68922\win32api.pyd
2014-06-26 16:39 - 2014-06-26 16:39 - 00110080 _____ () C:\Users\Doro Gabriel\AppData\Local\Temp\_MEI68922\pywintypes27.dll
2014-06-26 16:39 - 2014-06-26 16:39 - 00364544 _____ () C:\Users\Doro Gabriel\AppData\Local\Temp\_MEI68922\pythoncom27.dll
2014-06-26 16:39 - 2014-06-26 16:39 - 00045568 _____ () C:\Users\Doro Gabriel\AppData\Local\Temp\_MEI68922\_socket.pyd
2014-06-26 16:39 - 2014-06-26 16:39 - 01160704 _____ () C:\Users\Doro Gabriel\AppData\Local\Temp\_MEI68922\_ssl.pyd
2014-06-26 16:39 - 2014-06-26 16:39 - 00320512 _____ () C:\Users\Doro Gabriel\AppData\Local\Temp\_MEI68922\win32com.shell.shell.pyd
2014-06-26 16:39 - 2014-06-26 16:39 - 00713216 _____ () C:\Users\Doro Gabriel\AppData\Local\Temp\_MEI68922\_hashlib.pyd
2014-06-26 16:39 - 2014-06-26 16:39 - 01175040 _____ () C:\Users\Doro Gabriel\AppData\Local\Temp\_MEI68922\wx._core_.pyd
2014-06-26 16:39 - 2014-06-26 16:39 - 00805888 _____ () C:\Users\Doro Gabriel\AppData\Local\Temp\_MEI68922\wx._gdi_.pyd
2014-06-26 16:39 - 2014-06-26 16:39 - 00811008 _____ () C:\Users\Doro Gabriel\AppData\Local\Temp\_MEI68922\wx._windows_.pyd
2014-06-26 16:39 - 2014-06-26 16:39 - 01062400 _____ () C:\Users\Doro Gabriel\AppData\Local\Temp\_MEI68922\wx._controls_.pyd
2014-06-26 16:39 - 2014-06-26 16:39 - 00735232 _____ () C:\Users\Doro Gabriel\AppData\Local\Temp\_MEI68922\wx._misc_.pyd
2014-06-26 16:39 - 2014-06-26 16:39 - 00128512 _____ () C:\Users\Doro Gabriel\AppData\Local\Temp\_MEI68922\_elementtree.pyd
2014-06-26 16:39 - 2014-06-26 16:39 - 00127488 _____ () C:\Users\Doro Gabriel\AppData\Local\Temp\_MEI68922\pyexpat.pyd
2014-06-26 16:39 - 2014-06-26 16:39 - 00557056 _____ () C:\Users\Doro Gabriel\AppData\Local\Temp\_MEI68922\pysqlite2._sqlite.pyd
2014-06-26 16:39 - 2014-06-26 16:39 - 00007168 _____ () C:\Users\Doro Gabriel\AppData\Local\Temp\_MEI68922\hashobjs_ext.pyd
2014-06-26 16:39 - 2014-06-26 16:39 - 00087552 _____ () C:\Users\Doro Gabriel\AppData\Local\Temp\_MEI68922\_ctypes.pyd
2014-06-26 16:39 - 2014-06-26 16:39 - 00119808 _____ () C:\Users\Doro Gabriel\AppData\Local\Temp\_MEI68922\win32file.pyd
2014-06-26 16:39 - 2014-06-26 16:39 - 00108544 _____ () C:\Users\Doro Gabriel\AppData\Local\Temp\_MEI68922\win32security.pyd
2014-06-26 16:39 - 2014-06-26 16:39 - 00018432 _____ () C:\Users\Doro Gabriel\AppData\Local\Temp\_MEI68922\win32event.pyd
2014-06-26 16:39 - 2014-06-26 16:39 - 00038912 _____ () C:\Users\Doro Gabriel\AppData\Local\Temp\_MEI68922\win32inet.pyd
2014-06-26 16:39 - 2014-06-26 16:39 - 00070656 _____ () C:\Users\Doro Gabriel\AppData\Local\Temp\_MEI68922\wx._html2.pyd
2014-06-26 16:39 - 2014-06-26 16:39 - 00167936 _____ () C:\Users\Doro Gabriel\AppData\Local\Temp\_MEI68922\win32gui.pyd
2014-06-26 16:39 - 2014-06-26 16:39 - 00011264 _____ () C:\Users\Doro Gabriel\AppData\Local\Temp\_MEI68922\win32crypt.pyd
2014-06-26 16:39 - 2014-06-26 16:39 - 00027136 _____ () C:\Users\Doro Gabriel\AppData\Local\Temp\_MEI68922\_multiprocessing.pyd
2014-06-26 16:39 - 2014-06-26 16:39 - 00122368 _____ () C:\Users\Doro Gabriel\AppData\Local\Temp\_MEI68922\wx._wizard.pyd
2014-06-26 16:39 - 2014-06-26 16:39 - 00010240 _____ () C:\Users\Doro Gabriel\AppData\Local\Temp\_MEI68922\select.pyd
2014-06-26 16:39 - 2014-06-26 16:39 - 00024064 _____ () C:\Users\Doro Gabriel\AppData\Local\Temp\_MEI68922\win32pipe.pyd
2014-06-26 16:39 - 2014-06-26 16:39 - 00686080 _____ () C:\Users\Doro Gabriel\AppData\Local\Temp\_MEI68922\unicodedata.pyd
2014-06-26 16:39 - 2014-06-26 16:39 - 00025600 _____ () C:\Users\Doro Gabriel\AppData\Local\Temp\_MEI68922\win32pdh.pyd
2014-06-26 16:39 - 2014-06-26 16:39 - 00525640 _____ () C:\Users\Doro Gabriel\AppData\Local\Temp\_MEI68922\windows._lib_cacheinvalidation.pyd
2014-06-26 16:39 - 2014-06-26 16:39 - 00035840 _____ () C:\Users\Doro Gabriel\AppData\Local\Temp\_MEI68922\win32process.pyd
2014-06-26 16:39 - 2014-06-26 16:39 - 00017408 _____ () C:\Users\Doro Gabriel\AppData\Local\Temp\_MEI68922\win32profile.pyd
2014-06-26 16:39 - 2014-06-26 16:39 - 00022528 _____ () C:\Users\Doro Gabriel\AppData\Local\Temp\_MEI68922\win32ts.pyd
2014-06-26 16:39 - 2014-06-26 16:39 - 00078336 _____ () C:\Users\Doro Gabriel\AppData\Local\Temp\_MEI68922\wx._animate.pyd
2009-02-26 14:46 - 2009-02-26 14:46 - 00064344 _____ () C:\Program Files (x86)\Microsoft Office\Office12\ADDINS\ColleagueImport.dll
2011-06-22 12:46 - 2011-06-22 12:46 - 00434016 _____ () C:\Program Files (x86)\Microsoft Office\Office12\ADDINS\UmOutlookAddin.dll
2013-07-10 18:07 - 2013-07-10 18:07 - 00756888 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\MSPTLS.DLL
2014-07-02 13:20 - 2014-06-28 03:45 - 00183584 ____N () C:\Program Files (x86)\WebSpades\bin\WebSpadesBAApp.dll
2014-06-13 15:42 - 2014-06-05 15:58 - 00716616 _____ () C:\Users\Doro Gabriel\AppData\Local\Google\Chrome\Application\35.0.1916.153\libglesv2.dll
2014-06-13 15:42 - 2014-06-05 15:58 - 00126280 _____ () C:\Users\Doro Gabriel\AppData\Local\Google\Chrome\Application\35.0.1916.153\libegl.dll
2014-06-13 15:42 - 2014-06-05 15:58 - 04217672 _____ () C:\Users\Doro Gabriel\AppData\Local\Google\Chrome\Application\35.0.1916.153\pdf.dll
2014-06-13 15:42 - 2014-06-05 15:58 - 00414536 _____ () C:\Users\Doro Gabriel\AppData\Local\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll
2014-06-13 15:42 - 2014-06-05 15:58 - 01732424 _____ () C:\Users\Doro Gabriel\AppData\Local\Google\Chrome\Application\35.0.1916.153\ffmpegsumo.dll
2014-06-13 15:42 - 2014-06-05 15:58 - 14612296 _____ () C:\Users\Doro Gabriel\AppData\Local\Google\Chrome\Application\35.0.1916.153\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== EXE Association (whitelisted) =============


==================== MSCONFIG/TASK MANAGER disabled items =========

MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: Spotify => "C:\Users\Doro Gabriel\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Doro Gabriel\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\Steam.exe" -silent

==================== Faulty Device Manager Devices =============

Name: Basissystemgerät
Description: Basissystemgerät
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Basissystemgerät
Description: Basissystemgerät
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Basissystemgerät
Description: Basissystemgerät
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/02/2014 01:41:19 AM) (Source: MsiInstaller) (EventID: 11309) (User: DoroGabriel-PC)
Description: Product: Google Update Helper -- Error 1309. Error reading from file: C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\Google\Update\RequiredFile.txt.  System error 3.  Verify that the file exists and that you can access it.

Error: (06/28/2014 00:32:15 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Die abhängige Assemblierung "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (06/28/2014 00:30:24 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Die abhängige Assemblierung "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (06/25/2014 10:23:49 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Die abhängige Assemblierung "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (06/25/2014 10:22:38 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Die abhängige Assemblierung "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (06/25/2014 09:42:21 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Die abhängige Assemblierung "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (06/25/2014 09:40:53 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Die abhängige Assemblierung "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (06/25/2014 03:07:55 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Die abhängige Assemblierung "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (06/25/2014 03:04:36 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Die abhängige Assemblierung "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (06/25/2014 00:46:58 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Die abhängige Assemblierung "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".


System errors:
=============
Error: (07/02/2014 11:19:35 AM) (Source: Server) (EventID: 2505) (User: )
Description: Aufgrund eines doppelten Netzwerknamens konnte zu der Transportschicht \Device\NetBT_Tcpip_{2F4D42E0-1659-4B47-AC38-831856414E1D} vom Serverdienst nicht gebunden werden. Der Serverdienst konnte nicht gestartet werden.

Error: (07/02/2014 11:19:08 AM) (Source: Tcpip) (EventID: 4199) (User: )
Description: Das System hat einen Adressenkonflikt der IP-Adresse 10.0.0.7 mit dem Computer mit der
Netzwerkhardwareadresse DC-9F-A4-94-AE-1E ermittelt. Netzwerkvorgänge könnten daher auf diesem
System unterbrochen werden.

Error: (07/01/2014 00:17:08 PM) (Source: Tcpip) (EventID: 4199) (User: )
Description: Das System hat einen Adressenkonflikt der IP-Adresse 10.0.0.5 mit dem Computer mit der
Netzwerkhardwareadresse DC-9F-A4-94-AE-1E ermittelt. Netzwerkvorgänge könnten daher auf diesem
System unterbrochen werden.

Error: (06/30/2014 05:42:29 PM) (Source: BROWSER) (EventID: 8032) (User: )
Description: Das Einlesen der Sicherungsliste durch den Suchdienst schlug auf Transport "\Device\NetBT_Tcpip_{2F4D42E0-1659-4B47-AC38-831856414E1D}" zu oft fehl.
Der Sicherungssuchdienst wird beendet.

Error: (06/29/2014 02:59:39 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "MAC00254BB02212",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{2F4D42E0-1659-4B47-AC38-831856414E1D}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (06/28/2014 09:27:37 AM) (Source: Tcpip) (EventID: 4199) (User: )
Description: Das System hat einen Adressenkonflikt der IP-Adresse 10.0.0.9 mit dem Computer mit der
Netzwerkhardwareadresse DC-85-DE-73-32-A4 ermittelt. Netzwerkvorgänge könnten daher auf diesem
System unterbrochen werden.

Error: (06/28/2014 09:27:37 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst eventlog erreicht.

Error: (06/26/2014 09:35:48 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "DIDI-PC",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{2F4D42E0-1659-4B47-AC38-831856414E1D}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (06/25/2014 00:31:47 PM) (Source: BROWSER) (EventID: 8032) (User: )
Description: Das Einlesen der Sicherungsliste durch den Suchdienst schlug auf Transport "\Device\NetBT_Tcpip_{2F4D42E0-1659-4B47-AC38-831856414E1D}" zu oft fehl.
Der Sicherungssuchdienst wird beendet.

Error: (06/24/2014 10:22:12 PM) (Source: Tcpip) (EventID: 4199) (User: )
Description: Das System hat einen Adressenkonflikt der IP-Adresse 10.0.0.8 mit dem Computer mit der
Netzwerkhardwareadresse 44-6D-57-0A-8E-E6 ermittelt. Netzwerkvorgänge könnten daher auf diesem
System unterbrochen werden.


Microsoft Office Sessions:
=========================
Error: (06/05/2011 10:16:20 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6557.5001, Microsoft Office Version: 12.0.6425.1000. This session lasted 5 seconds with 0 seconds of active time.  This session ended with a crash.


==================== Memory info =========================== 

Percentage of memory in use: 60%
Total physical RAM: 8054.78 MB
Available physical RAM: 3221.66 MB
Total Pagefile: 16107.73 MB
Available Pagefile: 11544.16 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:154.19 GB) (Free:43.59 GB) NTFS
Drive d: (Uni) (Fixed) (Total:18.5 GB) (Free:2.15 GB) NTFS
Drive e: (Daten) (Fixed) (Total:292.97 GB) (Free:160.88 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 1A009D23)
Partition 1: (Not Active) - (Size=19 GB) - (Type=07 NTFS)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=293 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=154 GB) - (Type=07 NTFS)

==================== End Of Log ============================

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-07-2014
Ran by Doro Gabriel (administrator) on DOROGABRIEL-PC on 02-07-2014 14:04:45
Running from C:\Users\Doro Gabriel\Desktop
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Egis Technology Inc.) C:\Program Files (x86)\Acer Bio Protection\CompPtcVUI.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Egis Technology Inc.) C:\Program Files (x86)\Acer Bio Protection\BASVC.exe
() C:\Program Files\Autodesk\3ds Max Design 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
(Akamai Technologies, Inc.) C:\Users\Doro Gabriel\AppData\Local\Akamai\netsession_win.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Spotify Ltd) C:\Users\Doro Gabriel\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Akamai Technologies, Inc.) C:\Users\Doro Gabriel\AppData\Local\Akamai\netsession_win.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(WIBU-SYSTEMS AG) C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe
(Dropbox, Inc.) C:\Users\Doro Gabriel\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Egis Technology Inc.) C:\Program Files (x86)\Acer Bio Protection\PdtWzd.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunes.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
() C:\Program Files (x86)\WebSpades\updateWebSpades.exe
(Fuyu LIMITED) C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe
(Cherished Technololgy LIMITED) C:\ProgramData\IePluginServices\PluginService.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe
() C:\Program Files (x86)\WebSpades\bin\utilWebSpades.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avcenter.exe
(Lavasoft) C:\ProgramData\Search Protection\SearchProtection.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareTray.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareService.exe
() C:\Program Files (x86)\WebSpades\bin\WebSpades.BrowserAdapter.exe
(Google Inc.) C:\Users\Doro Gabriel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Doro Gabriel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Doro Gabriel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Doro Gabriel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Doro Gabriel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Doro Gabriel\AppData\Local\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-08-07] (Intel Corporation)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [323072 2009-10-01] (Alps Electric Co., Ltd.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8312352 2009-11-02] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1825064 2009-09-03] (Synaptics Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [IntelliPoint] => C:\Program Files\Microsoft IntelliPoint\ipoint.exe [2417032 2011-08-01] (Microsoft Corporation)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [AdAwareTray] => C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareTray.exe [7715160 2014-06-03] ()
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-11-12] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [VitaKeyPdtWzd] => C:\Program Files (x86)\Acer Bio Protection\PdtWzd.exe [3567616 2009-09-05] (Egis Technology Inc.)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [937920 2011-06-06] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-08-27] (Apple Inc.)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [163000 2012-12-12] (Geek Software GmbH)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [737872 2014-05-20] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [Search Protection] => C:\ProgramData\Search Protection\SearchProtection.exe [949512 2014-02-17] (Lavasoft)
HKU\S-1-5-21-3542374432-354979354-222888450-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Doro Gabriel\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)
HKU\S-1-5-21-3542374432-354979354-222888450-1000\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [427520 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-3542374432-354979354-222888450-1000\...\Run: [Google Update] => C:\Users\Doro Gabriel\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-12-01] (Google Inc.)
HKU\S-1-5-21-3542374432-354979354-222888450-1000\...\Run: [Spotify Web Helper] => C:\Users\Doro Gabriel\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1168896 2013-12-15] (Spotify Ltd)
HKU\S-1-5-21-3542374432-354979354-222888450-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21444224 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-3542374432-354979354-222888450-1000\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [24474752 2014-06-05] (Google)
HKU\S-1-5-21-3542374432-354979354-222888450-1000\...\RunOnce: [FlashPlayerUpdate] - C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_13_0_0_214_Plugin.exe [847536 2014-05-14] (Adobe Systems Incorporated)
AppInit_DLLs: C:\PROGRA~2\SupTab\SEARCH~2.DLL => C:\Program Files (x86)\SupTab\SearchProtect64.dll [102512 2014-05-08] (Skytech Co., Ltd.)
Lsa: [Notification Packages] C:\Program Files (x86)\Acer Bio Protection\PwdFilterV64
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Netzwerk Server.lnk
ShortcutTarget: Netzwerk Server.lnk -> C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe (WIBU-SYSTEMS AG)
Startup: C:\Users\Doro Gabriel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Doro Gabriel\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: GDriveBlacklistedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedEditOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedViewOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSyncedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSyncingOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: Symbol-Overlay-Steuerprogramm für AutoCAD Digitale Signaturen -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll (Autodesk, Inc.)
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 1 (GFS Unread Stub) -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 2 (GFS Stub) -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 2.5 (GFS Unread Folder) -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 3 (GFS Folder) -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 4 (GFS Unread Mark) -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BootExecute: autocheck autochk * bddel.exe

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://securedsearch2.lavasoft.com/index.php?pr=vmn&id=adawaretb&v=3_9&idate=__installtime__&ent=hp&u=___userid___
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://at.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xA75ACD8E1BBBCC01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-at
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.snapdo.com/?publisher=SnapdoEMonYB&dpid=SnapdoEMonYB&co=AT&userid=e0238ae8-dfed-4c5f-9183-fc72878505b4&searchtype=ds&q={searchTerms}&installDate=05/07/2013
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://isearch.omiga-plus.com/?type=sc&ts=1404258177&from=ild&uid=WDCXWD5000BEVT-22A0RT0_WD-WX71C90V9560V9560
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1404258177&from=ild&uid=WDCXWD5000BEVT-22A0RT0_WD-WX71C90V9560V9560&q={searchTerms}
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1404258177&from=ild&uid=WDCXWD5000BEVT-22A0RT0_WD-WX71C90V9560V9560&q={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1404258177&from=ild&uid=WDCXWD5000BEVT-22A0RT0_WD-WX71C90V9560V9560&q={searchTerms}
SearchScopes: HKLM-x32 - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=SnapdoEMonYB&dpid=SnapdoEMonYB&co=AT&userid=e0238ae8-dfed-4c5f-9183-fc72878505b4&searchtype=ds&q={searchTerms}&installDate=05/07/2013
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1404258177&from=ild&uid=WDCXWD5000BEVT-22A0RT0_WD-WX71C90V9560V9560&q={searchTerms}
SearchScopes: HKCU - DefaultScope {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = hxxp://securedsearch2.lavasoft.com/results.php?pr=vmn&id=adawaretb&v=3_9&idate=&hsimp=yhs-lavasoft&ent=ch&q={searchTerms}
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=SnapdoEMonYB&dpid=SnapdoEMonYB&co=AT&userid=e0238ae8-dfed-4c5f-9183-fc72878505b4&searchtype=ds&q={searchTerms}&installDate=05/07/2013
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://startsear.ch/?aff=1&src=sp&cf=cd7b236a-3c91-11e1-becd-1c7508401e08&q={searchTerms}
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1404258177&from=ild&uid=WDCXWD5000BEVT-22A0RT0_WD-WX71C90V9560V9560&q={searchTerms}
SearchScopes: HKCU - {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = hxxp://securedsearch2.lavasoft.com/results.php?pr=vmn&id=adawaretb&v=3_9&idate=&hsimp=yhs-lavasoft&ent=ch&q={searchTerms}
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: IETabPage Class - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - C:\Program Files (x86)\SupTab\SupTab.dll (Thinknice Co. Limited)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
Toolbar: HKLM-x32 - Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)
Toolbar: HKLM-x32 - VShareToolBar - {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - C:\Program Files (x86)\vShare.tv plugin\BarLcher.dll (VShare Inc.)
Toolbar: HKLM-x32 - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
Toolbar: HKCU - No Name - {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} -  No File
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} -  No File
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF ProfilePath: C:\Users\Doro Gabriel\AppData\Roaming\Mozilla\Firefox\Profiles\9io3wi8p.default
FF NewTab: hxxp://isearch.omiga-plus.com/newtab/?type=nt&ts=1404258177&from=ild&uid=WDCXWD5000BEVT-22A0RT0_WD-WX71C90V9560V9560
FF DefaultSearchEngine: omiga-plus
FF SearchEngineOrder.1: Web Search
FF SelectedSearchEngine: omiga-plus
FF Homepage: hxxp://isearch.omiga-plus.com/?type=hp&ts=1404258177&from=ild&uid=WDCXWD5000BEVT-22A0RT0_WD-WX71C90V9560V9560
FF Keyword.URL: hxxp://feed.snapdo.com/?publisher=SnapdoEMonYB&dpid=SnapdoEMonYB&co=AT&userid=e0238ae8-dfed-4c5f-9183-fc72878505b4&searchtype=ds&installDate=05/07/2013&q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @veetle.com/veetleCorePlugin,version=0.9.18 - C:\Program Files (x86)\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF Plugin-x32: @veetle.com/veetlePlayerPlugin,version=0.9.18 - C:\Program Files (x86)\Veetle\Player\npvlc.dll (Veetle Inc)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Doro Gabriel\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Doro Gabriel\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @torrentstream.net/tsplugin,version=2.0.1 - C:\Users\Doro Gabriel\AppData\Roaming\TorrentStream\player\npts_plugin.dll (Innovative Digital Technologies)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npContribute.dll (Adobe Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npvsharetvplg.dll (vShare.tv )
FF SearchPlugin: C:\Users\Doro Gabriel\AppData\Roaming\Mozilla\Firefox\Profiles\9io3wi8p.default\searchplugins\Web Search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\adawaretb.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\omiga-plus.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Fast Start - C:\Users\Doro Gabriel\AppData\Roaming\Mozilla\Firefox\Profiles\9io3wi8p.default\Extensions\faststartff@gmail.com [2014-07-02]
FF Extension: No Name - C:\Users\Doro Gabriel\AppData\Roaming\Mozilla\Firefox\Profiles\9io3wi8p.default\Extensions\{87934c42-161d-45bc-8cef-ef18abe2a30c} [2014-07-02]
FF Extension: vshare Add-On - C:\Users\Doro Gabriel\AppData\Roaming\Mozilla\Firefox\Profiles\9io3wi8p.default\Extensions\{dd05fd3d-18df-4ce4-ae53-e795339c5f01} [2011-08-14]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-06-13]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2014-06-13]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2014-06-13]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2014-06-13]
FF HKLM-x32\...\Firefox\Extensions: [{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}] - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}
FF Extension: Adobe Contribute Toolbar - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9} [2011-03-28]
FF HKLM-x32\...\Firefox\Extensions: [faststartff@gmail.com] - C:\Users\Doro Gabriel\AppData\Roaming\Mozilla\Firefox\Profiles\9io3wi8p.default\extensions\faststartff@gmail.com
FF Extension: Fast Start - C:\Users\Doro Gabriel\AppData\Roaming\Mozilla\Firefox\Profiles\9io3wi8p.default\extensions\faststartff@gmail.com [2014-07-02]
FF HKCU\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]

Chrome: 
=======
CHR HomePage: hxxp://www.google.com/
CHR StartupUrls: "chrome://bookmarks/#1", "hxxp://www.google.com/", "hxxp://www.detail.de/daily/", "hxxp://feed.snapdo.com/?publisher=SnapdoEMonYB&dpid=SnapdoEMonYB&co=AT&userid=e0238ae8-dfed-4c5f-9183-fc72878505b4&searchtype=hp&installDate=05/07/2013", "hxxp://isearch.omiga-plus.com/?type=hp&ts=1404258177&from=ild&uid=WDCXWD5000BEVT-22A0RT0_WD-WX71C90V9560V9560", "hxxp://isearch.omiga-plus.com/?type=hppp&ts=1404295826&from=ild&uid=WDCXWD5000BEVT-22A0RT0_WD-WX71C90V9560V9560"
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Doro Gabriel\AppData\Local\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Doro Gabriel\AppData\Local\Google\Chrome\Application\35.0.1916.153\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Users\Doro Gabriel\AppData\Local\Google\Chrome\Application\35.0.1916.153\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll No File
CHR Plugin: (vShare.tv plug-in) - C:\Users\Doro Gabriel\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpionmjnkbpcdpcflammlgllecmejgjj\1.3_0\chvsharetvplg.dll No File
CHR Plugin: (vShare.tv plug-in) - C:\Program Files (x86)\Mozilla Firefox\plugins\npvsharetvplg.dll (vShare.tv )
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.180.7) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeploytk.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U18) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll No File
CHR Plugin: (Adobe Contribute CS5 ) - C:\Program Files (x86)\Mozilla Firefox\plugins\npContribute.dll (Adobe Systems, Inc.)
CHR Plugin: (2007 Microsoft Office system) - C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Plugin: (Veetle TV Player) - C:\Program Files (x86)\Veetle\Player\npvlc.dll (Veetle Inc)
CHR Plugin: (Veetle TV Core) - C:\Program Files (x86)\Veetle\plugins\npVeetle.dll (Veetle Inc)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Extension: (Google Drive) - C:\Users\Doro Gabriel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-07-02]
CHR Extension: (YouTube) - C:\Users\Doro Gabriel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-06-05]
CHR Extension: (Google-Suche) - C:\Users\Doro Gabriel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-06-05]
CHR Extension: (Google Wallet) - C:\Users\Doro Gabriel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR Extension: (Battlefield Play4Free) - C:\Users\Doro Gabriel\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiokahphinmbmakkehgelkmpolmnbkdh [2014-07-01]
CHR Extension: (Google Mail) - C:\Users\Doro Gabriel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-06-05]
CHR HKCU\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\DOROGA~1\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2014-06-26]
CHR HKCU\...\Chrome\Extension: [ochbjojkpcmlfeagbaahkofepalngihg] - C:\Users\Doro Gabriel\AppData\Roaming\TorrentStream\extensions\chrome\magicplayer.crx [2012-11-05]
CHR HKLM-x32\...\Chrome\Extension: [kpionmjnkbpcdpcflammlgllecmejgjj] - C:\Program Files (x86)\vShare.tv plugin\vshareplg.crx [2011-08-31]
CHR StartMenuInternet: Google Chrome - C:\Users\Doro Gabriel\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-05-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-05-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1039440 2014-05-20] (Avira Operations GmbH & Co. KG)
R2 IePluginServices; C:\ProgramData\IePluginServices\PluginService.exe [704112 2014-05-08] (Cherished Technololgy LIMITED)
R2 IGBASVC; C:\Program Files (x86)\Acer Bio Protection\BASVC.exe [3450368 2009-09-05] (Egis Technology Inc.) [File not signed]
S3 InstallShield Licensing Service; C:\Program Files (x86)\Common Files\InstallShield Shared\Service\InstallShield Licensing Service.exe [78536 2011-10-17] (Macrovision                                                    )
R2 LavasoftAdAwareService11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareService.exe [706864 2014-06-03] ()
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 mi-raysat_3dsmax2012_64; C:\Program Files\Autodesk\3ds Max Design 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe [86016 2011-02-22] () [File not signed]
S4 msvsmon90; C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe [4737024 2008-07-29] (Microsoft Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-07-01] ()
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 Update WebSpades; C:\Program Files (x86)\WebSpades\updateWebSpades.exe [318752 2014-07-02] ()
R2 Util WebSpades; C:\Program Files (x86)\WebSpades\bin\utilWebSpades.exe [318752 2014-07-02] ()
R2 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [535936 2014-07-02] (Fuyu LIMITED)
S3 McNeelUpdates64; "C:\Program Files (x86)\Rhinoceros 4.0\System\RhinoVersionCheckSvc64.exe" [X]

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [112080 2014-05-20] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-05-20] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-14] (Avira Operations GmbH & Co. KG)
R0 johci; C:\Windows\System32\DRIVERS\johci.sys [20392 2009-09-21] (JMicron )
S3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [389240 2014-04-22] (BitDefender S.R.L.)
R2 WIBUKEY; C:\Windows\System32\DRIVERS\WibuKey64.sys [103224 2009-12-03] (WIBU-SYSTEMS AG)
R1 {2635ac50-5488-40bf-9bfd-accb158f8f3f}w64; C:\Windows\System32\drivers\{2635ac50-5488-40bf-9bfd-accb158f8f3f}w64.sys [61120 2014-06-26] (StdLib)
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2030-08-29 15:22 - 2030-08-29 15:22 - 00143872 ____N (Intel Corporation) C:\Windows\SysWOW64\iacenc.dll
2030-08-29 15:22 - 2030-08-29 15:22 - 00056832 ____N () C:\Windows\SysWOW64\iyvu9_32.dll
2014-07-02 14:04 - 2014-07-02 14:05 - 00033572 _____ () C:\Users\Doro Gabriel\Desktop\FRST.txt
2014-07-02 14:04 - 2014-07-02 14:04 - 00000000 ____D () C:\FRST
2014-07-02 14:03 - 2014-07-02 14:03 - 02083840 _____ (Farbar) C:\Users\Doro Gabriel\Desktop\FRST64.exe
2014-07-02 13:20 - 2014-07-02 13:20 - 00000000 ____D () C:\Users\Doro Gabriel\AppData\Roaming\Lavasoft
2014-07-02 12:54 - 2014-07-02 13:29 - 00028672 _____ () C:\Windows\system32\bddel.exe
2014-07-02 12:54 - 2014-07-02 13:29 - 00027340 _____ () C:\Windows\system32\bddel.dat
2014-07-02 12:11 - 2014-07-02 12:12 - 00002312 _____ () C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
2014-07-02 12:11 - 2014-07-02 12:11 - 00000000 ____D () C:\Users\Doro Gabriel\AppData\Roaming\LavasoftStatistics
2014-07-02 12:11 - 2014-07-02 12:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ad-Aware Antivirus
2014-07-02 12:11 - 2014-07-02 12:11 - 00000000 ____D () C:\Program Files\Lavasoft
2014-07-02 12:10 - 2014-07-02 12:10 - 00000000 ____D () C:\Users\Doro Gabriel\AppData\Roaming\SecureSearch
2014-07-02 12:10 - 2014-07-02 12:10 - 00000000 ____D () C:\ProgramData\Search Protection
2014-07-02 12:10 - 2014-07-02 12:10 - 00000000 ____D () C:\Program Files (x86)\Toolbar Cleaner
2014-07-02 12:10 - 2014-07-02 12:10 - 00000000 ____D () C:\Program Files (x86)\Lavasoft
2014-07-02 12:09 - 2014-07-02 12:09 - 00000000 ____D () C:\Program Files\Common Files\Lavasoft
2014-07-02 12:07 - 2014-07-02 12:07 - 01707144 _____ () C:\Users\Doro Gabriel\Downloads\Adaware112_Installer.exe
2014-07-02 12:07 - 2014-07-02 12:07 - 00000000 ____D () C:\ProgramData\Lavasoft
2014-07-02 11:24 - 2014-06-26 16:49 - 00061120 _____ (StdLib) C:\Windows\system32\Drivers\{2635ac50-5488-40bf-9bfd-accb158f8f3f}w64.sys
2014-07-02 01:43 - 2014-07-02 12:54 - 00000000 ____D () C:\Program Files (x86)\SupTab
2014-07-02 01:43 - 2014-07-02 01:43 - 00000000 ____D () C:\Users\Doro Gabriel\AppData\Roaming\SupTab
2014-07-02 01:43 - 2014-07-02 01:43 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2014-07-02 01:43 - 2014-07-02 01:43 - 00000000 ____D () C:\ProgramData\IePluginServices
2014-07-02 01:42 - 2014-07-02 11:23 - 00000000 ____D () C:\Program Files (x86)\WebSpades
2014-07-02 01:41 - 2014-07-02 01:46 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-07-02 01:41 - 2014-07-02 01:41 - 00000000 ____D () C:\Users\Doro Gabriel\AppData\Local\globalUpdate
2014-07-01 16:57 - 2014-07-01 17:02 - 00282104 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr
2014-07-01 16:56 - 2014-07-01 16:56 - 00000000 ____D () C:\Users\Doro Gabriel\AppData\Local\PunkBuster
2014-07-01 16:54 - 2014-07-01 17:07 - 00000000 ____D () C:\Users\Doro Gabriel\Documents\Battlefield Play4Free
2014-07-01 16:36 - 2014-07-01 17:02 - 00282104 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-07-01 16:36 - 2014-07-01 17:02 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-07-01 16:36 - 2014-07-01 16:36 - 00000000 ____D () C:\Users\Doro Gabriel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\EA Games
2014-07-01 16:08 - 2014-07-01 16:08 - 00000000 ____D () C:\Program Files (x86)\EA Games
2014-06-26 16:40 - 2014-06-27 08:28 - 00000000 ___RD () C:\Users\Doro Gabriel\Google Drive
2014-06-26 16:40 - 2014-06-26 16:40 - 00001734 _____ () C:\Users\Doro Gabriel\Desktop\Google Drive.lnk
2014-06-26 16:39 - 2014-06-26 16:39 - 00002049 _____ () C:\Users\Public\Desktop\Google Slides.lnk
2014-06-26 16:39 - 2014-06-26 16:39 - 00002047 _____ () C:\Users\Public\Desktop\Google Sheets.lnk
2014-06-26 16:39 - 2014-06-26 16:39 - 00002037 _____ () C:\Users\Public\Desktop\Google Docs.lnk
2014-06-26 16:39 - 2014-06-26 16:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2014-06-26 16:38 - 2014-06-26 16:38 - 00895120 _____ (Google Inc.) C:\Users\Doro Gabriel\Downloads\googledrivesync.exe
2014-06-24 19:57 - 2014-06-24 19:57 - 00275664 _____ () C:\Windows\Minidump\062414-35552-01.dmp
2014-06-21 15:02 - 2014-06-21 15:02 - 00372704 _____ () C:\Windows\Minidump\062114-34257-01.dmp
2014-06-21 14:52 - 2014-06-21 14:52 - 00275664 _____ () C:\Windows\Minidump\062114-37190-01.dmp
2014-06-20 23:41 - 2014-06-20 23:41 - 00000000 _____ () C:\Users\Doro Gabriel\AppData\Local\{1CCA130F-AF98-456E-BA93-0D01C02EAE30}
2014-06-13 11:55 - 2014-06-13 11:55 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-11 23:29 - 2014-06-11 23:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2014-06-11 23:29 - 2014-06-11 23:29 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-06-11 11:03 - 2014-03-26 16:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-06-11 11:03 - 2014-03-26 16:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-06-11 11:03 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-06-11 11:03 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-06-11 11:03 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-06-11 11:03 - 2014-03-26 16:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-06-11 11:03 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2014-06-11 11:03 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-06-11 11:02 - 2014-05-30 12:21 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-11 11:02 - 2014-05-30 12:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-11 11:02 - 2014-05-30 12:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-06-11 11:02 - 2014-05-30 11:45 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-11 11:02 - 2014-05-30 11:39 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-11 11:02 - 2014-05-30 11:39 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-11 11:02 - 2014-05-30 11:38 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-06-11 11:02 - 2014-05-30 11:28 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-11 11:02 - 2014-05-30 11:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-11 11:02 - 2014-05-30 11:24 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-11 11:02 - 2014-05-30 11:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-11 11:02 - 2014-05-30 11:21 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-06-11 11:02 - 2014-05-30 11:20 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-06-11 11:02 - 2014-05-30 11:18 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-11 11:02 - 2014-05-30 11:11 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-06-11 11:02 - 2014-05-30 11:08 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-11 11:02 - 2014-05-30 11:06 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-11 11:02 - 2014-05-30 11:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-11 11:02 - 2014-05-30 10:55 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-06-11 11:02 - 2014-05-30 10:49 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-11 11:02 - 2014-05-30 10:46 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-11 11:02 - 2014-05-30 10:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-06-11 11:02 - 2014-05-30 10:44 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-11 11:02 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-06-11 11:02 - 2014-05-30 10:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-06-11 11:02 - 2014-05-30 10:38 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-11 11:02 - 2014-05-30 10:35 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-11 11:02 - 2014-05-30 10:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-11 11:02 - 2014-05-30 10:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-11 11:02 - 2014-05-30 10:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-06-11 11:02 - 2014-05-30 10:29 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-11 11:02 - 2014-05-30 10:28 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-06-11 11:02 - 2014-05-30 10:27 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-06-11 11:02 - 2014-05-30 10:24 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-06-11 11:02 - 2014-05-30 10:23 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-11 11:02 - 2014-05-30 10:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-11 11:02 - 2014-05-30 10:10 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-06-11 11:02 - 2014-05-30 10:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-11 11:02 - 2014-05-30 10:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-11 11:02 - 2014-05-30 10:02 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-11 11:02 - 2014-05-30 09:56 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-11 11:02 - 2014-05-30 09:56 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-11 11:02 - 2014-05-30 09:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-11 11:02 - 2014-05-30 09:50 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-06-11 11:02 - 2014-05-30 09:49 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-11 11:02 - 2014-05-30 09:43 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-11 11:02 - 2014-05-30 09:40 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-11 11:02 - 2014-05-30 09:30 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-11 11:02 - 2014-05-30 09:21 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-11 11:02 - 2014-05-30 09:15 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-11 11:02 - 2014-05-30 09:13 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-06-11 11:02 - 2014-05-30 09:13 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-06-11 11:02 - 2014-05-08 11:32 - 01112064 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-06-11 11:02 - 2014-04-25 04:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-06-11 11:02 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-06-11 11:02 - 2014-04-05 04:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-11 11:02 - 2014-04-05 04:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-06-11 11:02 - 2013-11-26 13:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-06-10 21:34 - 2014-06-10 21:34 - 00090624 _____ () C:\Users\Doro Gabriel\Downloads\WM 2014 Tippspiel DEU.xlt
2014-06-03 10:09 - 2014-06-03 10:09 - 00013221 _____ () C:\Users\Doro Gabriel\Downloads\Stückliste Papper Brillen mit Kodierung.xlsx

==================== One Month Modified Files and Folders =======

2030-08-29 15:22 - 2030-08-29 15:22 - 00143872 ____N (Intel Corporation) C:\Windows\SysWOW64\iacenc.dll
2030-08-29 15:22 - 2030-08-29 15:22 - 00056832 ____N () C:\Windows\SysWOW64\iyvu9_32.dll
2014-07-02 14:05 - 2014-07-02 14:04 - 00033572 _____ () C:\Users\Doro Gabriel\Desktop\FRST.txt
2014-07-02 14:04 - 2014-07-02 14:04 - 00000000 ____D () C:\FRST
2014-07-02 14:03 - 2014-07-02 14:03 - 02083840 _____ (Farbar) C:\Users\Doro Gabriel\Desktop\FRST64.exe
2014-07-02 13:59 - 2011-03-20 12:33 - 00000000 ____D () C:\Users\Doro Gabriel\AppData\Roaming\Skype
2014-07-02 13:29 - 2014-07-02 12:54 - 00028672 _____ () C:\Windows\system32\bddel.exe
2014-07-02 13:29 - 2014-07-02 12:54 - 00027340 _____ () C:\Windows\system32\bddel.dat
2014-07-02 13:20 - 2014-07-02 13:20 - 00000000 ____D () C:\Users\Doro Gabriel\AppData\Roaming\Lavasoft
2014-07-02 13:20 - 2009-07-14 04:34 - 00000580 _____ () C:\Windows\win.ini
2014-07-02 13:19 - 2009-07-14 06:45 - 00019840 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-02 13:19 - 2009-07-14 06:45 - 00019840 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-02 12:54 - 2014-07-02 01:43 - 00000000 ____D () C:\Program Files (x86)\SupTab
2014-07-02 12:47 - 2012-12-01 05:02 - 00001148 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3542374432-354979354-222888450-1000UA.job
2014-07-02 12:39 - 2011-03-27 23:28 - 00001122 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-02 12:33 - 2012-05-03 19:13 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-02 12:27 - 2011-03-19 19:01 - 01460595 _____ () C:\Windows\WindowsUpdate.log
2014-07-02 12:12 - 2014-07-02 12:11 - 00002312 _____ () C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
2014-07-02 12:11 - 2014-07-02 12:11 - 00000000 ____D () C:\Users\Doro Gabriel\AppData\Roaming\LavasoftStatistics
2014-07-02 12:11 - 2014-07-02 12:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ad-Aware Antivirus
2014-07-02 12:11 - 2014-07-02 12:11 - 00000000 ____D () C:\Program Files\Lavasoft
2014-07-02 12:10 - 2014-07-02 12:10 - 00000000 ____D () C:\Users\Doro Gabriel\AppData\Roaming\SecureSearch
2014-07-02 12:10 - 2014-07-02 12:10 - 00000000 ____D () C:\ProgramData\Search Protection
2014-07-02 12:10 - 2014-07-02 12:10 - 00000000 ____D () C:\Program Files (x86)\Toolbar Cleaner
2014-07-02 12:10 - 2014-07-02 12:10 - 00000000 ____D () C:\Program Files (x86)\Lavasoft
2014-07-02 12:09 - 2014-07-02 12:09 - 00000000 ____D () C:\Program Files\Common Files\Lavasoft
2014-07-02 12:07 - 2014-07-02 12:07 - 01707144 _____ () C:\Users\Doro Gabriel\Downloads\Adaware112_Installer.exe
2014-07-02 12:07 - 2014-07-02 12:07 - 00000000 ____D () C:\ProgramData\Lavasoft
2014-07-02 11:41 - 2009-07-14 06:51 - 00001645 _____ () C:\Windows\setupact.log
2014-07-02 11:23 - 2014-07-02 01:42 - 00000000 ____D () C:\Program Files (x86)\WebSpades
2014-07-02 01:46 - 2014-07-02 01:41 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-07-02 01:43 - 2014-07-02 01:43 - 00000000 ____D () C:\Users\Doro Gabriel\AppData\Roaming\SupTab
2014-07-02 01:43 - 2014-07-02 01:43 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2014-07-02 01:43 - 2014-07-02 01:43 - 00000000 ____D () C:\ProgramData\IePluginServices
2014-07-02 01:43 - 2012-06-05 02:16 - 00002625 _____ () C:\Users\Doro Gabriel\Desktop\Google Chrome.lnk
2014-07-02 01:43 - 2012-01-27 19:17 - 00001377 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-07-02 01:43 - 2011-03-19 23:08 - 00002166 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-07-02 01:43 - 2011-03-19 19:06 - 00001660 _____ () C:\Users\Doro Gabriel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-07-02 01:41 - 2014-07-02 01:41 - 00000000 ____D () C:\Users\Doro Gabriel\AppData\Local\globalUpdate
2014-07-01 19:46 - 2012-12-01 05:02 - 00001096 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3542374432-354979354-222888450-1000Core.job
2014-07-01 19:38 - 2011-03-27 23:28 - 00001118 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-01 17:07 - 2014-07-01 16:54 - 00000000 ____D () C:\Users\Doro Gabriel\Documents\Battlefield Play4Free
2014-07-01 17:02 - 2014-07-01 16:57 - 00282104 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr
2014-07-01 17:02 - 2014-07-01 16:36 - 00282104 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-07-01 17:02 - 2014-07-01 16:36 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-07-01 16:56 - 2014-07-01 16:56 - 00000000 ____D () C:\Users\Doro Gabriel\AppData\Local\PunkBuster
2014-07-01 16:36 - 2014-07-01 16:36 - 00000000 ____D () C:\Users\Doro Gabriel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\EA Games
2014-07-01 16:33 - 2011-04-25 20:37 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-07-01 16:08 - 2014-07-01 16:08 - 00000000 ____D () C:\Program Files (x86)\EA Games
2014-06-29 16:21 - 2013-12-03 23:06 - 10520227 _____ () C:\Users\Doro Gabriel\Desktop\RhinoCrashDump.dmp
2014-06-27 18:13 - 2009-07-14 19:58 - 00697082 _____ () C:\Windows\system32\perfh007.dat
2014-06-27 18:13 - 2009-07-14 19:58 - 00148346 _____ () C:\Windows\system32\perfc007.dat
2014-06-27 18:13 - 2009-07-14 07:13 - 01613340 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-27 15:26 - 2011-03-19 20:04 - 00002562 _____ () C:\Windows\diagwrn.xml
2014-06-27 15:26 - 2011-03-19 20:04 - 00001908 _____ () C:\Windows\diagerr.xml
2014-06-27 15:26 - 2009-07-14 06:51 - 00000000 _____ () C:\Windows\setuperr.log
2014-06-27 08:28 - 2014-06-26 16:40 - 00000000 ___RD () C:\Users\Doro Gabriel\Google Drive
2014-06-26 16:49 - 2014-07-02 11:24 - 00061120 _____ (StdLib) C:\Windows\system32\Drivers\{2635ac50-5488-40bf-9bfd-accb158f8f3f}w64.sys
2014-06-26 16:40 - 2014-06-26 16:40 - 00001734 _____ () C:\Users\Doro Gabriel\Desktop\Google Drive.lnk
2014-06-26 16:40 - 2011-03-19 19:06 - 00000000 ____D () C:\Users\Doro Gabriel
2014-06-26 16:39 - 2014-06-26 16:39 - 00002049 _____ () C:\Users\Public\Desktop\Google Slides.lnk
2014-06-26 16:39 - 2014-06-26 16:39 - 00002047 _____ () C:\Users\Public\Desktop\Google Sheets.lnk
2014-06-26 16:39 - 2014-06-26 16:39 - 00002037 _____ () C:\Users\Public\Desktop\Google Docs.lnk
2014-06-26 16:39 - 2014-06-26 16:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2014-06-26 16:39 - 2011-03-27 23:28 - 00000000 ____D () C:\Users\Doro Gabriel\AppData\Local\Google
2014-06-26 16:39 - 2011-03-27 23:28 - 00000000 ____D () C:\Program Files (x86)\Google
2014-06-26 16:38 - 2014-06-26 16:38 - 00895120 _____ (Google Inc.) C:\Users\Doro Gabriel\Downloads\googledrivesync.exe
2014-06-24 20:03 - 2014-05-16 10:27 - 00000000 ____D () C:\Users\Doro Gabriel\AppData\Roaming\DropboxMaster
2014-06-24 20:03 - 2012-10-11 16:55 - 00000000 ___RD () C:\Users\Doro Gabriel\Dropbox
2014-06-24 20:03 - 2012-10-11 16:49 - 00000000 ____D () C:\Users\Doro Gabriel\AppData\Roaming\Dropbox
2014-06-24 19:57 - 2014-06-24 19:57 - 00275664 _____ () C:\Windows\Minidump\062414-35552-01.dmp
2014-06-24 19:57 - 2011-12-16 11:44 - 533557498 _____ () C:\Windows\MEMORY.DMP
2014-06-24 19:57 - 2011-12-16 11:44 - 00000000 ____D () C:\Windows\Minidump
2014-06-24 19:57 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-21 15:02 - 2014-06-21 15:02 - 00372704 _____ () C:\Windows\Minidump\062114-34257-01.dmp
2014-06-21 14:52 - 2014-06-21 14:52 - 00275664 _____ () C:\Windows\Minidump\062114-37190-01.dmp
2014-06-21 14:52 - 2012-04-27 18:33 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-06-20 23:41 - 2014-06-20 23:41 - 00000000 _____ () C:\Users\Doro Gabriel\AppData\Local\{1CCA130F-AF98-456E-BA93-0D01C02EAE30}
2014-06-19 19:42 - 2012-12-01 05:02 - 00004132 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3542374432-354979354-222888450-1000UA
2014-06-19 19:42 - 2012-12-01 05:02 - 00003736 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3542374432-354979354-222888450-1000Core
2014-06-19 19:34 - 2011-03-27 23:28 - 00004118 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-19 19:33 - 2011-03-27 23:28 - 00003866 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-16 00:00 - 2011-04-20 21:21 - 00000000 ____D () C:\Users\Doro Gabriel\AppData\Local\PokerStars
2014-06-13 11:55 - 2014-06-13 11:55 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-12 17:36 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-06-12 10:46 - 2012-10-11 16:55 - 00001052 _____ () C:\Users\Doro Gabriel\Desktop\Dropbox.lnk
2014-06-12 10:46 - 2012-10-11 16:54 - 00000000 ____D () C:\Users\Doro Gabriel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-06-12 10:45 - 2011-03-20 12:33 - 00000000 ____D () C:\ProgramData\Skype
2014-06-12 10:44 - 2011-03-20 12:33 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-06-12 10:37 - 2011-03-21 21:22 - 00136960 _____ () C:\Windows\PFRO.log
2014-06-12 10:00 - 2013-08-15 14:04 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-12 09:57 - 2011-03-21 14:43 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-06-12 09:57 - 2011-03-19 21:22 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-06-11 23:29 - 2014-06-11 23:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2014-06-11 23:29 - 2014-06-11 23:29 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-06-11 23:29 - 2013-10-16 22:17 - 00001938 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2014-06-11 23:29 - 2011-03-19 23:17 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2014-06-10 21:34 - 2014-06-10 21:34 - 00090624 _____ () C:\Users\Doro Gabriel\Downloads\WM 2014 Tippspiel DEU.xlt
2014-06-03 10:09 - 2014-06-03 10:09 - 00013221 _____ () C:\Users\Doro Gabriel\Downloads\Stückliste Papper Brillen mit Kodierung.xlsx

Some content of TEMP:
====================
C:\Users\Doro Gabriel\AppData\Local\Temp\9c6d3f6e-5287-47f7-875f-f02135fbba6a.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\AcDeltree.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\AskSLib.dll
C:\Users\Doro Gabriel\AppData\Local\Temp\avgnt.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\chutil.dll
C:\Users\Doro Gabriel\AppData\Local\Temp\contentDATs.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp3bavgo.dll
C:\Users\Doro Gabriel\AppData\Local\Temp\firefoxjre_exe.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\GUR8694.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\InstallAX.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\InstallPlugin.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\jre-1.6.0_20-windows-i586-iftw.exe_90744722.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\jre-6u20-windows-i586-jinstall_uac.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\jre-6u32-windows-i586-iftw.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\jre-6u33-windows-i586-iftw.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\jre-6u35-windows-i586-iftw.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\jre-6u37-windows-i586-iftw.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\jre-7u13-windows-i586-iftw.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\pdf24-creator-update.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\ptu2705_tmp.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\RhinoScriptEditor.dll
C:\Users\Doro Gabriel\AppData\Local\Temp\rhrdk_beta_20070402.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\SecurityScan_Release.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\SpotifyUpgrader.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\Uninstall.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\utt2A31.tmp.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\_unps.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-06-28 00:17

==================== End Of Log ============================

--- --- ---

deeprybka · 02.07.2014, 13:21

Hi,

Code:

ATTFilter

2009-07-14 04:34 - 2011-03-28 19:31 - 00002000 ____A C:\Windows\system32\Drivers\etc\hosts
0.0.0.0       localhost 
127.0.0.1 activate.adobe.com 
127.0.0.1 practivate.adobe.com 
127.0.0.1 ereg.adobe.com 
127.0.0.1 activate.wip3.adobe.com 
127.0.0.1 wip3.adobe.com 
127.0.0.1 3dns-3.adobe.com 
127.0.0.1 3dns-2.adobe.com 
127.0.0.1 adobe-dns.adobe.com 
127.0.0.1 adobe-dns-2.adobe.com 
127.0.0.1 adobe-dns-3.adobe.com 
127.0.0.1 ereg.wip3.adobe.com 
127.0.0.1 activate-sea.adobe.com 
127.0.0.1 wwis-dubc1-vip60.adobe.com 
127.0.0.1 activate-sjc0.adobe.com 
0.0.0.0       localhost 
127.0.0.1 activate.adobe.com 
127.0.0.1 practivate.adobe.com 
127.0.0.1 ereg.adobe.com 
127.0.0.1 activate.wip3.adobe.com 
127.0.0.1 wip3.adobe.com 
127.0.0.1 3dns-3.adobe.com 
127.0.0.1 3dns-2.adobe.com 
127.0.0.1 adobe-dns.adobe.com 
127.0.0.1 adobe-dns-2.adobe.com 
127.0.0.1 adobe-dns-3.adobe.com 
127.0.0.1 ereg.wip3.adobe.com 
127.0.0.1 activate-sea.adobe.com 
127.0.0.1 wwis-dubc1-vip60.adobe.com

Das kann weg oder?

dösen · 02.07.2014, 13:27

Was ist das genau? Unwichtiges wahrscheinlich oder? Wenns hilft kanns weg!!

Wie ich das allerdings lösche weiß ich nicht, bitte um Anleitung

deeprybka · 02.07.2014, 14:01

Ok...

Info

Mehrere Antivirusprogramme:
Ich habe in den Logs festgestellt, dass auf diesem Rechner mehr als ein Antivirusprogramm mit Echtzeitschutz installiert ist.
Das erzeugt antagonistische Effekte und vermindert dadurch die Schutzleistung.
Die Sicherheit wird damit nicht erhöht.

Schritt 1

Bitte deinstalliere folgende Programme:

Java 7 Update 55
Java(TM) 6 Update 37
Java(TM) 7 Update 1
Ad-Aware Antivirus

Versuche es bei Windows 7

zunächst über Systemsteuerung/Programme deinstallieren.

Sollte das nicht gehen, lade Dir bitte Revo Uninstaller

hier herunter. Entpacke die zip-Datei auf den Desktop.

Starte die Revouninstaller.exe
Klicke auf Optionen und wähle als Sprache Deutsch.
Suche im Uninstallerfeld nach den oben angegebenen Programmen und wähle sie einzeln aus.
Klicke jedesmal auf Uninstall.
Wähle anschließend den Modus "Moderat" aus.
Reste löschen:
Klicke auf dann auf und dann auf .

Solltest Du ein Programm nicht finden oder nicht deinstallieren können, mache bitte mit dem nächsten Schritt weiter:

Schritt 2
Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Schritt 3
Bitte lade dir zoek.exe von hier: http://hijackthis.nl/smeenk/

Bitte deaktiviere während des Scans alle Virenscanner, da sie das Ergebnis beeinflussen können.
Starte die zoek.exe mit einem Doppelklick.
Achtung: Das folgende Skript wurde nur für diesen speziellen Fall geschrieben und sollte nicht 1:1 auf andere Computer übernommen werden.
Kopiere den Text der folgenden Box in das Skriptfenster von zoek:
Code:
ATTFilter
```
iedefaults;
FFdefaults;
CHRdefaults;
emptyclsid;
resethosts;
         
```
Nun klicke auf "Run script" und sei geduldig bis das Skript durchgelaufen ist.
Wenn das Tool fertig ist, wird sich eine Logdatei öffnen (ggf. erst nach einem Neustart). Das Log befindet sich aber auch noch unter c:
Bitte poste mir das ZOEK-Log (möglichst in CODE-Tags - #-Symbol im Antwortfenster klicken)

Schritt 4

Bitte starte FRST erneut, und drücke auf Scan.
Bitte poste mir den Inhalt des Logs.

dösen · 02.07.2014, 14:52

Code:

ATTFilter

# AdwCleaner v3.214 - Bericht erstellt am 02/07/2014 um 15:23:12
# Aktualisiert 29/06/2014 von Xplode
# Betriebssystem : Windows 7 Ultimate Service Pack 1 (64 bits)
# Benutzername : Doro Gabriel - DOROGABRIEL-PC
# Gestartet von : C:\Users\Doro Gabriel\Desktop\adwcleaner_3.214.exe
# Option : Löschen

***** [ Dienste ] *****

Dienst Gelöscht : IePluginServices
[#] Dienst Gelöscht : Update WebSpades
[#] Dienst Gelöscht : Util WebSpades

***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\ProgramData\IePluginServices
Ordner Gelöscht : C:\ProgramData\Search Protection
Ordner Gelöscht : C:\Program Files (x86)\globalUpdate
Ordner Gelöscht : C:\Program Files (x86)\SupTab
Ordner Gelöscht : C:\Program Files (x86)\Toolbar Cleaner
Ordner Gelöscht : C:\Program Files (x86)\vShare.tv plugin
[!] Ordner Gelöscht : C:\Program Files (x86)\WebSpades
Ordner Gelöscht : C:\Users\Doro Gabriel\AppData\Local\globalUpdate
Ordner Gelöscht : C:\Users\DOROGA~1\AppData\Local\Temp\WebSpades
Ordner Gelöscht : C:\Users\Doro Gabriel\AppData\LocalLow\adawaretb
Ordner Gelöscht : C:\Users\Doro Gabriel\AppData\Roaming\Babylon
Ordner Gelöscht : C:\Users\Doro Gabriel\AppData\Roaming\dvdvideosoftiehelpers
Ordner Gelöscht : C:\Users\Doro Gabriel\AppData\Roaming\OpenCandy
Ordner Gelöscht : C:\Users\Doro Gabriel\AppData\Roaming\SecureSearch
Ordner Gelöscht : C:\Users\Doro Gabriel\AppData\Roaming\SupTab
Ordner Gelöscht : C:\Users\Doro Gabriel\AppData\Roaming\Mozilla\Firefox\Profiles\9io3wi8p.default\adawaretb
Ordner Gelöscht : C:\Users\Doro Gabriel\AppData\Roaming\Mozilla\Firefox\Profiles\9io3wi8p.default\Extensions\faststartff@gmail.com
Datei Gelöscht : C:\Users\DOROGA~1\AppData\Local\Temp\Uninstall.exe
Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\Plugins\npvsharetvplg.dll
Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\adawaretb.xml
Datei Gelöscht : C:\Users\Doro Gabriel\AppData\Roaming\Mozilla\Firefox\Profiles\9io3wi8p.default\searchplugins\Web Search.xml
Datei Gelöscht : C:\Users\Doro Gabriel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
Datei Gelöscht : C:\Users\Doro Gabriel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal

***** [ Verknüpfungen ] *****

Verknüpfung Desinfiziert : C:\Users\Public\Desktop\Mozilla Firefox.lnk
Verknüpfung Desinfiziert : C:\Users\Doro Gabriel\Desktop\Google Chrome.lnk
Verknüpfung Desinfiziert : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
Verknüpfung Desinfiziert : C:\Users\Doro Gabriel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Verknüpfung Desinfiziert : C:\Users\Doro Gabriel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
Verknüpfung Desinfiziert : C:\Users\Doro Gabriel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Verknüpfung Desinfiziert : C:\Users\Doro Gabriel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Verknüpfung Desinfiziert : C:\Users\Doro Gabriel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
Verknüpfung Desinfiziert : C:\Users\Doro Gabriel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk
Verknüpfung Desinfiziert : C:\Users\Doro Gabriel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk

***** [ Registrierungsdatenbank ] *****

Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [faststartff@gmail.com]
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\kpionmjnkbpcdpcflammlgllecmejgjj
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\MyNewsBarLauncher.IE5BarLauncher
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\MyNewsBarLauncher.IE5BarLauncher.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASMANCS
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Search Protection]
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_per_bit-che_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_per_bit-che_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{8F97BFF8-488B-4107-BCEE-B161AB4E4183}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A1B48071-416D-474E-A13B-BE5456E7FC31}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A1CCCE0D-AE21-42A2-BE58-8E6109410995}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CD4D7B0F-45C6-4bb2-A1E7-54D1754E7FC5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A1B48071-416D-474E-A13B-BE5456E7FC31}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F97BFF8-488B-4107-BCEE-B161AB4E4183}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F97BFF8-488B-4107-BCEE-B161AB4E4183}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A1B48071-416D-474E-A13B-BE5456E7FC31}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4250488A-CB24-0893-C066-B1AEA57BCFF2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{62155D33-3CE2-401E-8967-5A270628A3D5}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Wert Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{62155D33-3CE2-401E-8967-5A270628A3D5}
Daten Wiederhergestellt : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Schlüssel Gelöscht : HKCU\Software\1ClickDownload
Schlüssel Gelöscht : HKCU\Software\SmartBar
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\StartSearch
Schlüssel Gelöscht : HKCU\Software\vShare.tv
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\adawarebp
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Crossrider
Schlüssel Gelöscht : HKLM\Software\adawaretb
Schlüssel Gelöscht : HKLM\Software\Babylon
Schlüssel Gelöscht : HKLM\Software\SupDp
Schlüssel Gelöscht : HKLM\Software\SupTab
Schlüssel Gelöscht : HKLM\Software\Toolbar Cleaner
Schlüssel Gelöscht : HKLM\Software\Wpm
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Toolbar Cleaner
Daten Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SupTab\SEARCH~2.DLL

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17126

Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Search Bar]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [SearchAssistant]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [Default]

-\\ Mozilla Firefox v27.0.1 (de)

[ Datei : C:\Users\Doro Gabriel\AppData\Roaming\Mozilla\Firefox\Profiles\9io3wi8p.default\prefs.js ]

Zeile gelöscht : user_pref("browser.newtab.url", "hxxp://isearch.omiga-plus.com/newtab/?type=nt&ts=1404258177&from=ild&uid=WDCXWD5000BEVT-22A0RT0_WD-WX71C90V9560V9560");
Zeile gelöscht : user_pref("browser.search.defaultengine", "Web Search");
Zeile gelöscht : user_pref("browser.search.order.1", "Web Search");
Zeile gelöscht : user_pref("browser.startup.homepage", "hxxp://isearch.omiga-plus.com/?type=hp&ts=1404258177&from=ild&uid=WDCXWD5000BEVT-22A0RT0_WD-WX71C90V9560V9560");
Zeile gelöscht : user_pref("extensions.enabledItems", "{e0238ae8-dfed-4c5f-9183-fc72878505b4}:1.0,helperbar@helperbar.com:1.0,{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:5.6.0.8442,{dd05fd3d-18df-4ce4-ae53-e795339c5f01}:1.[...]
Zeile gelöscht : user_pref("keyword.URL", "hxxp://feed.snapdo.com/?publisher=SnapdoEMonYB&dpid=SnapdoEMonYB&co=AT&userid=e0238ae8-dfed-4c5f-9183-fc72878505b4&searchtype=ds&installDate=05/07/2013&q=");
Zeile gelöscht : user_pref("vshare.install.date", "1313338946");
Zeile gelöscht : user_pref("vshare.install.finished", "1.0.0");
Zeile gelöscht : user_pref("vshare.install.fresh", "false");
Zeile gelöscht : user_pref("vshare.install.guid", "{6ad08cbd-a92a-48df-bac6-061b675ef822}");
Zeile gelöscht : user_pref("vshare.install.newtab", false);

-\\ Google Chrome v

[ Datei : C:\Users\Doro Gabriel\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Gelöscht [Search Provider] : hxxp://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=AT&userid=73a88569-ea74-4edd-a35a-82777fac0bb4&searchtype=ds&q={searchTerms}
Gelöscht [Search Provider] : hxxp://feed.snapdo.com/?publisher=SnapdoEMonYB&dpid=SnapdoEMonYB&co=AT&userid=e0238ae8-dfed-4c5f-9183-fc72878505b4&searchtype=ds&q={searchTerms}&installDate=05/07/2013
Gelöscht [Search Provider] : hxxp://isearch.omiga-plus.com/web/?type=dspp&ts=1404295825&from=ild&uid=WDCXWD5000BEVT-22A0RT0_WD-WX71C90V9560V9560&q={searchTerms}
Gelöscht [Startup_urls] : hxxp://feed.snapdo.com/?publisher=SnapdoEMonYB&dpid=SnapdoEMonYB&co=AT&userid=e0238ae8-dfed-4c5f-9183-fc72878505b4&searchtype=hp&installDate=05/07/2013
Gelöscht [Startup_urls] : hxxp://isearch.omiga-plus.com/?type=hp&ts=1404258177&from=ild&uid=WDCXWD5000BEVT-22A0RT0_WD-WX71C90V9560V9560
Gelöscht [Startup_urls] : hxxp://isearch.omiga-plus.com/?type=hppp&ts=1404295826&from=ild&uid=WDCXWD5000BEVT-22A0RT0_WD-WX71C90V9560V9560
Gelöscht [Extension] : bopakagnckmlgajfccecajhnimjiiedh
Gelöscht [Extension] : kpionmjnkbpcdpcflammlgllecmejgjj

*************************

AdwCleaner[R0].txt - [17272 octets] - [02/07/2014 15:22:36]
AdwCleaner[S0].txt - [14469 octets] - [02/07/2014 15:23:12]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [14530 octets] ##########

Code:

ATTFilter

Zoek.exe v5.0.0.0 Updated 30-06-2014
Tool run by Doro Gabriel on 02.07.2014 at 15:34:33,53.
Microsoft Windows 7 Ultimate  6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Doro Gabriel\Desktop\zoek.exe [Scan all users] [Script inserted] 

==== System Restore Info ======================

02.07.2014 15:37:04 Zoek.exe System Restore Point Created Succesfully.

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3542374432-354979354-222888450-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DBC80044-A445-435b-BC74-9C25C1C588A9} deleted successfully
HKEY_USERS\S-1-5-21-3542374432-354979354-222888450-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DBC80044-A445-435b-BC74-9C25C1C588A9} deleted successfully
HKEY_USERS\S-1-5-21-3542374432-354979354-222888450-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} deleted successfully
HKEY_USERS\S-1-5-21-3542374432-354979354-222888450-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} deleted successfully

==== Deleting CLSID Registry Values ======================


==== FireFox Fix ======================

Deleted from C:\Users\DOROGA~1\AppData\Roaming\Mozilla\Firefox\Profiles\9io3wi8p.default\prefs.js:
user_pref("browser.search.defaultenginename", "omiga-plus");
user_pref("browser.search.selectedEngine", "omiga-plus");

Added to C:\Users\DOROGA~1\AppData\Roaming\Mozilla\Firefox\Profiles\9io3wi8p.default\prefs.js:
user_pref("browser.startup.homepage", "hxxp://www.google.com");
user_pref("browser.search.defaulturl", "hxxp://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "hxxp://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "hxxp://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}"="C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}" [28.03.2011 19:28]
[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
"{e4f94d1e-2f53-401e-8885-681602c0ddd8}"="C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi" [04.04.2014 12:36]

==== Firefox Extensions ======================

ProfilePath: C:\Users\DOROGA~1\AppData\Roaming\Mozilla\Firefox\Profiles\9io3wi8p.default
- vshare Add-On - C:\Users\Doro Gabriel\AppData\Roaming\Mozilla\Firefox\Profiles\9io3wi8p.default\extensions\{dd05fd3d-18df-4ce4-ae53-e795339c5f01}
- Undetermined - C:\Users\Doro Gabriel\AppData\Roaming\Mozilla\Firefox\Profiles\9io3wi8p.default\extensions\fca3238e-0f52-4634-8e93-c36d211b2ea9@c1c012cf-93b0-488e-a2c5-453d23bec199.com
- Undetermined - C:\Users\Doro Gabriel\AppData\Roaming\Mozilla\Firefox\Profiles\9io3wi8p.default\extensions\faststartff@gmail.com
- Undetermined - %ProfilePath%\extensions\{87934c42-161d-45bc-8cef-ef18abe2a30c}
- vshare Add-On - %ProfilePath%\extensions\{dd05fd3d-18df-4ce4-ae53-e795339c5f01}

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Skype Click to Call - %AppDir%\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
- Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
- Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Doro Gabriel\AppData\Roaming\Mozilla\Firefox\Profiles\9io3wi8p.default
FB5621842FDABF9F8359775573498FBC	- C:\Users\Doro Gabriel\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll -	Google Update
A58DE0A570148AF5FF3512B2A340D09F	- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll -	Shockwave Flash
ACEC2CF02B014071EC47CD37CEBD8199	- C:\Users\Doro Gabriel\AppData\Roaming\TorrentStream\player\npts_plugin.dll -	Torrent Stream P2P Multimedia Plug-in 2


==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Bar"="hxxp://www.google.com"
"Use Search Asst"="yes"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl]
"Default"="hxxp://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchUrl]
"Default"="hxxp://www.google.com"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"Default"="hxxp://www.google.com"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="hxxp://www.google.com"
"SearchAssistant"="hxxp://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="hxxp://go.microsoft.com/fwlink/?LinkId=69157"
"Use Search Asst"="no"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="hxxp://search.msn.com/results.asp?q=%s"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="hxxp://search.msn.com/results.asp?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="hxxp://search.msn.com/results.asp?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="hxxp://go.microsoft.com/fwlink/?LinkId=54896"
"SearchAssistant"="hxxp://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"

==== Reset Google Chrome ======================

C:\Users\Doro Gabriel\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Doro Gabriel\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=0 folders=0 0 bytes)

==== After Reboot ======================

==== Reset Hosts File ======================

Hosts File Reset Successfully

==== EOF on 02.07.2014 at 15:40:24,70 ======================

Ob das zoek richtig gearbeitet hat, weiß ich nicht genau, hab's nicht geschafft rechtzeitig das Avira zu beenden. Aber zumindest chrome ist schon mal ads-frei!!

Ich starte jetzt noch den frst scan!

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-07-2014
Ran by Doro Gabriel (administrator) on DOROGABRIEL-PC on 02-07-2014 15:50:39
Running from C:\Users\Doro Gabriel\Desktop
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Egis Technology Inc.) C:\Program Files (x86)\Acer Bio Protection\CompPtcVUI.exe
(Fuyu LIMITED) C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Egis Technology Inc.) C:\Program Files (x86)\Acer Bio Protection\BASVC.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
(Akamai Technologies, Inc.) C:\Users\Doro Gabriel\AppData\Local\Akamai\netsession_win.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Akamai Technologies, Inc.) C:\Users\Doro Gabriel\AppData\Local\Akamai\netsession_win.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Spotify Ltd) C:\Users\Doro Gabriel\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(WIBU-SYSTEMS AG) C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe
(Dropbox, Inc.) C:\Users\Doro Gabriel\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Egis Technology Inc.) C:\Program Files (x86)\Acer Bio Protection\PdtWzd.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Google Inc.) C:\Users\Doro Gabriel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Doro Gabriel\AppData\Local\Google\Chrome\Application\chrome.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Google Inc.) C:\Users\Doro Gabriel\AppData\Local\Google\Chrome\Application\chrome.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\ipmgui.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Google Inc.) C:\Users\Doro Gabriel\AppData\Local\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-08-07] (Intel Corporation)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [323072 2009-10-01] (Alps Electric Co., Ltd.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8312352 2009-11-02] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1825064 2009-09-03] (Synaptics Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [IntelliPoint] => C:\Program Files\Microsoft IntelliPoint\ipoint.exe [2417032 2011-08-01] (Microsoft Corporation)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-11-12] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [VitaKeyPdtWzd] => C:\Program Files (x86)\Acer Bio Protection\PdtWzd.exe [3567616 2009-09-05] (Egis Technology Inc.)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [937920 2011-06-06] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-08-27] (Apple Inc.)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [163000 2012-12-12] (Geek Software GmbH)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [737872 2014-05-20] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-3542374432-354979354-222888450-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Doro Gabriel\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)
HKU\S-1-5-21-3542374432-354979354-222888450-1000\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [427520 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-3542374432-354979354-222888450-1000\...\Run: [Google Update] => C:\Users\Doro Gabriel\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-12-01] (Google Inc.)
HKU\S-1-5-21-3542374432-354979354-222888450-1000\...\Run: [Spotify Web Helper] => C:\Users\Doro Gabriel\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1168896 2013-12-15] (Spotify Ltd)
HKU\S-1-5-21-3542374432-354979354-222888450-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21444224 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-3542374432-354979354-222888450-1000\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [24474752 2014-06-05] (Google)
Lsa: [Notification Packages] C:\Program Files (x86)\Acer Bio Protection\PwdFilterV64
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Netzwerk Server.lnk
ShortcutTarget: Netzwerk Server.lnk -> C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe (WIBU-SYSTEMS AG)
Startup: C:\Users\Doro Gabriel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Doro Gabriel\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: GDriveBlacklistedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedEditOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedViewOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSyncedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSyncingOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: Symbol-Overlay-Steuerprogramm für AutoCAD Digitale Signaturen -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll (Autodesk, Inc.)
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 1 (GFS Unread Stub) -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 2 (GFS Stub) -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 2.5 (GFS Unread Folder) -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 3 (GFS Folder) -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 4 (GFS Unread Mark) -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://at.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xA75ACD8E1BBBCC01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-at
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
SearchScopes: HKLM-x32 - DefaultScope value is missing.
BHO-x32: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} -  No File
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

Hosts: Hosts file not detected in the default directory
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF ProfilePath: C:\Users\Doro Gabriel\AppData\Roaming\Mozilla\Firefox\Profiles\9io3wi8p.default
FF NewTab: hxxp://www.google.com/
FF DefaultSearchEngine: Google
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.com
FF Keyword.URL: hxxp://www.google.com/search?btnG=Google+Search&q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin - C:\Program Files (x86)\Java\jre6\bin\dtplugin\npDeployJava1.dll No File
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @veetle.com/veetleCorePlugin,version=0.9.18 - C:\Program Files (x86)\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF Plugin-x32: @veetle.com/veetlePlayerPlugin,version=0.9.18 - C:\Program Files (x86)\Veetle\Player\npvlc.dll (Veetle Inc)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Doro Gabriel\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Doro Gabriel\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @torrentstream.net/tsplugin,version=2.0.1 - C:\Users\Doro Gabriel\AppData\Roaming\TorrentStream\player\npts_plugin.dll (Innovative Digital Technologies)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npContribute.dll (Adobe Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\omiga-plus.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: No Name - C:\Users\Doro Gabriel\AppData\Roaming\Mozilla\Firefox\Profiles\9io3wi8p.default\Extensions\{87934c42-161d-45bc-8cef-ef18abe2a30c} [2014-07-02]
FF Extension: vshare Add-On - C:\Users\Doro Gabriel\AppData\Roaming\Mozilla\Firefox\Profiles\9io3wi8p.default\Extensions\{dd05fd3d-18df-4ce4-ae53-e795339c5f01} [2011-08-14]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-06-13]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2014-06-13]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2014-06-13]
FF HKLM-x32\...\Firefox\Extensions: [{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}] - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}
FF Extension: Adobe Contribute Toolbar - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9} [2011-03-28]
FF HKCU\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]

Chrome: 
=======
CHR Extension: (Google Docs) - C:\Users\Doro Gabriel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-07-02]
CHR Extension: (Google Drive) - C:\Users\Doro Gabriel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-07-02]
CHR Extension: (YouTube) - C:\Users\Doro Gabriel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-06-05]
CHR Extension: (Google-Suche) - C:\Users\Doro Gabriel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-06-05]
CHR Extension: (Google Wallet) - C:\Users\Doro Gabriel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR Extension: (TS Magic Player) - C:\Users\Doro Gabriel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ochbjojkpcmlfeagbaahkofepalngihg [2014-07-02]
CHR Extension: (Google Mail) - C:\Users\Doro Gabriel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-06-05]
CHR HKCU\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\DOROGA~1\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2014-06-26]
CHR HKCU\...\Chrome\Extension: [ochbjojkpcmlfeagbaahkofepalngihg] - C:\Users\Doro Gabriel\AppData\Roaming\TorrentStream\extensions\chrome\magicplayer.crx [2012-11-05]
CHR StartMenuInternet: Google Chrome - C:\Users\Doro Gabriel\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-05-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-05-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1039440 2014-05-20] (Avira Operations GmbH & Co. KG)
R2 IGBASVC; C:\Program Files (x86)\Acer Bio Protection\BASVC.exe [3450368 2009-09-05] (Egis Technology Inc.) [File not signed]
S3 InstallShield Licensing Service; C:\Program Files (x86)\Common Files\InstallShield Shared\Service\InstallShield Licensing Service.exe [78536 2011-10-17] (Macrovision                                                    )
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
S2 mi-raysat_3dsmax2012_64; C:\Program Files\Autodesk\3ds Max Design 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe [86016 2011-02-22] () [File not signed]
S4 msvsmon90; C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe [4737024 2008-07-29] (Microsoft Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-07-01] ()
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [535936 2014-07-02] (Fuyu LIMITED)
S3 McNeelUpdates64; "C:\Program Files (x86)\Rhinoceros 4.0\System\RhinoVersionCheckSvc64.exe" [X]

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [112080 2014-05-20] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-05-20] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-14] (Avira Operations GmbH & Co. KG)
R0 johci; C:\Windows\System32\DRIVERS\johci.sys [20392 2009-09-21] (JMicron )
R2 WIBUKEY; C:\Windows\System32\DRIVERS\WibuKey64.sys [103224 2009-12-03] (WIBU-SYSTEMS AG)
R1 {2635ac50-5488-40bf-9bfd-accb158f8f3f}w64; C:\Windows\System32\drivers\{2635ac50-5488-40bf-9bfd-accb158f8f3f}w64.sys [61120 2014-06-26] (StdLib)
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2030-08-29 15:22 - 2030-08-29 15:22 - 00143872 ____N (Intel Corporation) C:\Windows\SysWOW64\iacenc.dll
2030-08-29 15:22 - 2030-08-29 15:22 - 00056832 ____N () C:\Windows\SysWOW64\iyvu9_32.dll
2014-07-02 15:38 - 2014-07-02 15:33 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-07-02 15:36 - 2014-07-02 15:40 - 00007523 _____ () C:\zoek-results.log
2014-07-02 15:33 - 2014-07-02 15:33 - 00000000 ____D () C:\zoek_backup
2014-07-02 15:32 - 2014-07-02 15:33 - 01285120 _____ () C:\Users\Doro Gabriel\Desktop\zoek.exe
2014-07-02 15:22 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-07-02 15:21 - 2014-07-02 15:23 - 00000000 ____D () C:\AdwCleaner
2014-07-02 15:21 - 2014-07-02 15:21 - 01346519 _____ () C:\Users\Doro Gabriel\Desktop\adwcleaner_3.214.exe
2014-07-02 14:05 - 2014-07-02 14:06 - 00059170 _____ () C:\Users\Doro Gabriel\Desktop\Addition.txt
2014-07-02 14:04 - 2014-07-02 15:50 - 00022034 _____ () C:\Users\Doro Gabriel\Desktop\FRST.txt
2014-07-02 14:04 - 2014-07-02 15:50 - 00000000 ____D () C:\FRST
2014-07-02 14:03 - 2014-07-02 14:03 - 02083840 _____ (Farbar) C:\Users\Doro Gabriel\Desktop\FRST64.exe
2014-07-02 13:20 - 2014-07-02 15:19 - 00000000 ____D () C:\Users\Doro Gabriel\AppData\Roaming\Lavasoft
2014-07-02 12:11 - 2014-07-02 12:11 - 00000000 ____D () C:\Users\Doro Gabriel\AppData\Roaming\LavasoftStatistics
2014-07-02 12:11 - 2014-07-02 12:11 - 00000000 ____D () C:\Program Files\Lavasoft
2014-07-02 12:10 - 2014-07-02 12:10 - 00000000 ____D () C:\Program Files (x86)\Lavasoft
2014-07-02 12:07 - 2014-07-02 12:07 - 01707144 _____ () C:\Users\Doro Gabriel\Downloads\Adaware112_Installer.exe
2014-07-02 12:07 - 2014-07-02 12:07 - 00000000 ____D () C:\ProgramData\Lavasoft
2014-07-02 11:24 - 2014-06-26 16:49 - 00061120 _____ (StdLib) C:\Windows\system32\Drivers\{2635ac50-5488-40bf-9bfd-accb158f8f3f}w64.sys
2014-07-02 01:43 - 2014-07-02 01:43 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2014-07-02 01:42 - 2014-07-02 15:23 - 00000000 ____D () C:\Program Files (x86)\WebSpades
2014-07-01 16:57 - 2014-07-01 17:02 - 00282104 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr
2014-07-01 16:56 - 2014-07-01 16:56 - 00000000 ____D () C:\Users\Doro Gabriel\AppData\Local\PunkBuster
2014-07-01 16:54 - 2014-07-01 17:07 - 00000000 ____D () C:\Users\Doro Gabriel\Documents\Battlefield Play4Free
2014-07-01 16:36 - 2014-07-01 17:02 - 00282104 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-07-01 16:36 - 2014-07-01 17:02 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-07-01 16:36 - 2014-07-01 16:36 - 00000000 ____D () C:\Users\Doro Gabriel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\EA Games
2014-07-01 16:08 - 2014-07-01 16:08 - 00000000 ____D () C:\Program Files (x86)\EA Games
2014-06-26 16:40 - 2014-07-02 15:43 - 00000000 ___RD () C:\Users\Doro Gabriel\Google Drive
2014-06-26 16:40 - 2014-06-26 16:40 - 00001734 _____ () C:\Users\Doro Gabriel\Desktop\Google Drive.lnk
2014-06-26 16:39 - 2014-06-26 16:39 - 00002049 _____ () C:\Users\Public\Desktop\Google Slides.lnk
2014-06-26 16:39 - 2014-06-26 16:39 - 00002047 _____ () C:\Users\Public\Desktop\Google Sheets.lnk
2014-06-26 16:39 - 2014-06-26 16:39 - 00002037 _____ () C:\Users\Public\Desktop\Google Docs.lnk
2014-06-26 16:39 - 2014-06-26 16:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2014-06-26 16:38 - 2014-06-26 16:38 - 00895120 _____ (Google Inc.) C:\Users\Doro Gabriel\Downloads\googledrivesync.exe
2014-06-24 19:57 - 2014-06-24 19:57 - 00275664 _____ () C:\Windows\Minidump\062414-35552-01.dmp
2014-06-21 15:02 - 2014-06-21 15:02 - 00372704 _____ () C:\Windows\Minidump\062114-34257-01.dmp
2014-06-21 14:52 - 2014-06-21 14:52 - 00275664 _____ () C:\Windows\Minidump\062114-37190-01.dmp
2014-06-20 23:41 - 2014-06-20 23:41 - 00000000 _____ () C:\Users\Doro Gabriel\AppData\Local\{1CCA130F-AF98-456E-BA93-0D01C02EAE30}
2014-06-13 11:55 - 2014-06-13 11:55 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-11 23:29 - 2014-06-11 23:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2014-06-11 23:29 - 2014-06-11 23:29 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-06-11 11:03 - 2014-03-26 16:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-06-11 11:03 - 2014-03-26 16:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-06-11 11:03 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-06-11 11:03 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-06-11 11:03 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-06-11 11:03 - 2014-03-26 16:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-06-11 11:03 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2014-06-11 11:03 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-06-11 11:02 - 2014-05-30 12:21 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-11 11:02 - 2014-05-30 12:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-11 11:02 - 2014-05-30 12:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-06-11 11:02 - 2014-05-30 11:45 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-11 11:02 - 2014-05-30 11:39 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-11 11:02 - 2014-05-30 11:39 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-11 11:02 - 2014-05-30 11:38 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-06-11 11:02 - 2014-05-30 11:28 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-11 11:02 - 2014-05-30 11:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-11 11:02 - 2014-05-30 11:24 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-11 11:02 - 2014-05-30 11:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-11 11:02 - 2014-05-30 11:21 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-06-11 11:02 - 2014-05-30 11:20 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-06-11 11:02 - 2014-05-30 11:18 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-11 11:02 - 2014-05-30 11:11 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-06-11 11:02 - 2014-05-30 11:08 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-11 11:02 - 2014-05-30 11:06 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-11 11:02 - 2014-05-30 11:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-11 11:02 - 2014-05-30 10:55 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-06-11 11:02 - 2014-05-30 10:49 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-11 11:02 - 2014-05-30 10:46 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-11 11:02 - 2014-05-30 10:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-06-11 11:02 - 2014-05-30 10:44 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-11 11:02 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-06-11 11:02 - 2014-05-30 10:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-06-11 11:02 - 2014-05-30 10:38 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-11 11:02 - 2014-05-30 10:35 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-11 11:02 - 2014-05-30 10:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-11 11:02 - 2014-05-30 10:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-11 11:02 - 2014-05-30 10:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-06-11 11:02 - 2014-05-30 10:29 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-11 11:02 - 2014-05-30 10:28 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-06-11 11:02 - 2014-05-30 10:27 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-06-11 11:02 - 2014-05-30 10:24 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-06-11 11:02 - 2014-05-30 10:23 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-11 11:02 - 2014-05-30 10:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-11 11:02 - 2014-05-30 10:10 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-06-11 11:02 - 2014-05-30 10:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-11 11:02 - 2014-05-30 10:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-11 11:02 - 2014-05-30 10:02 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-11 11:02 - 2014-05-30 09:56 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-11 11:02 - 2014-05-30 09:56 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-11 11:02 - 2014-05-30 09:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-11 11:02 - 2014-05-30 09:50 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-06-11 11:02 - 2014-05-30 09:49 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-11 11:02 - 2014-05-30 09:43 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-11 11:02 - 2014-05-30 09:40 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-11 11:02 - 2014-05-30 09:30 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-11 11:02 - 2014-05-30 09:21 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-11 11:02 - 2014-05-30 09:15 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-11 11:02 - 2014-05-30 09:13 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-06-11 11:02 - 2014-05-30 09:13 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-06-11 11:02 - 2014-05-08 11:32 - 01112064 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-06-11 11:02 - 2014-04-25 04:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-06-11 11:02 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-06-11 11:02 - 2014-04-05 04:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-11 11:02 - 2014-04-05 04:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-06-11 11:02 - 2013-11-26 13:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-06-10 21:34 - 2014-06-10 21:34 - 00090624 _____ () C:\Users\Doro Gabriel\Downloads\WM 2014 Tippspiel DEU.xlt
2014-06-03 10:09 - 2014-06-03 10:09 - 00013221 _____ () C:\Users\Doro Gabriel\Downloads\Stückliste Papper Brillen mit Kodierung.xlsx

==================== One Month Modified Files and Folders =======

2030-08-29 15:22 - 2030-08-29 15:22 - 00143872 ____N (Intel Corporation) C:\Windows\SysWOW64\iacenc.dll
2030-08-29 15:22 - 2030-08-29 15:22 - 00056832 ____N () C:\Windows\SysWOW64\iyvu9_32.dll
2014-07-02 15:51 - 2014-07-02 14:04 - 00022034 _____ () C:\Users\Doro Gabriel\Desktop\FRST.txt
2014-07-02 15:50 - 2014-07-02 14:04 - 00000000 ____D () C:\FRST
2014-07-02 15:47 - 2012-12-01 05:02 - 00001148 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3542374432-354979354-222888450-1000UA.job
2014-07-02 15:46 - 2011-03-20 12:33 - 00000000 ____D () C:\Users\Doro Gabriel\AppData\Roaming\Skype
2014-07-02 15:46 - 2009-07-14 19:58 - 00697082 _____ () C:\Windows\system32\perfh007.dat
2014-07-02 15:46 - 2009-07-14 19:58 - 00148346 _____ () C:\Windows\system32\perfc007.dat
2014-07-02 15:46 - 2009-07-14 07:13 - 01613340 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-02 15:44 - 2012-10-11 16:55 - 00000000 ___RD () C:\Users\Doro Gabriel\Dropbox
2014-07-02 15:44 - 2012-10-11 16:49 - 00000000 ____D () C:\Users\Doro Gabriel\AppData\Roaming\Dropbox
2014-07-02 15:43 - 2014-06-26 16:40 - 00000000 ___RD () C:\Users\Doro Gabriel\Google Drive
2014-07-02 15:43 - 2014-05-16 10:27 - 00000000 ____D () C:\Users\Doro Gabriel\AppData\Roaming\DropboxMaster
2014-07-02 15:40 - 2014-07-02 15:36 - 00007523 _____ () C:\zoek-results.log
2014-07-02 15:39 - 2011-03-27 23:28 - 00001118 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-02 15:39 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-02 15:39 - 2009-07-14 06:51 - 00001757 _____ () C:\Windows\setupact.log
2014-07-02 15:38 - 2011-03-19 19:01 - 01473518 _____ () C:\Windows\WindowsUpdate.log
2014-07-02 15:38 - 2009-07-14 06:45 - 00019840 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-02 15:38 - 2009-07-14 06:45 - 00019840 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-02 15:33 - 2014-07-02 15:38 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-07-02 15:33 - 2014-07-02 15:33 - 00000000 ____D () C:\zoek_backup
2014-07-02 15:33 - 2014-07-02 15:32 - 01285120 _____ () C:\Users\Doro Gabriel\Desktop\zoek.exe
2014-07-02 15:33 - 2012-05-03 19:13 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-02 15:27 - 2012-06-05 02:16 - 00001548 _____ () C:\Users\Doro Gabriel\Desktop\Google Chrome.lnk
2014-07-02 15:25 - 2011-03-21 21:22 - 00166178 _____ () C:\Windows\PFRO.log
2014-07-02 15:23 - 2014-07-02 15:21 - 00000000 ____D () C:\AdwCleaner
2014-07-02 15:23 - 2014-07-02 01:42 - 00000000 ____D () C:\Program Files (x86)\WebSpades
2014-07-02 15:23 - 2012-06-05 02:16 - 00000000 ____D () C:\Users\Doro Gabriel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-07-02 15:23 - 2012-01-27 19:17 - 00001068 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-07-02 15:23 - 2011-03-19 23:08 - 00001056 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-07-02 15:23 - 2011-03-19 19:06 - 00001016 _____ () C:\Users\Doro Gabriel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-07-02 15:23 - 2009-07-14 04:34 - 00000580 _____ () C:\Windows\win.ini
2014-07-02 15:21 - 2014-07-02 15:21 - 01346519 _____ () C:\Users\Doro Gabriel\Desktop\adwcleaner_3.214.exe
2014-07-02 15:19 - 2014-07-02 13:20 - 00000000 ____D () C:\Users\Doro Gabriel\AppData\Roaming\Lavasoft
2014-07-02 14:06 - 2014-07-02 14:05 - 00059170 _____ () C:\Users\Doro Gabriel\Desktop\Addition.txt
2014-07-02 14:03 - 2014-07-02 14:03 - 02083840 _____ (Farbar) C:\Users\Doro Gabriel\Desktop\FRST64.exe
2014-07-02 12:39 - 2011-03-27 23:28 - 00001122 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-02 12:11 - 2014-07-02 12:11 - 00000000 ____D () C:\Users\Doro Gabriel\AppData\Roaming\LavasoftStatistics
2014-07-02 12:11 - 2014-07-02 12:11 - 00000000 ____D () C:\Program Files\Lavasoft
2014-07-02 12:10 - 2014-07-02 12:10 - 00000000 ____D () C:\Program Files (x86)\Lavasoft
2014-07-02 12:07 - 2014-07-02 12:07 - 01707144 _____ () C:\Users\Doro Gabriel\Downloads\Adaware112_Installer.exe
2014-07-02 12:07 - 2014-07-02 12:07 - 00000000 ____D () C:\ProgramData\Lavasoft
2014-07-02 01:43 - 2014-07-02 01:43 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2014-07-01 19:46 - 2012-12-01 05:02 - 00001096 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3542374432-354979354-222888450-1000Core.job
2014-07-01 17:07 - 2014-07-01 16:54 - 00000000 ____D () C:\Users\Doro Gabriel\Documents\Battlefield Play4Free
2014-07-01 17:02 - 2014-07-01 16:57 - 00282104 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr
2014-07-01 17:02 - 2014-07-01 16:36 - 00282104 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-07-01 17:02 - 2014-07-01 16:36 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-07-01 16:56 - 2014-07-01 16:56 - 00000000 ____D () C:\Users\Doro Gabriel\AppData\Local\PunkBuster
2014-07-01 16:36 - 2014-07-01 16:36 - 00000000 ____D () C:\Users\Doro Gabriel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\EA Games
2014-07-01 16:33 - 2011-04-25 20:37 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-07-01 16:08 - 2014-07-01 16:08 - 00000000 ____D () C:\Program Files (x86)\EA Games
2014-06-29 16:21 - 2013-12-03 23:06 - 10520227 _____ () C:\Users\Doro Gabriel\Desktop\RhinoCrashDump.dmp
2014-06-27 15:26 - 2011-03-19 20:04 - 00002562 _____ () C:\Windows\diagwrn.xml
2014-06-27 15:26 - 2011-03-19 20:04 - 00001908 _____ () C:\Windows\diagerr.xml
2014-06-27 15:26 - 2009-07-14 06:51 - 00000000 _____ () C:\Windows\setuperr.log
2014-06-26 16:49 - 2014-07-02 11:24 - 00061120 _____ (StdLib) C:\Windows\system32\Drivers\{2635ac50-5488-40bf-9bfd-accb158f8f3f}w64.sys
2014-06-26 16:40 - 2014-06-26 16:40 - 00001734 _____ () C:\Users\Doro Gabriel\Desktop\Google Drive.lnk
2014-06-26 16:40 - 2011-03-19 19:06 - 00000000 ____D () C:\Users\Doro Gabriel
2014-06-26 16:39 - 2014-06-26 16:39 - 00002049 _____ () C:\Users\Public\Desktop\Google Slides.lnk
2014-06-26 16:39 - 2014-06-26 16:39 - 00002047 _____ () C:\Users\Public\Desktop\Google Sheets.lnk
2014-06-26 16:39 - 2014-06-26 16:39 - 00002037 _____ () C:\Users\Public\Desktop\Google Docs.lnk
2014-06-26 16:39 - 2014-06-26 16:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2014-06-26 16:39 - 2011-03-27 23:28 - 00000000 ____D () C:\Users\Doro Gabriel\AppData\Local\Google
2014-06-26 16:39 - 2011-03-27 23:28 - 00000000 ____D () C:\Program Files (x86)\Google
2014-06-26 16:38 - 2014-06-26 16:38 - 00895120 _____ (Google Inc.) C:\Users\Doro Gabriel\Downloads\googledrivesync.exe
2014-06-24 19:57 - 2014-06-24 19:57 - 00275664 _____ () C:\Windows\Minidump\062414-35552-01.dmp
2014-06-24 19:57 - 2011-12-16 11:44 - 533557498 _____ () C:\Windows\MEMORY.DMP
2014-06-24 19:57 - 2011-12-16 11:44 - 00000000 ____D () C:\Windows\Minidump
2014-06-21 15:02 - 2014-06-21 15:02 - 00372704 _____ () C:\Windows\Minidump\062114-34257-01.dmp
2014-06-21 14:52 - 2014-06-21 14:52 - 00275664 _____ () C:\Windows\Minidump\062114-37190-01.dmp
2014-06-21 14:52 - 2012-04-27 18:33 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-06-20 23:41 - 2014-06-20 23:41 - 00000000 _____ () C:\Users\Doro Gabriel\AppData\Local\{1CCA130F-AF98-456E-BA93-0D01C02EAE30}
2014-06-19 19:42 - 2012-12-01 05:02 - 00004132 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3542374432-354979354-222888450-1000UA
2014-06-19 19:42 - 2012-12-01 05:02 - 00003736 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3542374432-354979354-222888450-1000Core
2014-06-19 19:34 - 2011-03-27 23:28 - 00004118 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-19 19:33 - 2011-03-27 23:28 - 00003866 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-16 00:00 - 2011-04-20 21:21 - 00000000 ____D () C:\Users\Doro Gabriel\AppData\Local\PokerStars
2014-06-13 11:55 - 2014-06-13 11:55 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-12 17:36 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-06-12 10:46 - 2012-10-11 16:55 - 00001052 _____ () C:\Users\Doro Gabriel\Desktop\Dropbox.lnk
2014-06-12 10:46 - 2012-10-11 16:54 - 00000000 ____D () C:\Users\Doro Gabriel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-06-12 10:45 - 2011-03-20 12:33 - 00000000 ____D () C:\ProgramData\Skype
2014-06-12 10:44 - 2011-03-20 12:33 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-06-12 10:00 - 2013-08-15 14:04 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-12 09:57 - 2011-03-21 14:43 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-06-12 09:57 - 2011-03-19 21:22 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-06-11 23:29 - 2014-06-11 23:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2014-06-11 23:29 - 2014-06-11 23:29 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-06-11 23:29 - 2013-10-16 22:17 - 00001938 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2014-06-11 23:29 - 2011-03-19 23:17 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2014-06-10 21:34 - 2014-06-10 21:34 - 00090624 _____ () C:\Users\Doro Gabriel\Downloads\WM 2014 Tippspiel DEU.xlt
2014-06-03 10:09 - 2014-06-03 10:09 - 00013221 _____ () C:\Users\Doro Gabriel\Downloads\Stückliste Papper Brillen mit Kodierung.xlsx

Some content of TEMP:
====================
C:\Users\Doro Gabriel\AppData\Local\Temp\7za.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\9c6d3f6e-5287-47f7-875f-f02135fbba6a.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\AcDeltree.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\AskSLib.dll
C:\Users\Doro Gabriel\AppData\Local\Temp\avgnt.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\chutil.dll
C:\Users\Doro Gabriel\AppData\Local\Temp\contentDATs.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpqosnpe.dll
C:\Users\Doro Gabriel\AppData\Local\Temp\firefoxjre_exe.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\GUR8694.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\hijackthis.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\InstallAX.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\InstallPlugin.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\jre-1.6.0_20-windows-i586-iftw.exe_90744722.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\jre-6u20-windows-i586-jinstall_uac.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\jre-6u32-windows-i586-iftw.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\jre-6u33-windows-i586-iftw.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\jre-6u35-windows-i586-iftw.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\jre-6u37-windows-i586-iftw.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\jre-7u13-windows-i586-iftw.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\pdf24-creator-update.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\ptu2705_tmp.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\Quarantine.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\RhinoScriptEditor.dll
C:\Users\Doro Gabriel\AppData\Local\Temp\rhrdk_beta_20070402.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\SecurityScan_Release.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\sed.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\shortcut.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\SpotifyUpgrader.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\swxcacls.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\utt2A31.tmp.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\_unps.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-06-28 00:17

==================== End Of Log ============================

--- --- ---

--- --- ---

deeprybka · 02.07.2014, 14:59

Schon OK....

Ich sehe leider nicht welche Version von Malwarebytes Du bereits hast. Ist es nicht die neueste, dann deinstalliere sie. Ansonsten analog ohne Download...

Schritt 1

Malwarebytes Antimalware

Download-Link
Installiere das Programm in den vorgegebenen Pfad.
Starte Malwarebytes' Anti-Malware (MBAM).
Sollte die Benutzeroberfläche noch in Englisch sein, klicke auf Settings und wähle bei Language Deutsch aus.
Unter Erkennung und Schutz setze bitte einen Haken bei "Suche nach Rootkits".
Klicke im Anschluss auf "Suchlauf", wähle den Bedrohungssuchlauf aus, aktualisiere die Datenbanken und klicke auf "Suchlauf jetzt starten".
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. (geht so...)
Poste mir den Inhalt der Logdatei (geht so...). Klicke dazu auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Suchlauf-Protokoll aus und klicke auf Ansicht. Klicke auf "In Zwischenablage kopieren" poste mir den Inhalt in Code-Tags als Antwort in den Thread.

Schritt 2

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Schritt 3

Bitte starte FRST erneut, markiere auch die checkbox

und drücke auf Scan.
Bitte poste mir den Inhalt der beiden Logs die erstellt werden.

Gibt es jetzt noch Probleme mit dem PC? Wenn ja, welche?

dösen · 02.07.2014, 17:53

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 02.07.2014
Suchlauf-Zeit: 16:33:59
Logdatei: 
Administrator: Ja

Version: 2.00.2.1012
Malware Datenbank: v2014.07.02.03
Rootkit Datenbank: v2014.07.01.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Self-protection: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Doro Gabriel

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 366806
Verstrichene Zeit: 29 Min, 35 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Heuristics: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 1
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe, 1428, Löschen bei Neustart, [df783466611ac175848eade2837edf21]

Module: 0
(No malicious items detected)

Registrierungsschlüssel: 8
PUP.Optional.WPM.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\WindowsMangerProtect, In Quarantäne, [df783466611ac175848eade2837edf21], 
PUP.Optional.WPM.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\WindowsMangerProtect, In Quarantäne, [df783466611ac175848eade2837edf21], 
PUP.Optional.Sanbreel.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\{2635ac50-5488-40bf-9bfd-accb158f8f3f}w64, In Quarantäne, [b2a511895229a591f5e168a2b54f47b9], 
PUP.Optional.ISearch.A, HKLM\SOFTWARE\WOW6432NODE\omiga-plusSoftware, In Quarantäne, [0f48d5c5dba06cca01f17989758fd42c], 
PUP.Optional.WPM.A, HKLM\SOFTWARE\WOW6432NODE\supWindowsMangerProtect, In Quarantäne, [61f617830f6c3600db3fc9428c785ea2], 
PUP.Optional.WebSpades.A, HKLM\SOFTWARE\WOW6432NODE\WebSpades, In Quarantäne, [e86fd4c63843c86e73512d95ab5746ba], 
PUP.Optional.HDvidCodec.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\HDvid-Codec V9.0, Löschen bei Neustart, [8acdddbda6d556e05ba69c32837f47b9], 
PUP.Optional.WebSpades.A, HKU\S-1-5-21-3542374432-354979354-222888450-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\WebSpades, Löschen bei Neustart, [391e82186714082e952e16ac25dd8f71], 

Registrierungswerte: 1
PUP.Optional.FastStart.A, HKU\S-1-5-21-3542374432-354979354-222888450-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MOZILLA\EXTENDS|appid, faststartff@gmail.com, Löschen bei Neustart, [3720ddbd9dde47efa503b6f922e0837d]

Registrierungsdaten: 1
PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Gut: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Schlecht: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),Ersetzt,[391ef2a8c7b487afea85741ba85c4db3]

Ordner: 3
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect, Löschen bei Neustart, [88cfc0da592251e5a738f5b9778bc739], 
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\log, In Quarantäne, [88cfc0da592251e5a738f5b9778bc739], 
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\update, In Quarantäne, [88cfc0da592251e5a738f5b9778bc739], 

Dateien: 12
PUP.Optional.Sanbreel.A, C:\Windows\System32\drivers\{2635ac50-5488-40bf-9bfd-accb158f8f3f}w64.sys, Löschen bei Neustart, [53cf0796c727185e3df42ee57ab86f57], 
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe, Löschen bei Neustart, [df783466611ac175848eade2837edf21], 
PUP.Optional.Babylon.A, C:\Users\Doro Gabriel\AppData\Local\Temp\953FF00F-BAB0-7891-B71F-81DC0EB9E7F1\Latest\BExternal.dll, In Quarantäne, [a6b14c4e81fa2b0b28d24fd3a35d02fe], 
Trojan.RotBrowse, C:\Users\Doro Gabriel\AppData\Local\Temp\953FF00F-BAB0-7891-B71F-81DC0EB9E7F1\Latest\ccp.dum, In Quarantäne, [7ed9e8b24239c67028bd82f92fd5a15f], 
PUP.Optional.Babylon.A, C:\Users\Doro Gabriel\AppData\Local\Temp\953FF00F-BAB0-7891-B71F-81DC0EB9E7F1\Latest\CrxInstaller.dum, In Quarantäne, [01566d2d4d2e63d3f80567b728d9ad53], 
PUP.Optional.Babylon.A, C:\Users\Doro Gabriel\AppData\Local\Temp\953FF00F-BAB0-7891-B71F-81DC0EB9E7F1\Latest\Setup.exe, In Quarantäne, [3720d0cae2991e1896dd6bb322ded729], 
PUP.Optional.Spigot.A, C:\Users\Doro Gabriel\Downloads\Setup-SopCast-3.8.3-2013-6-26.exe, In Quarantäne, [05528d0df08b76c0acf62505ac553fc1], 
PUP.Optional.MindSpark.A, C:\Users\Doro Gabriel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_allin1convert.dl.tb.ask.com_0.localstorage, In Quarantäne, [ed6a7b1f7308cc6af5c5efd0e71b758b], 
PUP.Optional.MindSpark.A, C:\Users\Doro Gabriel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_allin1convert.dl.tb.ask.com_0.localstorage-journal, In Quarantäne, [13445d3dea910a2c86340db251b15aa6], 
PUP.Optional.ISearch.A, C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\omiga-plus.xml, In Quarantäne, [72e5b8e281fa82b45eb846b4cf348f71], 
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\log\ProtectWindowsManager_2014-07-02[01-43-39-802].log, In Quarantäne, [88cfc0da592251e5a738f5b9778bc739], 
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\update\conf, In Quarantäne, [88cfc0da592251e5a738f5b9778bc739], 

Physische Sektoren: 0
(No malicious items detected)


(end)

Sieht aus als würde das mit dem ESET Onlinescan etwas länger dauern. Bin bei 1,5 h Laufzeit bei 14%. Ich werde dann die restlichen Logfiles hier posten. Danke schon mal für die Mühe!!

deeprybka · 02.07.2014, 17:56

Ja, poste einfach wenn Du alles hast. In der Tat, ESET dauert lange...

dösen · 03.07.2014, 09:32

So nach 17 h 91% u 62 infizierte Dateien (hab meine externe Festplatte auch angeschlossen)

Sieht nach einer Säuberungsaktion aus, die größer ausfallen wird, als erwartet.. zumindest für mich

Bin jetzt unter Tags weg, ich werde mich dann gegen Abend wieder melden.

deeprybka · 03.07.2014, 10:09

OK...

dösen · 03.07.2014, 17:28

Code:

ATTFilter

ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7587
# api_version=3.0.2
# EOSSerial=7b0ff1dc7ccd1b489cdabc2b6ecf2429
# engine=18989
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2014-07-03 04:07:51
# local_time=2014-07-03 06:07:51 (+0100, Mitteleuropäische Sommerzeit)
# country="Austria"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Avira Desktop'
# compatibility_mode=1810 16777213 100 100 89259 148899290 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 448664 156033521 0 0
# scanned=525480
# found=71
# cleaned=0
# scan_time=2597
sh=C7C0F42A23562AA6DCCD60326FD8CC2AA41B5448 ft=1 fh=c053642cee9f3def vn="Win32/Thinknice.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\DpInterface32.dll.vir"
sh=125B1C393F2104CBA08183E495C0907BFF7EDA22 ft=1 fh=ea25908c8365106f vn="Win64/Thinknice.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\DpInterface64.dll.vir"
sh=8E85792765D0E0BF52107CFF4A6620995DB19BB0 ft=1 fh=627da500ea2e265f vn="Variante von Win32/Thinknice.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\DpInterfacef32.dll.vir"
sh=FF431CD8693F4045BD7BD87DBCE54B820F000FC0 ft=1 fh=16c2e1bd3fd6b7e2 vn="Win64/Thinknice.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\SearchProtect64.dll.vir"
sh=5836A5DF3860241F6B69F2292ABCE592A13689B6 ft=1 fh=a3db04555f559ea8 vn="Variante von Win32/Thinknice.C evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\SpAPPSv32.dll.vir"
sh=9DC13DB9C123270C2356ED410128E11D5ADF7C6E ft=1 fh=023ab782f0a9b07d vn="Win32/Thinknice.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\SupTab.dll.vir"
sh=1FCDE60933AC1CA403AF044D5ED6C088E13BE728 ft=1 fh=c926de0e10daea98 vn="Variante von Win32/BrowseFox.H evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\WebSpades\updateWebSpades.exe.vir"
sh=82AD4451F89F190DC4B7732BE77A9CF1EC989FE7 ft=1 fh=eb7af28e24cbd2ec vn="Variante von MSIL/BrowseFox.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\WebSpades\WebSpades.FirstRun.exe.vir"
sh=1FCDE60933AC1CA403AF044D5ED6C088E13BE728 ft=1 fh=c926de0e10daea98 vn="Variante von Win32/BrowseFox.H evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\WebSpades\bin\utilWebSpades.exe.vir"
sh=688E1657F4B9D3701BB8F02A8C7D1D94D7B6B499 ft=1 fh=8c07266877452791 vn="Variante von Win32/BrowseFox.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\WebSpades\bin\WebSpades.BrowserAdapter.exe.vir"
sh=5ED66DFF73C5EC6570C257AE7DC52615E856ED8F ft=1 fh=5da123ac48bcc51d vn="Variante von Win64/BrowseFox.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\WebSpades\bin\WebSpades.PurBrowse64.exe.vir"
sh=985F026C0F26CEB0D161625840553322A4B9C544 ft=1 fh=60d77ee4d12b57b2 vn="Variante von Win32/BrowseFox.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\WebSpades\bin\WebSpadesBAApp.dll.vir"
sh=89CD6059BBA415F0C4BD5A7035EB21BAC4469F70 ft=1 fh=7c3fa67c66aa6e12 vn="Variante von Win32/BrowseFox.K evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\WebSpades\bin\{2635ac50-5488-40bf-9bfd-accb158f8f3f}.dll.vir"
sh=F130D07A233C1048C38A199D9156E724FDD709BF ft=1 fh=3180a5946e52063c vn="Variante von MSIL/BrowseFox.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\WebSpades\bin\plugins\WebSpades.Bromon.dll.vir"
sh=94019AB2BBBB16175AE279CA90B8AEEDADA62C91 ft=1 fh=6321f56e8c87da39 vn="Variante von MSIL/BrowseFox.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\WebSpades\bin\plugins\WebSpades.BroStats.dll.vir"
sh=59AE8472DCAE65719D36724DA6809C2177CAB797 ft=1 fh=9b34ace83aa6eb59 vn="möglicherweise Variante von MSIL/BrowseFox.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\WebSpades\bin\plugins\WebSpades.BrowserAdapter.dll.vir"
sh=4219EF74E29199C0D3DBE22693159615D3C59858 ft=1 fh=98f7ad39dfeef895 vn="Variante von MSIL/BrowseFox.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\WebSpades\bin\plugins\WebSpades.CompatibilityChecker.dll.vir"
sh=D49BE04C9449DDC491149A773F8A1763E79EEBD9 ft=1 fh=a93167a3faa9b5fd vn="Variante von MSIL/BrowseFox.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\WebSpades\bin\plugins\WebSpades.PurBrowse.dll.vir"
sh=56659F7FF1F1FA7906A77228E315F65F38BCEF73 ft=1 fh=0ff759dfc352fd03 vn="Variante von Win32/ELEX.AD evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\IePluginServices\PluginService.exe.vir"
sh=A4F319312C51671C3A95C478B1006769263996A9 ft=1 fh=886ae4ceae92d42e vn="Variante von Win32/OpenCandy.A potenziell unsichere Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Doro Gabriel\AppData\Roaming\OpenCandy\5554158B9C644B86AB514A5DEFE9BDFE\OCBrowserHelper_1.0.3.85.dll.vir"
sh=6BBAB7D2E2F852FBC2807DBB8DC07D8B82E118A9 ft=1 fh=69d1cb20d028e97d vn="Variante von Win32/OpenCandy.A potenziell unsichere Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Doro Gabriel\AppData\Roaming\OpenCandy\5554158B9C644B86AB514A5DEFE9BDFE\SnapDo_ALL_p1v4.exe.vir"
sh=4B553651EF610C0614F8393D6C25ABA0A8F09ECA ft=1 fh=92ef1bb072edf568 vn="Variante von Win32/Bundled.Toolbar.Ask.D potenziell unsichere Anwendung" ac=I fn="C:\Program Files (x86)\Avira\AntiVir Desktop\offercast_avirav7_.exe"
sh=688E1657F4B9D3701BB8F02A8C7D1D94D7B6B499 ft=1 fh=8c07266877452791 vn="Variante von Win32/BrowseFox.I evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\WebSpades\bin\WebSpades.BrowserAdapter.exe"
sh=89CD6059BBA415F0C4BD5A7035EB21BAC4469F70 ft=1 fh=7c3fa67c66aa6e12 vn="Variante von Win32/BrowseFox.K evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\WebSpades\bin\{2635ac50-5488-40bf-9bfd-accb158f8f3f}.dll"
sh=9584A5D4BC0EB48C862771E0FDA698453D796543 ft=1 fh=abdd6c93f19f521b vn="Win32/AdWare.1ClickDownload.AR Anwendung" ac=I fn="C:\Users\Doro Gabriel\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\00\00000000"
sh=A2B56BAF7493C0438F21FC1D2592B95750289C10 ft=1 fh=8f0d52d3dc624917 vn="Variante von Win32/DomaIQ.BG evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Doro Gabriel\AppData\Local\Google\Chrome\User Data\Default\File System\002\t\00\00000000"
sh=69EC990BCE3F294BD6ACED7C43195D6D58DE4065 ft=1 fh=e5a977fcb22e51c5 vn="Variante von Win32/Toolbar.Visicom.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Doro Gabriel\AppData\Local\Temp\9c6d3f6e-5287-47f7-875f-f02135fbba6a.exe"
sh=E32AA2E78D2C8F0E9316080E71A714BEFE851E6C ft=1 fh=374915f71a49693e vn="Variante von Win32/Bundled.Toolbar.Ask potenziell unsichere Anwendung" ac=I fn="C:\Users\Doro Gabriel\AppData\Local\Temp\AskSLib.dll"
sh=035EF1A19AFC0D423C85505DB17D2859FAC2250F ft=1 fh=b94a471135a3d38b vn="Variante von Win32/Toolbar.Babylon.I evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Doro Gabriel\AppData\Local\Temp\953FF00F-BAB0-7891-B71F-81DC0EB9E7F1\Latest\BabMaint.exe"
sh=E2BA5F8A7BD2BAF32FF31730BAD873C8E7957030 ft=1 fh=6e8622963c31f56a vn="Variante von Win32/Toolbar.Babylon.P evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Doro Gabriel\AppData\Local\Temp\953FF00F-BAB0-7891-B71F-81DC0EB9E7F1\Latest\BUSolution.dll"
sh=7759A3318DE2ABC3755EBB7F50322C6D586B5286 ft=1 fh=e3d39714b3bfb2a0 vn="Win32/Toolbar.Babylon.E evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Doro Gabriel\AppData\Local\Temp\953FF00F-BAB0-7891-B71F-81DC0EB9E7F1\Latest\IEHelper.dll"
sh=431C3C88B0BD65AF49F43C06CA712C3E18EDFADB ft=1 fh=28585be5f68f22b8 vn="Win32/InstallMonetizer.AF evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Doro Gabriel\Downloads\Pazera_Free_MP4_to_AVI_Converter.exe"
sh=FC3A4AD87148868BD2DCBAD74CCF433BAA64117D ft=1 fh=464494f20626130e vn="Win32/Toolbar.Babylon.E evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Doro Gabriel\Downloads\WatchTorrents Setup.exe"
sh=71435DDB11E00D0243380C4902324853FE4ECE8F ft=1 fh=12b0cd2dde452d65 vn="Variante von Win32/Bundled.Toolbar.Ask potenziell unsichere Anwendung" ac=I fn="C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ApnIC[1].0"
sh=40E49124AD0B55A25F947333CA88E9D0BC30A7E3 ft=1 fh=e26ad988592b2af9 vn="Variante von Win32/Bundled.Toolbar.Ask potenziell unsichere Anwendung" ac=I fn="C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA\ApnIC[1].0"
sh=71435DDB11E00D0243380C4902324853FE4ECE8F ft=1 fh=12b0cd2dde452d65 vn="Variante von Win32/Bundled.Toolbar.Ask potenziell unsichere Anwendung" ac=I fn="C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ApnIC[1].0"
sh=40E49124AD0B55A25F947333CA88E9D0BC30A7E3 ft=1 fh=e26ad988592b2af9 vn="Variante von Win32/Bundled.Toolbar.Ask potenziell unsichere Anwendung" ac=I fn="C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA\ApnIC[1].0"
sh=71435DDB11E00D0243380C4902324853FE4ECE8F ft=1 fh=12b0cd2dde452d65 vn="Variante von Win32/Bundled.Toolbar.Ask potenziell unsichere Anwendung" ac=I fn="C:\Windows\Temp\AskSLib.dll"
sh=4B553651EF610C0614F8393D6C25ABA0A8F09ECA ft=1 fh=92ef1bb072edf568 vn="Variante von Win32/Bundled.Toolbar.Ask.D potenziell unsichere Anwendung" ac=I fn="C:\Windows\Temp\avnwldrtemp\setup\Offercast_AVIRAV7_.exe"
sh=195F9BB7D46147E9BFD671500AF25E79875EE935 ft=1 fh=0b9331985462bb24 vn="Win32/OpenCandy potenziell unsichere Anwendung" ac=I fn="E:\Downloads\DTLite4451-0236.exe"
sh=9706F67257855B87BA56E5ABD43B3ECA48F8D64D ft=1 fh=7c4b1a375b9444d7 vn="Win32/SoftonicDownloader.D evtl. unerwünschte Anwendung" ac=I fn="E:\Downloads\SoftonicDownloader_per_bit-che.exe"
sh=961C5AFB26C2031D44ABABDAC3C18D3F1678F386 ft=0 fh=0000000000000000 vn="Variante von Win32/Bundled.Toolbar.Ask potenziell unsichere Anwendung" ac=I fn="E:\Downloads\SopCast347.zip"
sh=FBB73EDC3D95BB5F4C6DD320B026622ABC503971 ft=1 fh=ee89828fae9f150e vn="Win32/TopMedia.A evtl. unerwünschte Anwendung" ac=I fn="E:\Downloads\vshare-plugin.exe"
sh=E14827821FD88E5591E2FE4F8B728067751CFA17 ft=1 fh=2bd791b4023a2987 vn="Variante von Win32/Bundled.Toolbar.Ask potenziell unsichere Anwendung" ac=I fn="E:\Downloads\SopCast347\Setup-SopCast-3.4.7-2011-11-23.exe"
sh=365CFA0B4915A2AEE5C2C8648E2D09B4F63A93E3 ft=1 fh=5926e087c418c48d vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="G:\Music\OOo_3.2.1_Win32Intel_install_wJRE_de.exe"
sh=195F9BB7D46147E9BFD671500AF25E79875EE935 ft=1 fh=0b9331985462bb24 vn="Win32/OpenCandy potenziell unsichere Anwendung" ac=I fn="G:\Programme\DTLite4451-0236.exe"
sh=167B238188F89A76AA7BA35C3803C860AEF812C1 ft=1 fh=381ab773aff00b77 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="G:\Programme\isobuster28_all_lang.exe"
sh=18BF6055EDE757B1798BA126454633648A0B0CE6 ft=1 fh=2b9c7ce0890d0b38 vn="Variante von Win32/RemoteAdmin.RemoteExec.AA potenziell unsichere Anwendung" ac=I fn="G:\Programme\siw-setup.exe"
sh=406BD6F5DE84810634C7AADE29D87B19DEB07DD3 ft=1 fh=77b057220f5f569d vn="Win32/SoftonicDownloader.A evtl. unerwünschte Anwendung" ac=I fn="G:\Programme\SoftonicDownloader_fuer_audiocon.exe"
sh=8EC2C98CB97EAA19EBC99228CC00370084392916 ft=1 fh=fc58c01e4474db9d vn="Win32/SoftonicDownloader.A evtl. unerwünschte Anwendung" ac=I fn="G:\Programme\SoftonicDownloader_fuer_orf-ski-challenge.exe"
sh=0000000000000000000000000000000000000000 ft=- fh=0000000000000000 vn="BAT/HostsChanger.A potenziell unsichere Anwendung" ac=I fn="G:\Programme\Adobe Photoshop CS5 ISO\Adobe CS5 Master Collection x86x64 with Permanent Crack {sMileyBoY07} {H33T}.iso"
sh=31E2F1A6726FDE67AC0A641C000AF2E2C826971F ft=1 fh=594845ab90091f54 vn="Win32/Keygen.BL potenziell unsichere Anwendung" ac=I fn="G:\Programme\Autodesk 3ds Max Design 2012\activation\x-force_2012_x32.exe"
sh=082354A70A7643A94E76C581E144B38FBFBBF851 ft=1 fh=1b20774ca278a942 vn="Win32/Keygen.BL potenziell unsichere Anwendung" ac=I fn="G:\Programme\Autodesk 3ds Max Design 2012\activation\x-force_2012_x64.exe"
sh=31E2F1A6726FDE67AC0A641C000AF2E2C826971F ft=1 fh=594845ab90091f54 vn="Win32/Keygen.BL potenziell unsichere Anwendung" ac=I fn="G:\Programme\Autodesk 3ds Max Design 2012 ISO\activation\x-force_2012_x32.exe"
sh=082354A70A7643A94E76C581E144B38FBFBBF851 ft=1 fh=1b20774ca278a942 vn="Win32/Keygen.BL potenziell unsichere Anwendung" ac=I fn="G:\Programme\Autodesk 3ds Max Design 2012 ISO\activation\x-force_2012_x64.exe"
sh=7AB679BE3D6EBCD677E0D9CF964FA6AC06E2C8AA ft=1 fh=e7352bfa9fd76f5f vn="Variante von Win32/Keygen.BL potenziell unsichere Anwendung" ac=I fn="G:\Programme\Autodesk AutoCAD 2011\acad2011\CYGiSO\xf-a2011-64bits.exe"
sh=E4962E955F4C8FD74024C236402842AE6A124133 ft=0 fh=0000000000000000 vn="Variante von Win32/Keygen.BL potenziell unsichere Anwendung" ac=I fn="G:\Programme\Autodesk AutoCAD 2011 ISO\Autodesk.AutoCAD.GERMAN.2011.x64.cyg-acd2.iso"
sh=4956D7C28889049EA5F96C75E446CD6849126998 ft=1 fh=ac6bbc08eeb703c8 vn="Variante von Win32/Keygen.BL potenziell unsichere Anwendung" ac=I fn="G:\Programme\Autodesk Maya 2011 ISO\activation\keygens\xf-a2011-32bits.exe"
sh=7AB679BE3D6EBCD677E0D9CF964FA6AC06E2C8AA ft=1 fh=e7352bfa9fd76f5f vn="Variante von Win32/Keygen.BL potenziell unsichere Anwendung" ac=I fn="G:\Programme\Autodesk Maya 2011 ISO\activation\keygens\xf-a2011-64bits.exe"
sh=8FB9908C39CE26804BED1E3248952485F5EC6B9A ft=0 fh=0000000000000000 vn="Win32/Keygen.BL potenziell unsichere Anwendung" ac=I fn="G:\Programme\Autodesk Maya 2012\Crack\xf-a2012-32bits.rar"
sh=2A4F07498C10AEFA6F6B1A6301355B896D6E1F9B ft=0 fh=0000000000000000 vn="Win32/Keygen.BL potenziell unsichere Anwendung" ac=I fn="G:\Programme\Autodesk Maya 2012\Crack\xf-a2012-64bits.rar"
sh=082354A70A7643A94E76C581E144B38FBFBBF851 ft=1 fh=1b20774ca278a942 vn="Win32/Keygen.BL potenziell unsichere Anwendung" ac=I fn="G:\Programme\Autodesk Maya 2012\Crack\xf-a2012-64bits\xf-adesk2012x64.exe"
sh=FF3EB0C3AF52BEA461D4E6DEDEDB113E85CA2C96 ft=0 fh=0000000000000000 vn="Win32/Keygen.BL potenziell unsichere Anwendung" ac=I fn="G:\Programme\Autodesk Maya 2012 ISO\maya2012_x64.iso"
sh=8FB9908C39CE26804BED1E3248952485F5EC6B9A ft=0 fh=0000000000000000 vn="Win32/Keygen.BL potenziell unsichere Anwendung" ac=I fn="G:\Programme\Autodesk Revit Architecture 2012\Crack\xf-a2012-32bits.rar"
sh=2A4F07498C10AEFA6F6B1A6301355B896D6E1F9B ft=0 fh=0000000000000000 vn="Win32/Keygen.BL potenziell unsichere Anwendung" ac=I fn="G:\Programme\Autodesk Revit Architecture 2012\Crack\xf-a2012-64bits.rar"
sh=0000000000000000000000000000000000000000 ft=- fh=0000000000000000 vn="Win32/Keygen.BL potenziell unsichere Anwendung" ac=I fn="G:\Programme\Autodesk Revit Architecture 2012 ISO\rac2012.iso"
sh=936B528AA0C10F5A06CA40707DD15861279F1F9C ft=0 fh=0000000000000000 vn="Variante von Win32/HackTool.Patcher.T potenziell unsichere Anwendung" ac=I fn="G:\Programme\Rhinoceros 4.0 + Grasshpper + Flamingo +VRay\Rhinoceros4.0 Flamingo 2.2.iso"
sh=B19976EF2E325385DC9A4294F6753705C8938933 ft=0 fh=0000000000000000 vn="Win32/Keygen.BL potenziell unsichere Anwendung" ac=I fn="G:\Programme\Softimage2012 x64 ISO\activation.rar"
sh=31E2F1A6726FDE67AC0A641C000AF2E2C826971F ft=1 fh=594845ab90091f54 vn="Win32/Keygen.BL potenziell unsichere Anwendung" ac=I fn="G:\Programme\Softimage2012 x64 ISO\activation\activation\x-force_2012_x32.exe"
sh=082354A70A7643A94E76C581E144B38FBFBBF851 ft=1 fh=1b20774ca278a942 vn="Win32/Keygen.BL potenziell unsichere Anwendung" ac=I fn="G:\Programme\Softimage2012 x64 ISO\activation\activation\x-force_2012_x64.exe"
sh=E14827821FD88E5591E2FE4F8B728067751CFA17 ft=1 fh=2bd791b4023a2987 vn="Variante von Win32/Bundled.Toolbar.Ask potenziell unsichere Anwendung" ac=I fn="G:\Programme\SopCast347\Setup-SopCast-3.4.7-2011-11-23.exe"

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-07-2014
Ran by Doro Gabriel at 2014-07-03 18:25:19
Running from C:\Users\Doro Gabriel\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

 Update for Microsoft Office 2007 (KB2508958) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version:  - Microsoft)
Acer Bio Protection (HKLM-x32\...\InstallShield_{E09664BB-BB08-45FA-87D1-33EAB0E017F5}) (Version: 6.2.56 - Egis Technology Inc.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 1.5.3.9120 - Adobe Systems Inc.) Hidden
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Community Help (x32 Version: 3.0.0 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Media Player (x32 Version: 1.8 - Adobe Systems Incorporated) Hidden
Adobe Reader X (10.1.0) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.0 - Adobe Systems Incorporated)
Akamai NetSession Interface (HKCU\...\Akamai) (Version:  - Akamai Technologies, Inc)
ALPS Touch Pad Driver (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.105.2002.1410 - Alps Electric)
Apple Application Support (HKLM-x32\...\{63EC2120-1742-4625-AA47-C6A8AEC9C64C}) (Version: 2.2.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{7446FE8D-C1F9-4D42-AAAE-5DBCE58605A6}) (Version: 6.0.0.59 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArchiCAD 14 INT (HKLM\...\001FFF2FFF14FF00FF0701F01F02F000-R1) (Version: 14.0 - Graphisoft)
ATI AVIVO64 Codecs (Version: 10.11.0.41111 - ATI Technologies Inc.) Hidden
ATI Catalyst Install Manager (HKLM\...\{46DBD179-D24A-A447-6645-62493CC11138}) (Version: 3.0.750.0 - ATI Technologies, Inc.)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
AutoCAD 2011 - Deutsch (HKLM\...\AutoCAD 2011 - Deutsch) (Version: 18.1.49.0 - Autodesk)
AutoCAD 2011 - Deutsch (Version: 18.1.116.0 - Autodesk) Hidden
AutoCAD 2011 - Deutsch Version 2.1 (HKLM\...\AutoCAD 2011 - Deutsch Version 2.1) (Version: 1 - Autodesk)
AutoCAD 2011 Language Pack - Deutsch (Version: 18.1.49.0 - Autodesk) Hidden
Autodesk 3ds Max Design 2012 64-bit - English (HKLM\...\Autodesk 3ds Max Design 2012 64-bit - English) (Version: 14.0 - Autodesk)
Autodesk 3ds Max Design 2012 64-bit - English (Version: 14.0 - Autodesk) Hidden
Autodesk Backburner 2012.0.0 (HKLM-x32\...\{3D347E6D-5A03-4342-B5BA-6A771885F379}) (Version: 2012.0.0 - Autodesk, Inc.)
Autodesk Design Review 2012 (HKLM-x32\...\Autodesk Design Review 2012) (Version: 12.0.0.93 - Autodesk, Inc.)
Autodesk Design Review 2012 (x32 Version: 12.0.0.93 - Autodesk, Inc.) Hidden
Autodesk DirectConnect 2012 64-bit (HKLM\...\Autodesk DirectConnect 2012 64-bit) (Version: 6.0.443.0 - Autodesk)
Autodesk DirectConnect 2012 64-bit (Version: 6.0.443.0 - Autodesk) Hidden
Autodesk FBX Plug-in 2012.0 - 3ds Max Design 2012 64-bit (HKLM\...\Autodesk FBX Plug-in 2012.0 - 3ds Max Design 2012 64-bit) (Version:  - Autodesk)
Autodesk MatchMover 2012 64-bit (HKLM\...\{4529F749-C362-4119-AFA0-0A3F1CA924AB}) (Version: 14.00.0000 - Autodesk)
Autodesk Material Library 2011 (HKLM-x32\...\{9DEABCB6-B759-4D52-92F8-51B34A2B4D40}) (Version: 2.0.0.49 - Autodesk)
Autodesk Material Library 2011 Base Image library (HKLM-x32\...\{CD1E078C-A6B9-47DA-B035-6365C85C7832}) (Version: 2.0.0.49 - Autodesk)
Autodesk Material Library 2011 Medium Image library (HKLM-x32\...\{975951E7-14D0-49AF-A630-89680D12D7F6}) (Version: 2.0.0.49 - Autodesk)
Autodesk Material Library 2012 (HKLM-x32\...\{8F0837C2-EE09-4903-88F3-1976FE7FFF4E}) (Version: 2.5.0.8 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2012 (HKLM-x32\...\{65420DC9-306E-4371-905F-F4DC3B418E52}) (Version: 2.5.0.8 - Autodesk)
Autodesk Material Library Low Resolution Image Library 2012 (HKLM-x32\...\{24FF088D-CDCF-480C-8A4B-98F14A54CAA8}) (Version: 2.5.0.8 - Autodesk)
Autodesk Material Library Medium Resolution Image Library 2012 (HKLM-x32\...\{B5751715-EC10-43D9-8C95-62E1368433EF}) (Version: 2.5.0.8 - Autodesk)
Autodesk Maya 2012 64-bit (HKLM\...\Autodesk Maya 2012 64-bit) (Version: 14.0.0.0 - Autodesk)
Autodesk Maya 2012 64-bit (Version: 14.0.0.0 - Autodesk) Hidden
Autodesk Revit Architecture 2012 (HKLM\...\Autodesk Revit Architecture 2012) (Version: 11.03.09231 - Autodesk)
Autodesk Softimage 2012 64-bit (HKLM\...\{7E8B0B79-FE18-446D-A0C7-F4CD3F4964BB}) (Version: 10.0.0000 - Autodesk)
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.5.450 - Avira)
AVS Audio Converter 7 (HKLM-x32\...\AVS Audio Converter_is1) (Version: 7.2.1.528 - Online Media Technologies Ltd.)
Battlefield Play4Free (HKCU\...\{87686C21-8A15-4b4d-A3F1-11141D9BE094}) (Version:  - EA Digital illusions)
BitTorrent (HKLM-x32\...\BitTorrent) (Version: 7.8.0.29610 - BitTorrent Inc.)
Broadcom Gigabit NetLink Controller (HKLM\...\{96F70DF8-160F-4F9C-9B9E-2A9B439B4EB9}) (Version: 12.26.01 - Broadcom Corporation)
Broadcom Wireless LAN Driver Installation Program for Windows7 (HKLM-x32\...\{88410D8F-8529-492B-B556-2394A29B811B}) (Version: 5.60.18.8 - Broadcom)
Canon MG5200 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5200_series) (Version:  - )
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Core Implementation (x32 Version: 2009.1111.2327.42077 - ATI) Hidden
Catalyst Control Center Graphics Full Existing (x32 Version: 2009.1111.2327.42077 - ATI) Hidden
Catalyst Control Center Graphics Full New (x32 Version: 2009.1111.2327.42077 - ATI) Hidden
Catalyst Control Center Graphics Light (x32 Version: 2009.1111.2327.42077 - ATI) Hidden
Catalyst Control Center Graphics Previews Vista (x32 Version: 2009.1111.2327.42077 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2009.1111.2327.42077 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2009.1111.2327.42077 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2009.1111.2326.42077 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2009.1111.2326.42077 - ATI) Hidden
CCC Help Czech (x32 Version: 2009.1111.2326.42077 - ATI) Hidden
CCC Help Danish (x32 Version: 2009.1111.2326.42077 - ATI) Hidden
CCC Help Dutch (x32 Version: 2009.1111.2326.42077 - ATI) Hidden
CCC Help English (x32 Version: 2009.1111.2326.42077 - ATI) Hidden
CCC Help Finnish (x32 Version: 2009.1111.2326.42077 - ATI) Hidden
CCC Help French (x32 Version: 2009.1111.2326.42077 - ATI) Hidden
CCC Help German (x32 Version: 2009.1111.2326.42077 - ATI) Hidden
CCC Help Greek (x32 Version: 2009.1111.2326.42077 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2009.1111.2326.42077 - ATI) Hidden
CCC Help Italian (x32 Version: 2009.1111.2326.42077 - ATI) Hidden
CCC Help Japanese (x32 Version: 2009.1111.2326.42077 - ATI) Hidden
CCC Help Korean (x32 Version: 2009.1111.2326.42077 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2009.1111.2326.42077 - ATI) Hidden
CCC Help Polish (x32 Version: 2009.1111.2326.42077 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2009.1111.2326.42077 - ATI) Hidden
CCC Help Russian (x32 Version: 2009.1111.2326.42077 - ATI) Hidden
CCC Help Spanish (x32 Version: 2009.1111.2326.42077 - ATI) Hidden
CCC Help Swedish (x32 Version: 2009.1111.2326.42077 - ATI) Hidden
CCC Help Thai (x32 Version: 2009.1111.2326.42077 - ATI) Hidden
CCC Help Turkish (x32 Version: 2009.1111.2326.42077 - ATI) Hidden
ccc-core-static (x32 Version: 2009.1111.2327.42077 - Ihr Firmenname) Hidden
ccc-utility64 (Version: 2009.1111.2327.42077 - ATI) Hidden
CINEMA 4D 11.514 (HKLM\...\MAXONB6EC381C) (Version: 11.514 - MAXON Computer GmbH)
Commandos 2: Men of Courage (HKLM-x32\...\Steam App 6830) (Version:  - Pyro Studios)
Composite 2012 64-bit (HKLM\...\{EA234BC3-39FE-4734-B72F-076086889F6D}) (Version: 7.0.0 - Autodesk)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version:  - Valve)
Dropbox (HKCU\...\Dropbox) (Version: 2.8.2 - Dropbox, Inc.)
EasyBits GO (HKCU\...\Game Organizer) (Version:  - EasyBits Media)
eMule (HKLM-x32\...\eMule) (Version:  - )
ENE CIR Receiver Driver (HKLM\...\2C293EC1A06665BB961CBA4EC7AFF4BF2BEAD042) (Version: 2.7.4.1 - ENE)
EverestPoker.com (HKCU\...\EverestPoker.com) (Version:  - )
FARO LS 1.1.406.58 (HKLM-x32\...\{951B0F30-9F1A-4BF6-B3DA-99EB0E917B1C}) (Version: 4.6.58.2 - FARO Scanner Production)
Fingerprint Solution (x32 Version: 6.1.56.0 - Egis Technology Inc.) Hidden
Flamingo 2.0 (HKLM-x32\...\{C475527D-AB5C-47D8-8C25-85CA3E42B5A4}) (Version: 2.0.30611.0 - Robert McNeel & Associates)
Flamingo nXt (HKLM\...\{D6CF21CA-976D-4E1D-BF53-01D503500C1F}) (Version: 3.1.2012.0410 - Robert McNeel & Associates)
Flamingo nXt de-de Language Pack (HKLM-x32\...\{E08C20AC-1FD2-439D-897D-C92FC2DF39F5}) (Version: 3.1.2012.0410 - Robert McNeel & Associates)
Full Tilt Poker (HKLM-x32\...\{D4C9692E-4EFA-4DA0-8B7F-9439466D9E31}) (Version: 4.63.10.WIN.FullTilt.COM - )
Google Chrome (HKCU\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)
Google Drive (HKLM-x32\...\{D9F75285-4864-461D-83DA-8D056BAC44D1}) (Version: 1.16.6866.4367 - Google, Inc.)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google SketchUp 8 (HKLM-x32\...\{4422D20B-F530-4E65-8504-31396C9BC066}) (Version: 3.0.3196 - Google, Inc.)
Google+ Auto Backup (HKCU\...\Google+ Auto Backup) (Version: 1.0.25.133 - Google, Inc.)
Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
Grasshopper (HKLM-x32\...\Grasshopper) (Version:  - )
Intel(R) Turbo Boost Technology Driver (HKLM-x32\...\{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}) (Version: 01.00.01.1002 - Intel Corporation)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - Intel Corporation)
IsoBuster 2.8 (HKLM-x32\...\IsoBuster_is1) (Version: 2.8 - Smart Projects)
iTunes (HKLM\...\{1493B2AE-0261-47D2-B1AA-F4DAD0F6C48B}) (Version: 10.7.0.21 - Apple Inc.)
JMicron 1394 Filter Driver (HKLM-x32\...\{13C96625-28E4-4c58-ADE0-CDAFC64752EB}) (Version: 1.00.06.00 - JMicron Technology Corp.)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft IntelliPoint 8.2 (HKLM\...\Microsoft IntelliPoint 8.2) (Version: 8.20.468.0 - Microsoft Corporation)
Microsoft IntelliPoint 8.2 (Version: 8.20.468.0 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft VC80 Support DLLs (x32 Version: 1.0.0 - McNeel & Associates) Hidden
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 x64 ATL Runtime 9.0.30729 (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 x64 CRT Runtime 9.0.30729 (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 x64 MFC Runtime 9.0.30729 (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 x64 OpenMP Runtime 9.0.30729 (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 x86 ATL Runtime 9.0.30729 (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 x86 CRT Runtime 9.0.30729 (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 x86 MFC Runtime 9.0.30729 (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 x86 OpenMP Runtime 9.0.30729 (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU (HKLM\...\Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU) (Version:  - Microsoft Corporation)
Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU (Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU Service Pack 1 (KB945140) (HKLM-x32\...\{90A80D89-A0E4-33C1-B13D-B93CB3496867}.KB945140) (Version: 1 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM-x32\...\{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Runtime (HKLM-x32\...\{299C0434-4F4E-341F-A916-4E07AEB35E79}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft_VC80_ATL_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Mozilla Firefox 27.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 27.0.1 (x86 de)) (Version: 27.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 27.0.1 - Mozilla)
NVIDIA PhysX Plug-in for Autodesk Maya 2012 64 bit (HKLM\...\{FC4AD39F-9DCE-4BD0-B7D0-7C81CEB9F04B}) (Version: 2.60.0216.1828 - NVIDIA Corporation)
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
PDF24 Creator 5.2.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 0.9.9 - Frank Heindörfer, Philip Chinery)
Pepakura Designer 3 (HKLM-x32\...\pepakura_designer3en) (Version:  - TamaSoftware)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
PokerStars.eu (HKLM-x32\...\PokerStars.eu) (Version:  - PokerStars.eu)
PokerStars.fr (HKLM-x32\...\PokerStars.fr) (Version:  - PokerStars.fr)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.990 - Even Balance, Inc.)
PxMergeModule (x32 Version: 1.00.0000 - Your Company Name) Hidden
QuickTime (HKLM-x32\...\{0E64B098-8018-4256-BA23-C316A43AD9B0}) (Version: 7.72.80.56 - Apple Inc.)
R for Windows 3.0.1 (HKLM\...\R for Windows 3.0.1_is1) (Version: 3.0.1 - R Core Team)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5972 - Realtek Semiconductor Corp.)
Revit Architecture 2012 (Version: 11.03.09231 - Autodesk) Hidden
Revit Architecture 2012 Language Pack - English (Version: 11.03.09231 - Autodesk) Hidden
Rhino RDK (HKLM-x32\...\Rhino RDK) (Version:  - )
Rhinoceros 4.0 (HKLM-x32\...\{5C2CBFFD-FC3B-4AA9-993B-CE2B8DA25B87}) (Version: 4.0.20118 - McNeel & Associates)
Rhinoceros 4.0 SR5b (HKLM-x32\...\{5B9E1A73-6A74-4DAF-AF1C-DDEBD79C942E}) (Version: 4.0.40226 - Robert McNeel & Associates)
Rhinoceros 4.0 SR8 (HKLM-x32\...\{95E1E426-EE9E-4F68-8F02-58A5A09B38F3}) (Version: 4.0.50401 - Robert McNeel & Associates)
SketchUp 2013 (HKLM-x32\...\{B75BC01B-4586-43F8-9349-D250DB98F26F}) (Version: 13.0.4812 - Trimble Navigation Limited)
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.10.9560 - Skype Technologies S.A.)
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
SopCast 3.8.3 (HKLM-x32\...\SopCast) (Version: 3.8.3 - www.sopcast.com)
Spotify (HKCU\...\Spotify) (Version: 0.9.6.81.gd359a796 - Spotify AB)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 14.0.4.0 - Synaptics Incorporated)
Torrent Stream 2.0.1 (HKCU\...\TorrentStream) (Version: 2.0.1 - Torrent Stream)
TT1281 Driver (HKLM-x32\...\{99B364F5-8051-4118-BFAA-FF466F151748}) (Version: 1.0.0.16 - LITEON)
Uninstall 1.0.0.1 (HKLM-x32\...\Uninstall_is1) (Version:  - )
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2473228) (Version: 1 - Microsoft Corporation)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{EA54F104-79D2-48CC-9ABC-91A63C43D353}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2881065) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{B7EF38F7-1D58-4085-A9A4-0F6C69A5AA1E}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
Veetle TV 0.9.18 (HKLM-x32\...\Veetle TV) (Version: 0.9.18 - Veetle, Inc)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{6DA2B636-698A-3294-BF4A-B5E11B238CDD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{8CCEA24C-51AE-3B71-9092-7D0C44DDA2DF}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{C3A57BB3-9AA6-3F6F-9395-6C062BDD5FC4}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{F6F09DD8-F39B-3A16-ADB9-C9E6B56903F9}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{04B34E21-5BEE-3D2B-8D3D-E3E80D253F64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{14866AAD-1F23-39AC-A62B-7091ED1ADE64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{4B90093A-5D9C-3956-8ABB-95848BE6EFAD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{B42E259C-E4D4-37F1-A1B2-EB9C4FC5A04D}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
VLC media player 2.1.0 (HKLM\...\VLC media player) (Version: 2.1.0 - VideoLAN)
V-Ray for Rhinoceros 4.0 (HKLM-x32\...\{54DBAF71-635A-45CB-A7DD-7EAB60F5C460}) (Version: 1.00.0000 - ASGvis, LLC)
WebSpades (HKLM\...\WebSpades) (Version: 2014.07.01.221247 - WebSpades)
WibuKey Setup (WibuKey Remove) (HKLM\...\{00060000-0000-1004-8002-0000C06B5161}) (Version: Version 6.00a of 2009-Dec-03 (Build 129) (Setup) - WIBU-SYSTEMS AG)
WinRAR 4.00 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.00.0 - win.rar GmbH)

==================== Restore Points  =========================

02-07-2014 10:07:42 AA11
02-07-2014 13:13:10 Removed Java 7 Update 55
02-07-2014 13:14:53 Removed Java(TM) 6 Update 37
02-07-2014 13:16:25 Removed Java(TM) 7 Update 1 (64-bit)
02-07-2014 13:18:27 AA11
02-07-2014 13:36:47 zoek.exe restore point

==================== Scheduled Tasks (whitelisted) =============

Task: {0BCB8F21-7044-4459-8474-53293EA59C4D} - System32\Tasks\{2A760783-25BA-4B91-AE60-E68777A40394} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2014-05-08] (Skype Technologies S.A.)
Task: {431BDC0C-F1D3-4F44-98E4-3A94AE3B5F13} - System32\Tasks\{D8723098-9F85-40A9-8807-BAFF6B697F29} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2014-05-08] (Skype Technologies S.A.)
Task: {76DACACD-20DB-42DA-B93D-88CAA2182A32} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-03-27] (Google Inc.)
Task: {80EDECDE-6BE6-4759-9DBA-9D0876329522} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => C:\Program Files\Microsoft IntelliPoint\IPoint.exe [2011-08-01] (Microsoft Corporation)
Task: {82C9D984-B353-4CE6-8B8D-155D25A0B72F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-03-27] (Google Inc.)
Task: {AB781E94-9E40-4049-8089-955C2F8B35B5} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {DC3BB3FC-8281-47AC-823D-7F3320D553CD} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-14] (Adobe Systems Incorporated)
Task: {E43647F6-69F6-44FE-8514-AAD07DB80ABB} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3542374432-354979354-222888450-1000Core => C:\Users\Doro Gabriel\AppData\Local\Google\Update\GoogleUpdate.exe [2012-12-01] (Google Inc.)
Task: {E741E59A-1E43-43F9-9C99-31338BD4F282} - System32\Tasks\AdobeAAMUpdater-1.0-DoroGabriel-PC-Doro Gabriel => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06] (Adobe Systems Incorporated)
Task: {FF6FC979-27AB-41E1-989F-618566506A98} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3542374432-354979354-222888450-1000UA => C:\Users\Doro Gabriel\AppData\Local\Google\Update\GoogleUpdate.exe [2012-12-01] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3542374432-354979354-222888450-1000Core.job => C:\Users\Doro Gabriel\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3542374432-354979354-222888450-1000UA.job => C:\Users\Doro Gabriel\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2008-05-26 19:24 - 2008-05-26 19:24 - 00103424 _____ () C:\Program Files (x86)\Acer Bio Protection\PwdFilterV64.DLL
2011-03-20 12:18 - 2005-03-12 01:07 - 00087040 _____ () C:\Windows\System32\pdfcmnnt.dll
2014-07-01 16:36 - 2014-07-01 17:02 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2009-07-29 14:10 - 2009-07-29 14:10 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2011-03-24 16:49 - 2011-03-24 16:49 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2010-04-07 02:45 - 2010-04-07 02:45 - 00050176 _____ () C:\Program Files\Adobe\Adobe Photoshop CS5 (64 Bit)\QuickTimeGlue.dll
2011-11-02 00:26 - 2011-11-02 00:26 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2011-11-02 00:26 - 2011-11-02 00:26 - 01242472 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-07-02 17:10 - 2014-07-02 17:10 - 00043008 _____ () c:\Users\Doro Gabriel\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpvs0ibd.dll
2013-08-23 21:01 - 2013-08-23 21:01 - 25100288 _____ () C:\Users\Doro Gabriel\AppData\Roaming\Dropbox\bin\libcef.dll
2014-07-02 17:08 - 2014-07-02 17:08 - 00098816 _____ () C:\Users\Doro Gabriel\AppData\Local\Temp\_MEI36522\win32api.pyd
2014-07-02 17:08 - 2014-07-02 17:08 - 00110080 _____ () C:\Users\Doro Gabriel\AppData\Local\Temp\_MEI36522\pywintypes27.dll
2014-07-02 17:08 - 2014-07-02 17:08 - 00364544 _____ () C:\Users\Doro Gabriel\AppData\Local\Temp\_MEI36522\pythoncom27.dll
2014-07-02 17:08 - 2014-07-02 17:08 - 00045568 _____ () C:\Users\Doro Gabriel\AppData\Local\Temp\_MEI36522\_socket.pyd
2014-07-02 17:08 - 2014-07-02 17:08 - 01160704 _____ () C:\Users\Doro Gabriel\AppData\Local\Temp\_MEI36522\_ssl.pyd
2014-07-02 17:08 - 2014-07-02 17:08 - 00320512 _____ () C:\Users\Doro Gabriel\AppData\Local\Temp\_MEI36522\win32com.shell.shell.pyd
2014-07-02 17:08 - 2014-07-02 17:08 - 00713216 _____ () C:\Users\Doro Gabriel\AppData\Local\Temp\_MEI36522\_hashlib.pyd
2014-07-02 17:08 - 2014-07-02 17:08 - 01175040 _____ () C:\Users\Doro Gabriel\AppData\Local\Temp\_MEI36522\wx._core_.pyd
2014-07-02 17:08 - 2014-07-02 17:08 - 00805888 _____ () C:\Users\Doro Gabriel\AppData\Local\Temp\_MEI36522\wx._gdi_.pyd
2014-07-02 17:08 - 2014-07-02 17:08 - 00811008 _____ () C:\Users\Doro Gabriel\AppData\Local\Temp\_MEI36522\wx._windows_.pyd
2014-07-02 17:08 - 2014-07-02 17:08 - 01062400 _____ () C:\Users\Doro Gabriel\AppData\Local\Temp\_MEI36522\wx._controls_.pyd
2014-07-02 17:08 - 2014-07-02 17:08 - 00735232 _____ () C:\Users\Doro Gabriel\AppData\Local\Temp\_MEI36522\wx._misc_.pyd
2014-07-02 17:08 - 2014-07-02 17:08 - 00128512 _____ () C:\Users\Doro Gabriel\AppData\Local\Temp\_MEI36522\_elementtree.pyd
2014-07-02 17:08 - 2014-07-02 17:08 - 00127488 _____ () C:\Users\Doro Gabriel\AppData\Local\Temp\_MEI36522\pyexpat.pyd
2014-07-02 17:08 - 2014-07-02 17:08 - 00557056 _____ () C:\Users\Doro Gabriel\AppData\Local\Temp\_MEI36522\pysqlite2._sqlite.pyd
2014-07-02 17:08 - 2014-07-02 17:08 - 00007168 _____ () C:\Users\Doro Gabriel\AppData\Local\Temp\_MEI36522\hashobjs_ext.pyd
2014-07-02 17:08 - 2014-07-02 17:08 - 00087552 _____ () C:\Users\Doro Gabriel\AppData\Local\Temp\_MEI36522\_ctypes.pyd
2014-07-02 17:08 - 2014-07-02 17:08 - 00119808 _____ () C:\Users\Doro Gabriel\AppData\Local\Temp\_MEI36522\win32file.pyd
2014-07-02 17:08 - 2014-07-02 17:08 - 00108544 _____ () C:\Users\Doro Gabriel\AppData\Local\Temp\_MEI36522\win32security.pyd
2014-07-02 17:08 - 2014-07-02 17:08 - 00018432 _____ () C:\Users\Doro Gabriel\AppData\Local\Temp\_MEI36522\win32event.pyd
2014-07-02 17:08 - 2014-07-02 17:08 - 00038912 _____ () C:\Users\Doro Gabriel\AppData\Local\Temp\_MEI36522\win32inet.pyd
2014-07-02 17:08 - 2014-07-02 17:08 - 00070656 _____ () C:\Users\Doro Gabriel\AppData\Local\Temp\_MEI36522\wx._html2.pyd
2014-07-02 17:08 - 2014-07-02 17:08 - 00167936 _____ () C:\Users\Doro Gabriel\AppData\Local\Temp\_MEI36522\win32gui.pyd
2014-07-02 17:08 - 2014-07-02 17:08 - 00011264 _____ () C:\Users\Doro Gabriel\AppData\Local\Temp\_MEI36522\win32crypt.pyd
2014-07-02 17:08 - 2014-07-02 17:08 - 00027136 _____ () C:\Users\Doro Gabriel\AppData\Local\Temp\_MEI36522\_multiprocessing.pyd
2014-07-02 17:08 - 2014-07-02 17:08 - 00122368 _____ () C:\Users\Doro Gabriel\AppData\Local\Temp\_MEI36522\wx._wizard.pyd
2014-07-02 17:08 - 2014-07-02 17:08 - 00010240 _____ () C:\Users\Doro Gabriel\AppData\Local\Temp\_MEI36522\select.pyd
2014-07-02 17:08 - 2014-07-02 17:08 - 00024064 _____ () C:\Users\Doro Gabriel\AppData\Local\Temp\_MEI36522\win32pipe.pyd
2014-07-02 17:08 - 2014-07-02 17:08 - 00686080 _____ () C:\Users\Doro Gabriel\AppData\Local\Temp\_MEI36522\unicodedata.pyd
2014-07-02 17:08 - 2014-07-02 17:08 - 00025600 _____ () C:\Users\Doro Gabriel\AppData\Local\Temp\_MEI36522\win32pdh.pyd
2014-07-02 17:08 - 2014-07-02 17:08 - 00525640 _____ () C:\Users\Doro Gabriel\AppData\Local\Temp\_MEI36522\windows._lib_cacheinvalidation.pyd
2014-07-02 17:08 - 2014-07-02 17:08 - 00035840 _____ () C:\Users\Doro Gabriel\AppData\Local\Temp\_MEI36522\win32process.pyd
2014-07-02 17:08 - 2014-07-02 17:08 - 00017408 _____ () C:\Users\Doro Gabriel\AppData\Local\Temp\_MEI36522\win32profile.pyd
2014-07-02 17:08 - 2014-07-02 17:08 - 00022528 _____ () C:\Users\Doro Gabriel\AppData\Local\Temp\_MEI36522\win32ts.pyd
2014-07-02 17:08 - 2014-07-02 17:08 - 00078336 _____ () C:\Users\Doro Gabriel\AppData\Local\Temp\_MEI36522\wx._animate.pyd
2010-02-22 04:50 - 2010-02-22 04:50 - 00060416 _____ () C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\zlib1.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== EXE Association (whitelisted) =============


==================== MSCONFIG/TASK MANAGER disabled items =========

MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: Spotify => "C:\Users\Doro Gabriel\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Doro Gabriel\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\Steam.exe" -silent

==================== Faulty Device Manager Devices =============

Name: Basissystemgerät
Description: Basissystemgerät
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Basissystemgerät
Description: Basissystemgerät
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Basissystemgerät
Description: Basissystemgerät
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/03/2014 06:18:47 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/02/2014 05:21:01 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/02/2014 05:20:58 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/02/2014 05:07:13 PM) (Source: RaySat_3dsmax2012_64 Server) (EventID: 2) (User: )
Description: (1507) getservbyname: Der angeforderte Name ist gültig, es wurden jedoch keine Daten des angeforderten Typs gefunden. (0x2afc)

Error: (07/02/2014 03:39:49 PM) (Source: RaySat_3dsmax2012_64 Server) (EventID: 2) (User: )
Description: (1507) getservbyname: Der angeforderte Name ist gültig, es wurden jedoch keine Daten des angeforderten Typs gefunden. (0x2afc)

Error: (07/02/2014 01:41:19 AM) (Source: MsiInstaller) (EventID: 11309) (User: DoroGabriel-PC)
Description: Product: Google Update Helper -- Error 1309. Error reading from file: C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\Google\Update\RequiredFile.txt.  System error 3.  Verify that the file exists and that you can access it.

Error: (06/28/2014 00:32:15 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Die abhängige Assemblierung "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (06/28/2014 00:30:24 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Die abhängige Assemblierung "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (06/25/2014 10:23:49 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Die abhängige Assemblierung "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (06/25/2014 10:22:38 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Die abhängige Assemblierung "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".


System errors:
=============
Error: (07/03/2014 05:07:24 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT-AUTORITÄT)
Description: Fehler beim Lesen der Datei für lokale Hosts.

Error: (07/03/2014 05:07:23 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT-AUTORITÄT)
Description: Fehler beim Lesen der Datei für lokale Hosts.

Error: (07/03/2014 05:07:20 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT-AUTORITÄT)
Description: Fehler beim Lesen der Datei für lokale Hosts.

Error: (07/03/2014 04:37:05 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT-AUTORITÄT)
Description: Fehler beim Lesen der Datei für lokale Hosts.

Error: (07/03/2014 04:36:59 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.

Error: (07/03/2014 04:36:56 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT-AUTORITÄT)
Description: Fehler beim Lesen der Datei für lokale Hosts.

Error: (07/03/2014 04:36:56 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT-AUTORITÄT)
Description: Fehler beim Lesen der Datei für lokale Hosts.

Error: (07/03/2014 09:09:35 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT-AUTORITÄT)
Description: Fehler beim Lesen der Datei für lokale Hosts.

Error: (07/03/2014 09:09:26 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT-AUTORITÄT)
Description: Fehler beim Lesen der Datei für lokale Hosts.

Error: (07/03/2014 09:09:24 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT-AUTORITÄT)
Description: Fehler beim Lesen der Datei für lokale Hosts.


Microsoft Office Sessions:
=========================
Error: (06/05/2011 10:16:20 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6557.5001, Microsoft Office Version: 12.0.6425.1000. This session lasted 5 seconds with 0 seconds of active time.  This session ended with a crash.


==================== Memory info =========================== 

Percentage of memory in use: 20%
Total physical RAM: 8054.78 MB
Available physical RAM: 6415.6 MB
Total Pagefile: 16107.73 MB
Available Pagefile: 13712.57 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:154.19 GB) (Free:44.15 GB) NTFS
Drive d: (Uni) (Fixed) (Total:18.5 GB) (Free:2.15 GB) NTFS
Drive e: (Daten) (Fixed) (Total:292.97 GB) (Free:160.53 GB) NTFS
Drive g: (Expansion Drive) (Fixed) (Total:465.76 GB) (Free:283.97 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 1A009D23)
Partition 1: (Not Active) - (Size=19 GB) - (Type=07 NTFS)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=293 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=154 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 466 GB) (Disk ID: 0054F237)
Partition 1: (Active) - (Size=466 GB) - (Type=07 NTFS)

==================== End Of Log ============================

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-07-2014
Ran by Doro Gabriel (administrator) on DOROGABRIEL-PC on 03-07-2014 18:21:39
Running from C:\Users\Doro Gabriel\Desktop
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Egis Technology Inc.) C:\Program Files (x86)\Acer Bio Protection\CompPtcVUI.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Egis Technology Inc.) C:\Program Files (x86)\Acer Bio Protection\BASVC.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
(Akamai Technologies, Inc.) C:\Users\Doro Gabriel\AppData\Local\Akamai\netsession_win.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Akamai Technologies, Inc.) C:\Users\Doro Gabriel\AppData\Local\Akamai\netsession_win.exe
(Spotify Ltd) C:\Users\Doro Gabriel\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Egis Technology Inc.) C:\Program Files (x86)\Acer Bio Protection\PdtWzd.exe
(WIBU-SYSTEMS AG) C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe
(Dropbox, Inc.) C:\Users\Doro Gabriel\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Google Inc.) C:\Users\Doro Gabriel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Doro Gabriel\AppData\Local\Google\Chrome\Application\chrome.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Google Inc.) C:\Users\Doro Gabriel\AppData\Local\Google\Chrome\Application\chrome.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Google Inc.) C:\Users\Doro Gabriel\AppData\Local\Google\Chrome\Application\chrome.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe
(Google Inc.) C:\Users\Doro Gabriel\AppData\Local\Google\Chrome\Application\chrome.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Google Inc.) C:\Users\Doro Gabriel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Doro Gabriel\AppData\Local\Google\Chrome\Application\chrome.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe
(Adobe Systems, Incorporated) C:\Program Files\Adobe\Adobe Photoshop CS5 (64 Bit)\Photoshop.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-08-07] (Intel Corporation)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [323072 2009-10-01] (Alps Electric Co., Ltd.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8312352 2009-11-02] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1825064 2009-09-03] (Synaptics Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [IntelliPoint] => C:\Program Files\Microsoft IntelliPoint\ipoint.exe [2417032 2011-08-01] (Microsoft Corporation)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-11-12] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [VitaKeyPdtWzd] => C:\Program Files (x86)\Acer Bio Protection\PdtWzd.exe [3567616 2009-09-05] (Egis Technology Inc.)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [937920 2011-06-06] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-08-27] (Apple Inc.)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [163000 2012-12-12] (Geek Software GmbH)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [750160 2014-07-03] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-3542374432-354979354-222888450-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Doro Gabriel\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)
HKU\S-1-5-21-3542374432-354979354-222888450-1000\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [427520 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-3542374432-354979354-222888450-1000\...\Run: [Google Update] => C:\Users\Doro Gabriel\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-12-01] (Google Inc.)
HKU\S-1-5-21-3542374432-354979354-222888450-1000\...\Run: [Spotify Web Helper] => C:\Users\Doro Gabriel\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1168896 2013-12-15] (Spotify Ltd)
HKU\S-1-5-21-3542374432-354979354-222888450-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21444224 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-3542374432-354979354-222888450-1000\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [24474752 2014-06-05] (Google)
Lsa: [Notification Packages] C:\Program Files (x86)\Acer Bio Protection\PwdFilterV64
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Netzwerk Server.lnk
ShortcutTarget: Netzwerk Server.lnk -> C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe (WIBU-SYSTEMS AG)
Startup: C:\Users\Doro Gabriel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Doro Gabriel\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: GDriveBlacklistedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedEditOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedViewOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSyncedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSyncingOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: Symbol-Overlay-Steuerprogramm für AutoCAD Digitale Signaturen -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll (Autodesk, Inc.)
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 1 (GFS Unread Stub) -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 2 (GFS Stub) -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 2.5 (GFS Unread Folder) -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 3 (GFS Folder) -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 4 (GFS Unread Mark) -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://at.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xA75ACD8E1BBBCC01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-at
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 - DefaultScope value is missing.
BHO-x32: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} -  No File
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

Hosts: Hosts file not detected in the default directory
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF ProfilePath: C:\Users\Doro Gabriel\AppData\Roaming\Mozilla\Firefox\Profiles\9io3wi8p.default
FF NewTab: hxxp://www.google.com/
FF DefaultSearchEngine: Google
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.com
FF Keyword.URL: hxxp://www.google.com/search?btnG=Google+Search&q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin - C:\Program Files (x86)\Java\jre6\bin\dtplugin\npDeployJava1.dll No File
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @veetle.com/veetleCorePlugin,version=0.9.18 - C:\Program Files (x86)\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF Plugin-x32: @veetle.com/veetlePlayerPlugin,version=0.9.18 - C:\Program Files (x86)\Veetle\Player\npvlc.dll (Veetle Inc)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Doro Gabriel\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Doro Gabriel\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @torrentstream.net/tsplugin,version=2.0.1 - C:\Users\Doro Gabriel\AppData\Roaming\TorrentStream\player\npts_plugin.dll (Innovative Digital Technologies)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npContribute.dll (Adobe Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: No Name - C:\Users\Doro Gabriel\AppData\Roaming\Mozilla\Firefox\Profiles\9io3wi8p.default\Extensions\{87934c42-161d-45bc-8cef-ef18abe2a30c} [2014-07-02]
FF Extension: vshare Add-On - C:\Users\Doro Gabriel\AppData\Roaming\Mozilla\Firefox\Profiles\9io3wi8p.default\Extensions\{dd05fd3d-18df-4ce4-ae53-e795339c5f01} [2011-08-14]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-06-13]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2014-06-13]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2014-06-13]
FF HKLM-x32\...\Firefox\Extensions: [{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}] - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}
FF Extension: Adobe Contribute Toolbar - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9} [2011-03-28]

Chrome: 
=======
CHR Extension: (Google Docs) - C:\Users\Doro Gabriel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-07-02]
CHR Extension: (Google Drive) - C:\Users\Doro Gabriel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-07-02]
CHR Extension: (YouTube) - C:\Users\Doro Gabriel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-06-05]
CHR Extension: (Google-Suche) - C:\Users\Doro Gabriel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-06-05]
CHR Extension: (Google Wallet) - C:\Users\Doro Gabriel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR Extension: (TS Magic Player) - C:\Users\Doro Gabriel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ochbjojkpcmlfeagbaahkofepalngihg [2014-07-02]
CHR Extension: (Google Mail) - C:\Users\Doro Gabriel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-06-05]
CHR HKCU\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\DOROGA~1\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2014-06-26]
CHR HKCU\...\Chrome\Extension: [ochbjojkpcmlfeagbaahkofepalngihg] - C:\Users\Doro Gabriel\AppData\Roaming\TorrentStream\extensions\chrome\magicplayer.crx [2012-11-05]
CHR StartMenuInternet: Google Chrome - C:\Users\Doro Gabriel\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-07-03] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-07-03] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1028688 2014-07-03] (Avira Operations GmbH & Co. KG)
R2 IGBASVC; C:\Program Files (x86)\Acer Bio Protection\BASVC.exe [3450368 2009-09-05] (Egis Technology Inc.) [File not signed]
S3 InstallShield Licensing Service; C:\Program Files (x86)\Common Files\InstallShield Shared\Service\InstallShield Licensing Service.exe [78536 2011-10-17] (Macrovision                                                    )
S2 mi-raysat_3dsmax2012_64; C:\Program Files\Autodesk\3ds Max Design 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe [86016 2011-02-22] () [File not signed]
S4 msvsmon90; C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe [4737024 2008-07-29] (Microsoft Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-07-01] ()
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 McNeelUpdates64; "C:\Program Files (x86)\Rhinoceros 4.0\System\RhinoVersionCheckSvc64.exe" [X]

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-07-03] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-05-20] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-14] (Avira Operations GmbH & Co. KG)
R0 johci; C:\Windows\System32\DRIVERS\johci.sys [20392 2009-09-21] (JMicron )
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-07-03] (Malwarebytes Corporation)
R2 WIBUKEY; C:\Windows\System32\DRIVERS\WibuKey64.sys [103224 2009-12-03] (WIBU-SYSTEMS AG)
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2030-08-29 15:22 - 2030-08-29 15:22 - 00143872 ____N (Intel Corporation) C:\Windows\SysWOW64\iacenc.dll
2030-08-29 15:22 - 2030-08-29 15:22 - 00056832 ____N () C:\Windows\SysWOW64\iyvu9_32.dll
2014-07-02 17:20 - 2014-07-02 17:20 - 02347384 _____ (ESET) C:\Users\Doro Gabriel\Downloads\esetsmartinstaller_deu.exe
2014-07-02 16:30 - 2014-07-03 09:25 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-02 16:30 - 2014-07-02 16:30 - 00001109 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-07-02 16:30 - 2014-07-02 16:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-07-02 16:30 - 2014-07-02 16:30 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-07-02 16:30 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-07-02 16:30 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-07-02 16:24 - 2014-07-02 16:25 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Doro Gabriel\Downloads\mbam-setup-2.0.2.1012.exe
2014-07-02 15:38 - 2014-07-02 15:33 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-07-02 15:36 - 2014-07-02 15:40 - 00007523 _____ () C:\zoek-results.log
2014-07-02 15:33 - 2014-07-02 15:33 - 00000000 ____D () C:\zoek_backup
2014-07-02 15:32 - 2014-07-02 15:33 - 01285120 _____ () C:\Users\Doro Gabriel\Desktop\zoek.exe
2014-07-02 15:22 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-07-02 15:21 - 2014-07-02 15:23 - 00000000 ____D () C:\AdwCleaner
2014-07-02 15:21 - 2014-07-02 15:21 - 01346519 _____ () C:\Users\Doro Gabriel\Desktop\adwcleaner_3.214.exe
2014-07-02 14:05 - 2014-07-02 14:06 - 00059170 _____ () C:\Users\Doro Gabriel\Desktop\Addition.txt
2014-07-02 14:04 - 2014-07-03 18:24 - 00021555 _____ () C:\Users\Doro Gabriel\Desktop\FRST.txt
2014-07-02 14:04 - 2014-07-03 18:21 - 00000000 ____D () C:\FRST
2014-07-02 14:03 - 2014-07-02 14:03 - 02083840 _____ (Farbar) C:\Users\Doro Gabriel\Desktop\FRST64.exe
2014-07-02 13:20 - 2014-07-02 15:19 - 00000000 ____D () C:\Users\Doro Gabriel\AppData\Roaming\Lavasoft
2014-07-02 12:11 - 2014-07-02 12:11 - 00000000 ____D () C:\Users\Doro Gabriel\AppData\Roaming\LavasoftStatistics
2014-07-02 12:11 - 2014-07-02 12:11 - 00000000 ____D () C:\Program Files\Lavasoft
2014-07-02 12:10 - 2014-07-02 12:10 - 00000000 ____D () C:\Program Files (x86)\Lavasoft
2014-07-02 12:07 - 2014-07-02 12:07 - 01707144 _____ () C:\Users\Doro Gabriel\Downloads\Adaware112_Installer.exe
2014-07-02 12:07 - 2014-07-02 12:07 - 00000000 ____D () C:\ProgramData\Lavasoft
2014-07-02 01:42 - 2014-07-02 15:23 - 00000000 ____D () C:\Program Files (x86)\WebSpades
2014-07-01 16:57 - 2014-07-01 17:02 - 00282104 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr
2014-07-01 16:56 - 2014-07-01 16:56 - 00000000 ____D () C:\Users\Doro Gabriel\AppData\Local\PunkBuster
2014-07-01 16:54 - 2014-07-01 17:07 - 00000000 ____D () C:\Users\Doro Gabriel\Documents\Battlefield Play4Free
2014-07-01 16:36 - 2014-07-01 17:02 - 00282104 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-07-01 16:36 - 2014-07-01 17:02 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-07-01 16:36 - 2014-07-01 16:36 - 00000000 ____D () C:\Users\Doro Gabriel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\EA Games
2014-07-01 16:08 - 2014-07-01 16:08 - 00000000 ____D () C:\Program Files (x86)\EA Games
2014-06-26 16:40 - 2014-07-02 17:10 - 00000000 ___RD () C:\Users\Doro Gabriel\Google Drive
2014-06-26 16:40 - 2014-06-26 16:40 - 00001734 _____ () C:\Users\Doro Gabriel\Desktop\Google Drive.lnk
2014-06-26 16:39 - 2014-06-26 16:39 - 00002049 _____ () C:\Users\Public\Desktop\Google Slides.lnk
2014-06-26 16:39 - 2014-06-26 16:39 - 00002047 _____ () C:\Users\Public\Desktop\Google Sheets.lnk
2014-06-26 16:39 - 2014-06-26 16:39 - 00002037 _____ () C:\Users\Public\Desktop\Google Docs.lnk
2014-06-26 16:39 - 2014-06-26 16:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2014-06-26 16:38 - 2014-06-26 16:38 - 00895120 _____ (Google Inc.) C:\Users\Doro Gabriel\Downloads\googledrivesync.exe
2014-06-24 19:57 - 2014-06-24 19:57 - 00275664 _____ () C:\Windows\Minidump\062414-35552-01.dmp
2014-06-21 15:02 - 2014-06-21 15:02 - 00372704 _____ () C:\Windows\Minidump\062114-34257-01.dmp
2014-06-21 14:52 - 2014-06-21 14:52 - 00275664 _____ () C:\Windows\Minidump\062114-37190-01.dmp
2014-06-20 23:41 - 2014-06-20 23:41 - 00000000 _____ () C:\Users\Doro Gabriel\AppData\Local\{1CCA130F-AF98-456E-BA93-0D01C02EAE30}
2014-06-13 11:55 - 2014-06-13 11:55 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-11 11:03 - 2014-03-26 16:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-06-11 11:03 - 2014-03-26 16:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-06-11 11:03 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-06-11 11:03 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-06-11 11:03 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-06-11 11:03 - 2014-03-26 16:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-06-11 11:03 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2014-06-11 11:03 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-06-11 11:02 - 2014-05-30 12:21 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-11 11:02 - 2014-05-30 12:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-11 11:02 - 2014-05-30 12:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-06-11 11:02 - 2014-05-30 11:45 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-11 11:02 - 2014-05-30 11:39 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-11 11:02 - 2014-05-30 11:39 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-11 11:02 - 2014-05-30 11:38 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-06-11 11:02 - 2014-05-30 11:28 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-11 11:02 - 2014-05-30 11:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-11 11:02 - 2014-05-30 11:24 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-11 11:02 - 2014-05-30 11:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-11 11:02 - 2014-05-30 11:21 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-06-11 11:02 - 2014-05-30 11:20 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-06-11 11:02 - 2014-05-30 11:18 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-11 11:02 - 2014-05-30 11:11 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-06-11 11:02 - 2014-05-30 11:08 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-11 11:02 - 2014-05-30 11:06 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-11 11:02 - 2014-05-30 11:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-11 11:02 - 2014-05-30 10:55 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-06-11 11:02 - 2014-05-30 10:49 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-11 11:02 - 2014-05-30 10:46 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-11 11:02 - 2014-05-30 10:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-06-11 11:02 - 2014-05-30 10:44 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-11 11:02 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-06-11 11:02 - 2014-05-30 10:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-06-11 11:02 - 2014-05-30 10:38 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-11 11:02 - 2014-05-30 10:35 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-11 11:02 - 2014-05-30 10:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-11 11:02 - 2014-05-30 10:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-11 11:02 - 2014-05-30 10:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-06-11 11:02 - 2014-05-30 10:29 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-11 11:02 - 2014-05-30 10:28 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-06-11 11:02 - 2014-05-30 10:27 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-06-11 11:02 - 2014-05-30 10:24 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-06-11 11:02 - 2014-05-30 10:23 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-11 11:02 - 2014-05-30 10:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-11 11:02 - 2014-05-30 10:10 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-06-11 11:02 - 2014-05-30 10:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-11 11:02 - 2014-05-30 10:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-11 11:02 - 2014-05-30 10:02 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-11 11:02 - 2014-05-30 09:56 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-11 11:02 - 2014-05-30 09:56 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-11 11:02 - 2014-05-30 09:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-11 11:02 - 2014-05-30 09:50 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-06-11 11:02 - 2014-05-30 09:49 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-11 11:02 - 2014-05-30 09:43 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-11 11:02 - 2014-05-30 09:40 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-11 11:02 - 2014-05-30 09:30 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-11 11:02 - 2014-05-30 09:21 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-11 11:02 - 2014-05-30 09:15 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-11 11:02 - 2014-05-30 09:13 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-06-11 11:02 - 2014-05-30 09:13 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-06-11 11:02 - 2014-05-08 11:32 - 01112064 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-06-11 11:02 - 2014-04-25 04:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-06-11 11:02 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-06-11 11:02 - 2014-04-05 04:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-11 11:02 - 2014-04-05 04:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-06-11 11:02 - 2013-11-26 13:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-06-10 21:34 - 2014-06-10 21:34 - 00090624 _____ () C:\Users\Doro Gabriel\Downloads\WM 2014 Tippspiel DEU.xlt
2014-06-03 10:09 - 2014-06-03 10:09 - 00013221 _____ () C:\Users\Doro Gabriel\Downloads\Stückliste Papper Brillen mit Kodierung.xlsx

==================== One Month Modified Files and Folders =======

2030-08-29 15:22 - 2030-08-29 15:22 - 00143872 ____N (Intel Corporation) C:\Windows\SysWOW64\iacenc.dll
2030-08-29 15:22 - 2030-08-29 15:22 - 00056832 ____N () C:\Windows\SysWOW64\iyvu9_32.dll
2014-07-03 18:24 - 2014-07-02 14:04 - 00021555 _____ () C:\Users\Doro Gabriel\Desktop\FRST.txt
2014-07-03 18:21 - 2014-07-02 14:04 - 00000000 ____D () C:\FRST
2014-07-03 18:20 - 2011-03-20 12:33 - 00000000 ____D () C:\Users\Doro Gabriel\AppData\Roaming\Skype
2014-07-03 17:47 - 2012-12-01 05:02 - 00001148 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3542374432-354979354-222888450-1000UA.job
2014-07-03 17:40 - 2009-07-14 06:45 - 00019840 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-03 17:40 - 2009-07-14 06:45 - 00019840 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-03 17:39 - 2011-03-27 23:28 - 00001122 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-03 17:33 - 2012-05-03 19:13 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-03 17:09 - 2009-07-14 06:51 - 00002093 _____ () C:\Windows\setupact.log
2014-07-03 17:07 - 2011-03-19 19:01 - 01492778 _____ () C:\Windows\WindowsUpdate.log
2014-07-03 16:37 - 2013-07-09 14:10 - 00117712 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-07-03 09:25 - 2014-07-02 16:30 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-02 19:46 - 2012-12-01 05:02 - 00001096 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3542374432-354979354-222888450-1000Core.job
2014-07-02 19:38 - 2011-03-27 23:28 - 00001118 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-02 17:21 - 2009-07-14 19:58 - 00697082 _____ () C:\Windows\system32\perfh007.dat
2014-07-02 17:21 - 2009-07-14 19:58 - 00148346 _____ () C:\Windows\system32\perfc007.dat
2014-07-02 17:21 - 2009-07-14 07:13 - 01613340 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-02 17:20 - 2014-07-02 17:20 - 02347384 _____ (ESET) C:\Users\Doro Gabriel\Downloads\esetsmartinstaller_deu.exe
2014-07-02 17:10 - 2014-06-26 16:40 - 00000000 ___RD () C:\Users\Doro Gabriel\Google Drive
2014-07-02 17:10 - 2014-05-16 10:27 - 00000000 ____D () C:\Users\Doro Gabriel\AppData\Roaming\DropboxMaster
2014-07-02 17:10 - 2012-10-11 16:55 - 00000000 ___RD () C:\Users\Doro Gabriel\Dropbox
2014-07-02 17:10 - 2012-10-11 16:49 - 00000000 ____D () C:\Users\Doro Gabriel\AppData\Roaming\Dropbox
2014-07-02 17:07 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-02 17:06 - 2011-03-21 21:22 - 00170422 _____ () C:\Windows\PFRO.log
2014-07-02 17:06 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system
2014-07-02 16:30 - 2014-07-02 16:30 - 00001109 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-07-02 16:30 - 2014-07-02 16:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-07-02 16:30 - 2014-07-02 16:30 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-07-02 16:30 - 2011-03-30 23:26 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-02 16:25 - 2014-07-02 16:24 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Doro Gabriel\Downloads\mbam-setup-2.0.2.1012.exe
2014-07-02 16:24 - 2011-03-30 23:26 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-07-02 15:40 - 2014-07-02 15:36 - 00007523 _____ () C:\zoek-results.log
2014-07-02 15:33 - 2014-07-02 15:38 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-07-02 15:33 - 2014-07-02 15:33 - 00000000 ____D () C:\zoek_backup
2014-07-02 15:33 - 2014-07-02 15:32 - 01285120 _____ () C:\Users\Doro Gabriel\Desktop\zoek.exe
2014-07-02 15:27 - 2012-06-05 02:16 - 00001548 _____ () C:\Users\Doro Gabriel\Desktop\Google Chrome.lnk
2014-07-02 15:23 - 2014-07-02 15:21 - 00000000 ____D () C:\AdwCleaner
2014-07-02 15:23 - 2014-07-02 01:42 - 00000000 ____D () C:\Program Files (x86)\WebSpades
2014-07-02 15:23 - 2012-06-05 02:16 - 00000000 ____D () C:\Users\Doro Gabriel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-07-02 15:23 - 2012-01-27 19:17 - 00001068 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-07-02 15:23 - 2011-03-19 23:08 - 00001056 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-07-02 15:23 - 2011-03-19 19:06 - 00001016 _____ () C:\Users\Doro Gabriel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-07-02 15:23 - 2009-07-14 04:34 - 00000580 _____ () C:\Windows\win.ini
2014-07-02 15:21 - 2014-07-02 15:21 - 01346519 _____ () C:\Users\Doro Gabriel\Desktop\adwcleaner_3.214.exe
2014-07-02 15:19 - 2014-07-02 13:20 - 00000000 ____D () C:\Users\Doro Gabriel\AppData\Roaming\Lavasoft
2014-07-02 14:06 - 2014-07-02 14:05 - 00059170 _____ () C:\Users\Doro Gabriel\Desktop\Addition.txt
2014-07-02 14:03 - 2014-07-02 14:03 - 02083840 _____ (Farbar) C:\Users\Doro Gabriel\Desktop\FRST64.exe
2014-07-02 12:11 - 2014-07-02 12:11 - 00000000 ____D () C:\Users\Doro Gabriel\AppData\Roaming\LavasoftStatistics
2014-07-02 12:11 - 2014-07-02 12:11 - 00000000 ____D () C:\Program Files\Lavasoft
2014-07-02 12:10 - 2014-07-02 12:10 - 00000000 ____D () C:\Program Files (x86)\Lavasoft
2014-07-02 12:07 - 2014-07-02 12:07 - 01707144 _____ () C:\Users\Doro Gabriel\Downloads\Adaware112_Installer.exe
2014-07-02 12:07 - 2014-07-02 12:07 - 00000000 ____D () C:\ProgramData\Lavasoft
2014-07-01 17:07 - 2014-07-01 16:54 - 00000000 ____D () C:\Users\Doro Gabriel\Documents\Battlefield Play4Free
2014-07-01 17:02 - 2014-07-01 16:57 - 00282104 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr
2014-07-01 17:02 - 2014-07-01 16:36 - 00282104 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-07-01 17:02 - 2014-07-01 16:36 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-07-01 16:56 - 2014-07-01 16:56 - 00000000 ____D () C:\Users\Doro Gabriel\AppData\Local\PunkBuster
2014-07-01 16:36 - 2014-07-01 16:36 - 00000000 ____D () C:\Users\Doro Gabriel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\EA Games
2014-07-01 16:33 - 2011-04-25 20:37 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-07-01 16:08 - 2014-07-01 16:08 - 00000000 ____D () C:\Program Files (x86)\EA Games
2014-06-29 16:21 - 2013-12-03 23:06 - 10520227 _____ () C:\Users\Doro Gabriel\Desktop\RhinoCrashDump.dmp
2014-06-27 15:26 - 2011-03-19 20:04 - 00002562 _____ () C:\Windows\diagwrn.xml
2014-06-27 15:26 - 2011-03-19 20:04 - 00001908 _____ () C:\Windows\diagerr.xml
2014-06-27 15:26 - 2009-07-14 06:51 - 00000000 _____ () C:\Windows\setuperr.log
2014-06-26 16:40 - 2014-06-26 16:40 - 00001734 _____ () C:\Users\Doro Gabriel\Desktop\Google Drive.lnk
2014-06-26 16:40 - 2011-03-19 19:06 - 00000000 ____D () C:\Users\Doro Gabriel
2014-06-26 16:39 - 2014-06-26 16:39 - 00002049 _____ () C:\Users\Public\Desktop\Google Slides.lnk
2014-06-26 16:39 - 2014-06-26 16:39 - 00002047 _____ () C:\Users\Public\Desktop\Google Sheets.lnk
2014-06-26 16:39 - 2014-06-26 16:39 - 00002037 _____ () C:\Users\Public\Desktop\Google Docs.lnk
2014-06-26 16:39 - 2014-06-26 16:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2014-06-26 16:39 - 2011-03-27 23:28 - 00000000 ____D () C:\Users\Doro Gabriel\AppData\Local\Google
2014-06-26 16:39 - 2011-03-27 23:28 - 00000000 ____D () C:\Program Files (x86)\Google
2014-06-26 16:38 - 2014-06-26 16:38 - 00895120 _____ (Google Inc.) C:\Users\Doro Gabriel\Downloads\googledrivesync.exe
2014-06-24 19:57 - 2014-06-24 19:57 - 00275664 _____ () C:\Windows\Minidump\062414-35552-01.dmp
2014-06-24 19:57 - 2011-12-16 11:44 - 533557498 _____ () C:\Windows\MEMORY.DMP
2014-06-24 19:57 - 2011-12-16 11:44 - 00000000 ____D () C:\Windows\Minidump
2014-06-21 15:02 - 2014-06-21 15:02 - 00372704 _____ () C:\Windows\Minidump\062114-34257-01.dmp
2014-06-21 14:52 - 2014-06-21 14:52 - 00275664 _____ () C:\Windows\Minidump\062114-37190-01.dmp
2014-06-21 14:52 - 2012-04-27 18:33 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-06-20 23:41 - 2014-06-20 23:41 - 00000000 _____ () C:\Users\Doro Gabriel\AppData\Local\{1CCA130F-AF98-456E-BA93-0D01C02EAE30}
2014-06-19 19:42 - 2012-12-01 05:02 - 00004132 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3542374432-354979354-222888450-1000UA
2014-06-19 19:42 - 2012-12-01 05:02 - 00003736 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3542374432-354979354-222888450-1000Core
2014-06-19 19:34 - 2011-03-27 23:28 - 00004118 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-19 19:33 - 2011-03-27 23:28 - 00003866 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-16 00:00 - 2011-04-20 21:21 - 00000000 ____D () C:\Users\Doro Gabriel\AppData\Local\PokerStars
2014-06-13 11:55 - 2014-06-13 11:55 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-12 17:36 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-06-12 10:46 - 2012-10-11 16:55 - 00001052 _____ () C:\Users\Doro Gabriel\Desktop\Dropbox.lnk
2014-06-12 10:46 - 2012-10-11 16:54 - 00000000 ____D () C:\Users\Doro Gabriel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-06-12 10:45 - 2011-03-20 12:33 - 00000000 ____D () C:\ProgramData\Skype
2014-06-12 10:44 - 2011-03-20 12:33 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-06-12 10:00 - 2013-08-15 14:04 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-12 09:57 - 2011-03-21 14:43 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-06-12 09:57 - 2011-03-19 21:22 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-06-10 21:34 - 2014-06-10 21:34 - 00090624 _____ () C:\Users\Doro Gabriel\Downloads\WM 2014 Tippspiel DEU.xlt
2014-06-03 10:09 - 2014-06-03 10:09 - 00013221 _____ () C:\Users\Doro Gabriel\Downloads\Stückliste Papper Brillen mit Kodierung.xlsx

Some content of TEMP:
====================
C:\Users\Doro Gabriel\AppData\Local\Temp\7za.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\9c6d3f6e-5287-47f7-875f-f02135fbba6a.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\AcDeltree.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\AskSLib.dll
C:\Users\Doro Gabriel\AppData\Local\Temp\avgnt.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\chutil.dll
C:\Users\Doro Gabriel\AppData\Local\Temp\contentDATs.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpviyydo.dll
C:\Users\Doro Gabriel\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpvs0ibd.dll
C:\Users\Doro Gabriel\AppData\Local\Temp\firefoxjre_exe.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\GUR8694.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\hijackthis.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\InstallAX.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\InstallPlugin.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\jre-1.6.0_20-windows-i586-iftw.exe_90744722.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\jre-6u20-windows-i586-jinstall_uac.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\jre-6u32-windows-i586-iftw.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\jre-6u33-windows-i586-iftw.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\jre-6u35-windows-i586-iftw.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\jre-6u37-windows-i586-iftw.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\jre-7u13-windows-i586-iftw.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\pdf24-creator-update.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\ptu2705_tmp.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\Quarantine.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\RhinoScriptEditor.dll
C:\Users\Doro Gabriel\AppData\Local\Temp\rhrdk_beta_20070402.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\SecurityScan_Release.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\sed.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\shortcut.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\SpotifyUpgrader.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\swxcacls.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\utt2A31.tmp.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\_unps.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-06-28 00:17

==================== End Of Log ============================

--- --- ---

--- --- ---

dösen · 03.07.2014, 17:31

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-07-2014
Ran by Doro Gabriel (administrator) on DOROGABRIEL-PC on 03-07-2014 18:21:39
Running from C:\Users\Doro Gabriel\Desktop
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Egis Technology Inc.) C:\Program Files (x86)\Acer Bio Protection\CompPtcVUI.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Egis Technology Inc.) C:\Program Files (x86)\Acer Bio Protection\BASVC.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
(Akamai Technologies, Inc.) C:\Users\Doro Gabriel\AppData\Local\Akamai\netsession_win.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Akamai Technologies, Inc.) C:\Users\Doro Gabriel\AppData\Local\Akamai\netsession_win.exe
(Spotify Ltd) C:\Users\Doro Gabriel\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Egis Technology Inc.) C:\Program Files (x86)\Acer Bio Protection\PdtWzd.exe
(WIBU-SYSTEMS AG) C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe
(Dropbox, Inc.) C:\Users\Doro Gabriel\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Google Inc.) C:\Users\Doro Gabriel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Doro Gabriel\AppData\Local\Google\Chrome\Application\chrome.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Google Inc.) C:\Users\Doro Gabriel\AppData\Local\Google\Chrome\Application\chrome.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Google Inc.) C:\Users\Doro Gabriel\AppData\Local\Google\Chrome\Application\chrome.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe
(Google Inc.) C:\Users\Doro Gabriel\AppData\Local\Google\Chrome\Application\chrome.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Google Inc.) C:\Users\Doro Gabriel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Doro Gabriel\AppData\Local\Google\Chrome\Application\chrome.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe
(Adobe Systems, Incorporated) C:\Program Files\Adobe\Adobe Photoshop CS5 (64 Bit)\Photoshop.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-08-07] (Intel Corporation)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [323072 2009-10-01] (Alps Electric Co., Ltd.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8312352 2009-11-02] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1825064 2009-09-03] (Synaptics Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [IntelliPoint] => C:\Program Files\Microsoft IntelliPoint\ipoint.exe [2417032 2011-08-01] (Microsoft Corporation)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-11-12] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [VitaKeyPdtWzd] => C:\Program Files (x86)\Acer Bio Protection\PdtWzd.exe [3567616 2009-09-05] (Egis Technology Inc.)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [937920 2011-06-06] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-08-27] (Apple Inc.)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [163000 2012-12-12] (Geek Software GmbH)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [750160 2014-07-03] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-3542374432-354979354-222888450-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Doro Gabriel\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)
HKU\S-1-5-21-3542374432-354979354-222888450-1000\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [427520 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-3542374432-354979354-222888450-1000\...\Run: [Google Update] => C:\Users\Doro Gabriel\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-12-01] (Google Inc.)
HKU\S-1-5-21-3542374432-354979354-222888450-1000\...\Run: [Spotify Web Helper] => C:\Users\Doro Gabriel\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1168896 2013-12-15] (Spotify Ltd)
HKU\S-1-5-21-3542374432-354979354-222888450-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21444224 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-3542374432-354979354-222888450-1000\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [24474752 2014-06-05] (Google)
Lsa: [Notification Packages] C:\Program Files (x86)\Acer Bio Protection\PwdFilterV64
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Netzwerk Server.lnk
ShortcutTarget: Netzwerk Server.lnk -> C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe (WIBU-SYSTEMS AG)
Startup: C:\Users\Doro Gabriel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Doro Gabriel\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: GDriveBlacklistedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedEditOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedViewOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSyncedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSyncingOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: Symbol-Overlay-Steuerprogramm für AutoCAD Digitale Signaturen -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll (Autodesk, Inc.)
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 1 (GFS Unread Stub) -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 2 (GFS Stub) -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 2.5 (GFS Unread Folder) -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 3 (GFS Folder) -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 4 (GFS Unread Mark) -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://at.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xA75ACD8E1BBBCC01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-at
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 - DefaultScope value is missing.
BHO-x32: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} -  No File
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

Hosts: Hosts file not detected in the default directory
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF ProfilePath: C:\Users\Doro Gabriel\AppData\Roaming\Mozilla\Firefox\Profiles\9io3wi8p.default
FF NewTab: hxxp://www.google.com/
FF DefaultSearchEngine: Google
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.com
FF Keyword.URL: hxxp://www.google.com/search?btnG=Google+Search&q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin - C:\Program Files (x86)\Java\jre6\bin\dtplugin\npDeployJava1.dll No File
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @veetle.com/veetleCorePlugin,version=0.9.18 - C:\Program Files (x86)\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF Plugin-x32: @veetle.com/veetlePlayerPlugin,version=0.9.18 - C:\Program Files (x86)\Veetle\Player\npvlc.dll (Veetle Inc)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Doro Gabriel\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Doro Gabriel\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @torrentstream.net/tsplugin,version=2.0.1 - C:\Users\Doro Gabriel\AppData\Roaming\TorrentStream\player\npts_plugin.dll (Innovative Digital Technologies)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npContribute.dll (Adobe Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: No Name - C:\Users\Doro Gabriel\AppData\Roaming\Mozilla\Firefox\Profiles\9io3wi8p.default\Extensions\{87934c42-161d-45bc-8cef-ef18abe2a30c} [2014-07-02]
FF Extension: vshare Add-On - C:\Users\Doro Gabriel\AppData\Roaming\Mozilla\Firefox\Profiles\9io3wi8p.default\Extensions\{dd05fd3d-18df-4ce4-ae53-e795339c5f01} [2011-08-14]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-06-13]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2014-06-13]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2014-06-13]
FF HKLM-x32\...\Firefox\Extensions: [{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}] - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}
FF Extension: Adobe Contribute Toolbar - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9} [2011-03-28]

Chrome: 
=======
CHR Extension: (Google Docs) - C:\Users\Doro Gabriel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-07-02]
CHR Extension: (Google Drive) - C:\Users\Doro Gabriel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-07-02]
CHR Extension: (YouTube) - C:\Users\Doro Gabriel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-06-05]
CHR Extension: (Google-Suche) - C:\Users\Doro Gabriel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-06-05]
CHR Extension: (Google Wallet) - C:\Users\Doro Gabriel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR Extension: (TS Magic Player) - C:\Users\Doro Gabriel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ochbjojkpcmlfeagbaahkofepalngihg [2014-07-02]
CHR Extension: (Google Mail) - C:\Users\Doro Gabriel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-06-05]
CHR HKCU\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\DOROGA~1\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2014-06-26]
CHR HKCU\...\Chrome\Extension: [ochbjojkpcmlfeagbaahkofepalngihg] - C:\Users\Doro Gabriel\AppData\Roaming\TorrentStream\extensions\chrome\magicplayer.crx [2012-11-05]
CHR StartMenuInternet: Google Chrome - C:\Users\Doro Gabriel\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-07-03] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-07-03] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1028688 2014-07-03] (Avira Operations GmbH & Co. KG)
R2 IGBASVC; C:\Program Files (x86)\Acer Bio Protection\BASVC.exe [3450368 2009-09-05] (Egis Technology Inc.) [File not signed]
S3 InstallShield Licensing Service; C:\Program Files (x86)\Common Files\InstallShield Shared\Service\InstallShield Licensing Service.exe [78536 2011-10-17] (Macrovision                                                    )
S2 mi-raysat_3dsmax2012_64; C:\Program Files\Autodesk\3ds Max Design 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe [86016 2011-02-22] () [File not signed]
S4 msvsmon90; C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe [4737024 2008-07-29] (Microsoft Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-07-01] ()
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 McNeelUpdates64; "C:\Program Files (x86)\Rhinoceros 4.0\System\RhinoVersionCheckSvc64.exe" [X]

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-07-03] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-05-20] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-14] (Avira Operations GmbH & Co. KG)
R0 johci; C:\Windows\System32\DRIVERS\johci.sys [20392 2009-09-21] (JMicron )
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-07-03] (Malwarebytes Corporation)
R2 WIBUKEY; C:\Windows\System32\DRIVERS\WibuKey64.sys [103224 2009-12-03] (WIBU-SYSTEMS AG)
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2030-08-29 15:22 - 2030-08-29 15:22 - 00143872 ____N (Intel Corporation) C:\Windows\SysWOW64\iacenc.dll
2030-08-29 15:22 - 2030-08-29 15:22 - 00056832 ____N () C:\Windows\SysWOW64\iyvu9_32.dll
2014-07-02 17:20 - 2014-07-02 17:20 - 02347384 _____ (ESET) C:\Users\Doro Gabriel\Downloads\esetsmartinstaller_deu.exe
2014-07-02 16:30 - 2014-07-03 09:25 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-02 16:30 - 2014-07-02 16:30 - 00001109 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-07-02 16:30 - 2014-07-02 16:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-07-02 16:30 - 2014-07-02 16:30 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-07-02 16:30 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-07-02 16:30 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-07-02 16:24 - 2014-07-02 16:25 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Doro Gabriel\Downloads\mbam-setup-2.0.2.1012.exe
2014-07-02 15:38 - 2014-07-02 15:33 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-07-02 15:36 - 2014-07-02 15:40 - 00007523 _____ () C:\zoek-results.log
2014-07-02 15:33 - 2014-07-02 15:33 - 00000000 ____D () C:\zoek_backup
2014-07-02 15:32 - 2014-07-02 15:33 - 01285120 _____ () C:\Users\Doro Gabriel\Desktop\zoek.exe
2014-07-02 15:22 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-07-02 15:21 - 2014-07-02 15:23 - 00000000 ____D () C:\AdwCleaner
2014-07-02 15:21 - 2014-07-02 15:21 - 01346519 _____ () C:\Users\Doro Gabriel\Desktop\adwcleaner_3.214.exe
2014-07-02 14:05 - 2014-07-02 14:06 - 00059170 _____ () C:\Users\Doro Gabriel\Desktop\Addition.txt
2014-07-02 14:04 - 2014-07-03 18:24 - 00021555 _____ () C:\Users\Doro Gabriel\Desktop\FRST.txt
2014-07-02 14:04 - 2014-07-03 18:21 - 00000000 ____D () C:\FRST
2014-07-02 14:03 - 2014-07-02 14:03 - 02083840 _____ (Farbar) C:\Users\Doro Gabriel\Desktop\FRST64.exe
2014-07-02 13:20 - 2014-07-02 15:19 - 00000000 ____D () C:\Users\Doro Gabriel\AppData\Roaming\Lavasoft
2014-07-02 12:11 - 2014-07-02 12:11 - 00000000 ____D () C:\Users\Doro Gabriel\AppData\Roaming\LavasoftStatistics
2014-07-02 12:11 - 2014-07-02 12:11 - 00000000 ____D () C:\Program Files\Lavasoft
2014-07-02 12:10 - 2014-07-02 12:10 - 00000000 ____D () C:\Program Files (x86)\Lavasoft
2014-07-02 12:07 - 2014-07-02 12:07 - 01707144 _____ () C:\Users\Doro Gabriel\Downloads\Adaware112_Installer.exe
2014-07-02 12:07 - 2014-07-02 12:07 - 00000000 ____D () C:\ProgramData\Lavasoft
2014-07-02 01:42 - 2014-07-02 15:23 - 00000000 ____D () C:\Program Files (x86)\WebSpades
2014-07-01 16:57 - 2014-07-01 17:02 - 00282104 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr
2014-07-01 16:56 - 2014-07-01 16:56 - 00000000 ____D () C:\Users\Doro Gabriel\AppData\Local\PunkBuster
2014-07-01 16:54 - 2014-07-01 17:07 - 00000000 ____D () C:\Users\Doro Gabriel\Documents\Battlefield Play4Free
2014-07-01 16:36 - 2014-07-01 17:02 - 00282104 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-07-01 16:36 - 2014-07-01 17:02 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-07-01 16:36 - 2014-07-01 16:36 - 00000000 ____D () C:\Users\Doro Gabriel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\EA Games
2014-07-01 16:08 - 2014-07-01 16:08 - 00000000 ____D () C:\Program Files (x86)\EA Games
2014-06-26 16:40 - 2014-07-02 17:10 - 00000000 ___RD () C:\Users\Doro Gabriel\Google Drive
2014-06-26 16:40 - 2014-06-26 16:40 - 00001734 _____ () C:\Users\Doro Gabriel\Desktop\Google Drive.lnk
2014-06-26 16:39 - 2014-06-26 16:39 - 00002049 _____ () C:\Users\Public\Desktop\Google Slides.lnk
2014-06-26 16:39 - 2014-06-26 16:39 - 00002047 _____ () C:\Users\Public\Desktop\Google Sheets.lnk
2014-06-26 16:39 - 2014-06-26 16:39 - 00002037 _____ () C:\Users\Public\Desktop\Google Docs.lnk
2014-06-26 16:39 - 2014-06-26 16:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2014-06-26 16:38 - 2014-06-26 16:38 - 00895120 _____ (Google Inc.) C:\Users\Doro Gabriel\Downloads\googledrivesync.exe
2014-06-24 19:57 - 2014-06-24 19:57 - 00275664 _____ () C:\Windows\Minidump\062414-35552-01.dmp
2014-06-21 15:02 - 2014-06-21 15:02 - 00372704 _____ () C:\Windows\Minidump\062114-34257-01.dmp
2014-06-21 14:52 - 2014-06-21 14:52 - 00275664 _____ () C:\Windows\Minidump\062114-37190-01.dmp
2014-06-20 23:41 - 2014-06-20 23:41 - 00000000 _____ () C:\Users\Doro Gabriel\AppData\Local\{1CCA130F-AF98-456E-BA93-0D01C02EAE30}
2014-06-13 11:55 - 2014-06-13 11:55 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-11 11:03 - 2014-03-26 16:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-06-11 11:03 - 2014-03-26 16:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-06-11 11:03 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-06-11 11:03 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-06-11 11:03 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-06-11 11:03 - 2014-03-26 16:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-06-11 11:03 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2014-06-11 11:03 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-06-11 11:02 - 2014-05-30 12:21 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-11 11:02 - 2014-05-30 12:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-11 11:02 - 2014-05-30 12:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-06-11 11:02 - 2014-05-30 11:45 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-11 11:02 - 2014-05-30 11:39 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-11 11:02 - 2014-05-30 11:39 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-11 11:02 - 2014-05-30 11:38 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-06-11 11:02 - 2014-05-30 11:28 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-11 11:02 - 2014-05-30 11:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-11 11:02 - 2014-05-30 11:24 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-11 11:02 - 2014-05-30 11:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-11 11:02 - 2014-05-30 11:21 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-06-11 11:02 - 2014-05-30 11:20 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-06-11 11:02 - 2014-05-30 11:18 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-11 11:02 - 2014-05-30 11:11 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-06-11 11:02 - 2014-05-30 11:08 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-11 11:02 - 2014-05-30 11:06 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-11 11:02 - 2014-05-30 11:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-11 11:02 - 2014-05-30 10:55 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-06-11 11:02 - 2014-05-30 10:49 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-11 11:02 - 2014-05-30 10:46 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-11 11:02 - 2014-05-30 10:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-06-11 11:02 - 2014-05-30 10:44 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-11 11:02 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-06-11 11:02 - 2014-05-30 10:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-06-11 11:02 - 2014-05-30 10:38 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-11 11:02 - 2014-05-30 10:35 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-11 11:02 - 2014-05-30 10:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-11 11:02 - 2014-05-30 10:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-11 11:02 - 2014-05-30 10:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-06-11 11:02 - 2014-05-30 10:29 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-11 11:02 - 2014-05-30 10:28 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-06-11 11:02 - 2014-05-30 10:27 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-06-11 11:02 - 2014-05-30 10:24 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-06-11 11:02 - 2014-05-30 10:23 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-11 11:02 - 2014-05-30 10:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-11 11:02 - 2014-05-30 10:10 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-06-11 11:02 - 2014-05-30 10:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-11 11:02 - 2014-05-30 10:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-11 11:02 - 2014-05-30 10:02 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-11 11:02 - 2014-05-30 09:56 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-11 11:02 - 2014-05-30 09:56 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-11 11:02 - 2014-05-30 09:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-11 11:02 - 2014-05-30 09:50 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-06-11 11:02 - 2014-05-30 09:49 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-11 11:02 - 2014-05-30 09:43 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-11 11:02 - 2014-05-30 09:40 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-11 11:02 - 2014-05-30 09:30 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-11 11:02 - 2014-05-30 09:21 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-11 11:02 - 2014-05-30 09:15 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-11 11:02 - 2014-05-30 09:13 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-06-11 11:02 - 2014-05-30 09:13 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-06-11 11:02 - 2014-05-08 11:32 - 01112064 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-06-11 11:02 - 2014-04-25 04:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-06-11 11:02 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-06-11 11:02 - 2014-04-05 04:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-11 11:02 - 2014-04-05 04:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-06-11 11:02 - 2013-11-26 13:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-06-10 21:34 - 2014-06-10 21:34 - 00090624 _____ () C:\Users\Doro Gabriel\Downloads\WM 2014 Tippspiel DEU.xlt
2014-06-03 10:09 - 2014-06-03 10:09 - 00013221 _____ () C:\Users\Doro Gabriel\Downloads\Stückliste Papper Brillen mit Kodierung.xlsx

==================== One Month Modified Files and Folders =======

2030-08-29 15:22 - 2030-08-29 15:22 - 00143872 ____N (Intel Corporation) C:\Windows\SysWOW64\iacenc.dll
2030-08-29 15:22 - 2030-08-29 15:22 - 00056832 ____N () C:\Windows\SysWOW64\iyvu9_32.dll
2014-07-03 18:24 - 2014-07-02 14:04 - 00021555 _____ () C:\Users\Doro Gabriel\Desktop\FRST.txt
2014-07-03 18:21 - 2014-07-02 14:04 - 00000000 ____D () C:\FRST
2014-07-03 18:20 - 2011-03-20 12:33 - 00000000 ____D () C:\Users\Doro Gabriel\AppData\Roaming\Skype
2014-07-03 17:47 - 2012-12-01 05:02 - 00001148 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3542374432-354979354-222888450-1000UA.job
2014-07-03 17:40 - 2009-07-14 06:45 - 00019840 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-03 17:40 - 2009-07-14 06:45 - 00019840 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-03 17:39 - 2011-03-27 23:28 - 00001122 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-03 17:33 - 2012-05-03 19:13 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-03 17:09 - 2009-07-14 06:51 - 00002093 _____ () C:\Windows\setupact.log
2014-07-03 17:07 - 2011-03-19 19:01 - 01492778 _____ () C:\Windows\WindowsUpdate.log
2014-07-03 16:37 - 2013-07-09 14:10 - 00117712 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-07-03 09:25 - 2014-07-02 16:30 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-02 19:46 - 2012-12-01 05:02 - 00001096 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3542374432-354979354-222888450-1000Core.job
2014-07-02 19:38 - 2011-03-27 23:28 - 00001118 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-02 17:21 - 2009-07-14 19:58 - 00697082 _____ () C:\Windows\system32\perfh007.dat
2014-07-02 17:21 - 2009-07-14 19:58 - 00148346 _____ () C:\Windows\system32\perfc007.dat
2014-07-02 17:21 - 2009-07-14 07:13 - 01613340 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-02 17:20 - 2014-07-02 17:20 - 02347384 _____ (ESET) C:\Users\Doro Gabriel\Downloads\esetsmartinstaller_deu.exe
2014-07-02 17:10 - 2014-06-26 16:40 - 00000000 ___RD () C:\Users\Doro Gabriel\Google Drive
2014-07-02 17:10 - 2014-05-16 10:27 - 00000000 ____D () C:\Users\Doro Gabriel\AppData\Roaming\DropboxMaster
2014-07-02 17:10 - 2012-10-11 16:55 - 00000000 ___RD () C:\Users\Doro Gabriel\Dropbox
2014-07-02 17:10 - 2012-10-11 16:49 - 00000000 ____D () C:\Users\Doro Gabriel\AppData\Roaming\Dropbox
2014-07-02 17:07 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-02 17:06 - 2011-03-21 21:22 - 00170422 _____ () C:\Windows\PFRO.log
2014-07-02 17:06 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system
2014-07-02 16:30 - 2014-07-02 16:30 - 00001109 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-07-02 16:30 - 2014-07-02 16:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-07-02 16:30 - 2014-07-02 16:30 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-07-02 16:30 - 2011-03-30 23:26 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-02 16:25 - 2014-07-02 16:24 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Doro Gabriel\Downloads\mbam-setup-2.0.2.1012.exe
2014-07-02 16:24 - 2011-03-30 23:26 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-07-02 15:40 - 2014-07-02 15:36 - 00007523 _____ () C:\zoek-results.log
2014-07-02 15:33 - 2014-07-02 15:38 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-07-02 15:33 - 2014-07-02 15:33 - 00000000 ____D () C:\zoek_backup
2014-07-02 15:33 - 2014-07-02 15:32 - 01285120 _____ () C:\Users\Doro Gabriel\Desktop\zoek.exe
2014-07-02 15:27 - 2012-06-05 02:16 - 00001548 _____ () C:\Users\Doro Gabriel\Desktop\Google Chrome.lnk
2014-07-02 15:23 - 2014-07-02 15:21 - 00000000 ____D () C:\AdwCleaner
2014-07-02 15:23 - 2014-07-02 01:42 - 00000000 ____D () C:\Program Files (x86)\WebSpades
2014-07-02 15:23 - 2012-06-05 02:16 - 00000000 ____D () C:\Users\Doro Gabriel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-07-02 15:23 - 2012-01-27 19:17 - 00001068 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-07-02 15:23 - 2011-03-19 23:08 - 00001056 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-07-02 15:23 - 2011-03-19 19:06 - 00001016 _____ () C:\Users\Doro Gabriel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-07-02 15:23 - 2009-07-14 04:34 - 00000580 _____ () C:\Windows\win.ini
2014-07-02 15:21 - 2014-07-02 15:21 - 01346519 _____ () C:\Users\Doro Gabriel\Desktop\adwcleaner_3.214.exe
2014-07-02 15:19 - 2014-07-02 13:20 - 00000000 ____D () C:\Users\Doro Gabriel\AppData\Roaming\Lavasoft
2014-07-02 14:06 - 2014-07-02 14:05 - 00059170 _____ () C:\Users\Doro Gabriel\Desktop\Addition.txt
2014-07-02 14:03 - 2014-07-02 14:03 - 02083840 _____ (Farbar) C:\Users\Doro Gabriel\Desktop\FRST64.exe
2014-07-02 12:11 - 2014-07-02 12:11 - 00000000 ____D () C:\Users\Doro Gabriel\AppData\Roaming\LavasoftStatistics
2014-07-02 12:11 - 2014-07-02 12:11 - 00000000 ____D () C:\Program Files\Lavasoft
2014-07-02 12:10 - 2014-07-02 12:10 - 00000000 ____D () C:\Program Files (x86)\Lavasoft
2014-07-02 12:07 - 2014-07-02 12:07 - 01707144 _____ () C:\Users\Doro Gabriel\Downloads\Adaware112_Installer.exe
2014-07-02 12:07 - 2014-07-02 12:07 - 00000000 ____D () C:\ProgramData\Lavasoft
2014-07-01 17:07 - 2014-07-01 16:54 - 00000000 ____D () C:\Users\Doro Gabriel\Documents\Battlefield Play4Free
2014-07-01 17:02 - 2014-07-01 16:57 - 00282104 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr
2014-07-01 17:02 - 2014-07-01 16:36 - 00282104 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-07-01 17:02 - 2014-07-01 16:36 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-07-01 16:56 - 2014-07-01 16:56 - 00000000 ____D () C:\Users\Doro Gabriel\AppData\Local\PunkBuster
2014-07-01 16:36 - 2014-07-01 16:36 - 00000000 ____D () C:\Users\Doro Gabriel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\EA Games
2014-07-01 16:33 - 2011-04-25 20:37 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-07-01 16:08 - 2014-07-01 16:08 - 00000000 ____D () C:\Program Files (x86)\EA Games
2014-06-29 16:21 - 2013-12-03 23:06 - 10520227 _____ () C:\Users\Doro Gabriel\Desktop\RhinoCrashDump.dmp
2014-06-27 15:26 - 2011-03-19 20:04 - 00002562 _____ () C:\Windows\diagwrn.xml
2014-06-27 15:26 - 2011-03-19 20:04 - 00001908 _____ () C:\Windows\diagerr.xml
2014-06-27 15:26 - 2009-07-14 06:51 - 00000000 _____ () C:\Windows\setuperr.log
2014-06-26 16:40 - 2014-06-26 16:40 - 00001734 _____ () C:\Users\Doro Gabriel\Desktop\Google Drive.lnk
2014-06-26 16:40 - 2011-03-19 19:06 - 00000000 ____D () C:\Users\Doro Gabriel
2014-06-26 16:39 - 2014-06-26 16:39 - 00002049 _____ () C:\Users\Public\Desktop\Google Slides.lnk
2014-06-26 16:39 - 2014-06-26 16:39 - 00002047 _____ () C:\Users\Public\Desktop\Google Sheets.lnk
2014-06-26 16:39 - 2014-06-26 16:39 - 00002037 _____ () C:\Users\Public\Desktop\Google Docs.lnk
2014-06-26 16:39 - 2014-06-26 16:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2014-06-26 16:39 - 2011-03-27 23:28 - 00000000 ____D () C:\Users\Doro Gabriel\AppData\Local\Google
2014-06-26 16:39 - 2011-03-27 23:28 - 00000000 ____D () C:\Program Files (x86)\Google
2014-06-26 16:38 - 2014-06-26 16:38 - 00895120 _____ (Google Inc.) C:\Users\Doro Gabriel\Downloads\googledrivesync.exe
2014-06-24 19:57 - 2014-06-24 19:57 - 00275664 _____ () C:\Windows\Minidump\062414-35552-01.dmp
2014-06-24 19:57 - 2011-12-16 11:44 - 533557498 _____ () C:\Windows\MEMORY.DMP
2014-06-24 19:57 - 2011-12-16 11:44 - 00000000 ____D () C:\Windows\Minidump
2014-06-21 15:02 - 2014-06-21 15:02 - 00372704 _____ () C:\Windows\Minidump\062114-34257-01.dmp
2014-06-21 14:52 - 2014-06-21 14:52 - 00275664 _____ () C:\Windows\Minidump\062114-37190-01.dmp
2014-06-21 14:52 - 2012-04-27 18:33 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-06-20 23:41 - 2014-06-20 23:41 - 00000000 _____ () C:\Users\Doro Gabriel\AppData\Local\{1CCA130F-AF98-456E-BA93-0D01C02EAE30}
2014-06-19 19:42 - 2012-12-01 05:02 - 00004132 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3542374432-354979354-222888450-1000UA
2014-06-19 19:42 - 2012-12-01 05:02 - 00003736 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3542374432-354979354-222888450-1000Core
2014-06-19 19:34 - 2011-03-27 23:28 - 00004118 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-19 19:33 - 2011-03-27 23:28 - 00003866 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-16 00:00 - 2011-04-20 21:21 - 00000000 ____D () C:\Users\Doro Gabriel\AppData\Local\PokerStars
2014-06-13 11:55 - 2014-06-13 11:55 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-12 17:36 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-06-12 10:46 - 2012-10-11 16:55 - 00001052 _____ () C:\Users\Doro Gabriel\Desktop\Dropbox.lnk
2014-06-12 10:46 - 2012-10-11 16:54 - 00000000 ____D () C:\Users\Doro Gabriel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-06-12 10:45 - 2011-03-20 12:33 - 00000000 ____D () C:\ProgramData\Skype
2014-06-12 10:44 - 2011-03-20 12:33 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-06-12 10:00 - 2013-08-15 14:04 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-12 09:57 - 2011-03-21 14:43 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-06-12 09:57 - 2011-03-19 21:22 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-06-10 21:34 - 2014-06-10 21:34 - 00090624 _____ () C:\Users\Doro Gabriel\Downloads\WM 2014 Tippspiel DEU.xlt
2014-06-03 10:09 - 2014-06-03 10:09 - 00013221 _____ () C:\Users\Doro Gabriel\Downloads\Stückliste Papper Brillen mit Kodierung.xlsx

Some content of TEMP:
====================
C:\Users\Doro Gabriel\AppData\Local\Temp\7za.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\9c6d3f6e-5287-47f7-875f-f02135fbba6a.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\AcDeltree.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\AskSLib.dll
C:\Users\Doro Gabriel\AppData\Local\Temp\avgnt.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\chutil.dll
C:\Users\Doro Gabriel\AppData\Local\Temp\contentDATs.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpviyydo.dll
C:\Users\Doro Gabriel\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpvs0ibd.dll
C:\Users\Doro Gabriel\AppData\Local\Temp\firefoxjre_exe.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\GUR8694.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\hijackthis.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\InstallAX.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\InstallPlugin.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\jre-1.6.0_20-windows-i586-iftw.exe_90744722.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\jre-6u20-windows-i586-jinstall_uac.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\jre-6u32-windows-i586-iftw.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\jre-6u33-windows-i586-iftw.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\jre-6u35-windows-i586-iftw.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\jre-6u37-windows-i586-iftw.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\jre-7u13-windows-i586-iftw.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\pdf24-creator-update.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\ptu2705_tmp.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\Quarantine.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\RhinoScriptEditor.dll
C:\Users\Doro Gabriel\AppData\Local\Temp\rhrdk_beta_20070402.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\SecurityScan_Release.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\sed.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\shortcut.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\SpotifyUpgrader.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\swxcacls.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\utt2A31.tmp.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\_unps.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-06-28 00:17

==================== End Of Log ============================

--- --- ---

--- --- ---

hm hab ich jetzt alle Logfiles richtig gepostet und eines doppelt oder fehlt noch eins?

deeprybka · 03.07.2014, 19:27

Hi,
wegen dem hier ist jetzt erstmal Feierabend. http://www.trojaner-board.de/95394-c...-software.html
Sind praktisch aber sowieso fertig....

Code:

ATTFilter

sh=0000000000000000000000000000000000000000 ft=- fh=0000000000000000 vn="BAT/HostsChanger.A potenziell unsichere Anwendung" ac=I fn="G:\Programme\Adobe Photoshop CS5 ISO\Adobe CS5 Master Collection x86x64 with Permanent Crack {sMileyBoY07} {H33T}.iso"
sh=31E2F1A6726FDE67AC0A641C000AF2E2C826971F ft=1 fh=594845ab90091f54 vn="Win32/Keygen.BL potenziell unsichere Anwendung" ac=I fn="G:\Programme\Autodesk 3ds Max Design 2012\activation\x-force_2012_x32.exe"
sh=082354A70A7643A94E76C581E144B38FBFBBF851 ft=1 fh=1b20774ca278a942 vn="Win32/Keygen.BL potenziell unsichere Anwendung" ac=I fn="G:\Programme\Autodesk 3ds Max Design 2012\activation\x-force_2012_x64.exe"
sh=31E2F1A6726FDE67AC0A641C000AF2E2C826971F ft=1 fh=594845ab90091f54 vn="Win32/Keygen.BL potenziell unsichere Anwendung" ac=I fn="G:\Programme\Autodesk 3ds Max Design 2012 ISO\activation\x-force_2012_x32.exe"
sh=082354A70A7643A94E76C581E144B38FBFBBF851 ft=1 fh=1b20774ca278a942 vn="Win32/Keygen.BL potenziell unsichere Anwendung" ac=I fn="G:\Programme\Autodesk 3ds Max Design 2012 ISO\activation\x-force_2012_x64.exe"
sh=7AB679BE3D6EBCD677E0D9CF964FA6AC06E2C8AA ft=1 fh=e7352bfa9fd76f5f vn="Variante von Win32/Keygen.BL potenziell unsichere Anwendung" ac=I fn="G:\Programme\Autodesk AutoCAD 2011\acad2011\CYGiSO\xf-a2011-64bits.exe"
sh=E4962E955F4C8FD74024C236402842AE6A124133 ft=0 fh=0000000000000000 vn="Variante von Win32/Keygen.BL potenziell unsichere Anwendung" ac=I fn="G:\Programme\Autodesk AutoCAD 2011 ISO\Autodesk.AutoCAD.GERMAN.2011.x64.cyg-acd2.iso"
sh=4956D7C28889049EA5F96C75E446CD6849126998 ft=1 fh=ac6bbc08eeb703c8 vn="Variante von Win32/Keygen.BL potenziell unsichere Anwendung" ac=I fn="G:\Programme\Autodesk Maya 2011 ISO\activation\keygens\xf-a2011-32bits.exe"
sh=7AB679BE3D6EBCD677E0D9CF964FA6AC06E2C8AA ft=1 fh=e7352bfa9fd76f5f vn="Variante von Win32/Keygen.BL potenziell unsichere Anwendung" ac=I fn="G:\Programme\Autodesk Maya 2011 ISO\activation\keygens\xf-a2011-64bits.exe"
sh=8FB9908C39CE26804BED1E3248952485F5EC6B9A ft=0 fh=0000000000000000 vn="Win32/Keygen.BL potenziell unsichere Anwendung" ac=I fn="G:\Programme\Autodesk Maya 2012\Crack\xf-a2012-32bits.rar"
sh=2A4F07498C10AEFA6F6B1A6301355B896D6E1F9B ft=0 fh=0000000000000000 vn="Win32/Keygen.BL potenziell unsichere Anwendung" ac=I fn="G:\Programme\Autodesk Maya 2012\Crack\xf-a2012-64bits.rar"
sh=082354A70A7643A94E76C581E144B38FBFBBF851 ft=1 fh=1b20774ca278a942 vn="Win32/Keygen.BL potenziell unsichere Anwendung" ac=I fn="G:\Programme\Autodesk Maya 2012\Crack\xf-a2012-64bits\xf-adesk2012x64.exe"
sh=FF3EB0C3AF52BEA461D4E6DEDEDB113E85CA2C96 ft=0 fh=0000000000000000 vn="Win32/Keygen.BL potenziell unsichere Anwendung" ac=I fn="G:\Programme\Autodesk Maya 2012 ISO\maya2012_x64.iso"
sh=8FB9908C39CE26804BED1E3248952485F5EC6B9A ft=0 fh=0000000000000000 vn="Win32/Keygen.BL potenziell unsichere Anwendung" ac=I fn="G:\Programme\Autodesk Revit Architecture 2012\Crack\xf-a2012-32bits.rar"
sh=2A4F07498C10AEFA6F6B1A6301355B896D6E1F9B ft=0 fh=0000000000000000 vn="Win32/Keygen.BL potenziell unsichere Anwendung" ac=I fn="G:\Programme\Autodesk Revit Architecture 2012\Crack\xf-a2012-64bits.rar"
sh=0000000000000000000000000000000000000000 ft=- fh=0000000000000000 vn="Win32/Keygen.BL potenziell unsichere Anwendung" ac=I fn="G:\Programme\Autodesk Revit Architecture 2012 ISO\rac2012.iso"
sh=936B528AA0C10F5A06CA40707DD15861279F1F9C ft=0 fh=0000000000000000 vn="Variante von Win32/HackTool.Patcher.T potenziell unsichere Anwendung" ac=I fn="G:\Programme\Rhinoceros 4.0 + Grasshpper + Flamingo +VRay\Rhinoceros4.0 Flamingo 2.2.iso"
sh=B19976EF2E325385DC9A4294F6753705C8938933 ft=0 fh=0000000000000000 vn="Win32/Keygen.BL potenziell unsichere Anwendung" ac=I fn="G:\Programme\Softimage2012 x64 ISO\activation.rar"
sh=31E2F1A6726FDE67AC0A641C000AF2E2C826971F ft=1 fh=594845ab90091f54 vn="Win32/Keygen.BL potenziell unsichere Anwendung" ac=I fn="G:\Programme\Softimage2012 x64 ISO\activation\activation\x-force_2012_x32.exe"
sh=082354A70A7643A94E76C581E144B38FBFBBF851 ft=1 fh=1b20774ca278a942 vn="Win32/Keygen.BL potenziell unsichere Anwendung" ac=I fn="G:\Programme\Softimage2012 x64 ISO\activation\activation\x-force_2012_x64.exe"

02.07.2014, 17:56	#10
deeprybka /// TB-Ausbilder /// Anleitungs-Guru	HD video codec download Trojaner? Ja, poste einfach wenn Du alles hast. In der Tat, ESET dauert lange... __________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

03.07.2014, 10:09	#12
deeprybka /// TB-Ausbilder /// Anleitungs-Guru	HD video codec download Trojaner? OK... __________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

HD video codec download Trojaner?

Plagegeister aller Art und deren Bekämpfung: HD video codec download Trojaner?