HD video codec download Trojaner?

dösen · 02.07.2014, 12:52

Hallo Trojaner-board Team,

hab seit kurzem diesen bescheuerten HD Video Codec runtergeladen und hab jetzt den Salat. Überall Ads im Chrome, Avira blockiert ständig irgendwelche Angriffe. Hab jetzt schon öfters gescannt mit verschiedenen Programmen, aber alles ohne Erfolg, werde diese Malware einfach nicht los.. Bitte um Hilfe!!

ps: Ich habe bereits einen anderen Thread zu diesem Thema gefunden, aber ich war mir nicht sicher, ob die Schritte bei mir auch funktionieren würden. Zudem kann ich mit log-Dateien nicht viel anfangen.

Grüße,
dösen

deeprybka · 02.07.2014, 12:54

Mein Name ist Jürgen und ich werde Dir bei Deinem Problem behilflich sein. Zusammen schaffen wir das...

Bitte arbeite alle Schritte der Reihe nach ab.
Lese die Anleitungen sorgfältig durch bevor Du beginnst. Wenn es Probleme gibt oder Du etwas nicht verstehst, dann stoppe mit Deiner Ausführung und beschreibe mir das Problem.
Führe bitte nur Scans durch, zu denen Du von mir aufgefordert wurdest.
Bitte kein Crossposting (posten in mehreren Foren).
Installiere oder deinstalliere während der Bereinigung keine Software, außer Du wurdest dazu aufgefordert.
Speichere alle unsere Tools auf dem Desktop ab.
Poste die Logfiles direkt in Deinen Thread in Code-Tags.
Bedenke, dass wir hier alle während unserer Freizeit tätig sind, wenn du innerhalb von 24 Stunden nichts von mir liest, dann schreibe mir bitte eine PM.

Hinweis:
Ich kann Dir niemals eine Garantie geben, dass wir alle schädlichen Dateien finden werden.
Eine Formatierung ist meist der schnellere und immer der sicherste Weg, aber auch nur bei wirklicher Malware empfehlenswert.
Adware & Co. können wir sehr gut entfernen.
Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis Du mein clean bekommst.

Los geht's:

Schritt 1

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Lesestoff
Posten in CODE-Tags: So gehts...
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert uns massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

dösen · 02.07.2014, 13:10

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-07-2014
Ran by Doro Gabriel at 2014-07-02 14:05:46
Running from C:\Users\Doro Gabriel\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Ad-Aware Antivirus (Disabled - Out of date) {D87B6541-12A1-DAEA-0033-9B8057AAB996}
AS: Ad-Aware Antivirus (Disabled - Out of date) {631A84A5-349B-D564-3A83-A0F22C2DF32B}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Ad-Aware Firewall (Disabled) {E040E464-58CE-DBB2-2B6C-32B5A979FEED}

==================== Installed Programs ======================

 Update for Microsoft Office 2007 (KB2508958) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version:  - Microsoft)
Acer Bio Protection (HKLM-x32\...\InstallShield_{E09664BB-BB08-45FA-87D1-33EAB0E017F5}) (Version: 6.2.56 - Egis Technology Inc.)
Ad-Aware Antivirus (HKLM\...\{9F965DAA-2FFD-41E3-8125-893BFBBE01D6}_AdAwareUpdater) (Version: 11.2.5952.0 - Lavasoft)
AdAwareInstaller (Version: 11.2.5952.0 - Lavasoft) Hidden
AdAwareUpdater (Version: 11.2.5952.0 - Lavasoft) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 1.5.3.9120 - Adobe Systems Inc.) Hidden
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Community Help (x32 Version: 3.0.0 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Media Player (x32 Version: 1.8 - Adobe Systems Incorporated) Hidden
Adobe Reader X (10.1.0) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.0 - Adobe Systems Incorporated)
Akamai NetSession Interface (HKCU\...\Akamai) (Version:  - Akamai Technologies, Inc)
ALPS Touch Pad Driver (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.105.2002.1410 - Alps Electric)
AntimalwareEngine (Version: 3.0.0.56 - Lavasoft) Hidden
Apple Application Support (HKLM-x32\...\{63EC2120-1742-4625-AA47-C6A8AEC9C64C}) (Version: 2.2.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{7446FE8D-C1F9-4D42-AAAE-5DBCE58605A6}) (Version: 6.0.0.59 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArchiCAD 14 INT (HKLM\...\001FFF2FFF14FF00FF0701F01F02F000-R1) (Version: 14.0 - Graphisoft)
ATI AVIVO64 Codecs (Version: 10.11.0.41111 - ATI Technologies Inc.) Hidden
ATI Catalyst Install Manager (HKLM\...\{46DBD179-D24A-A447-6645-62493CC11138}) (Version: 3.0.750.0 - ATI Technologies, Inc.)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
AutoCAD 2011 - Deutsch (HKLM\...\AutoCAD 2011 - Deutsch) (Version: 18.1.49.0 - Autodesk)
AutoCAD 2011 - Deutsch (Version: 18.1.116.0 - Autodesk) Hidden
AutoCAD 2011 - Deutsch Version 2.1 (HKLM\...\AutoCAD 2011 - Deutsch Version 2.1) (Version: 1 - Autodesk)
AutoCAD 2011 Language Pack - Deutsch (Version: 18.1.49.0 - Autodesk) Hidden
Autodesk 3ds Max Design 2012 64-bit - English (HKLM\...\Autodesk 3ds Max Design 2012 64-bit - English) (Version: 14.0 - Autodesk)
Autodesk 3ds Max Design 2012 64-bit - English (Version: 14.0 - Autodesk) Hidden
Autodesk Backburner 2012.0.0 (HKLM-x32\...\{3D347E6D-5A03-4342-B5BA-6A771885F379}) (Version: 2012.0.0 - Autodesk, Inc.)
Autodesk Design Review 2012 (HKLM-x32\...\Autodesk Design Review 2012) (Version: 12.0.0.93 - Autodesk, Inc.)
Autodesk Design Review 2012 (x32 Version: 12.0.0.93 - Autodesk, Inc.) Hidden
Autodesk DirectConnect 2012 64-bit (HKLM\...\Autodesk DirectConnect 2012 64-bit) (Version: 6.0.443.0 - Autodesk)
Autodesk DirectConnect 2012 64-bit (Version: 6.0.443.0 - Autodesk) Hidden
Autodesk FBX Plug-in 2012.0 - 3ds Max Design 2012 64-bit (HKLM\...\Autodesk FBX Plug-in 2012.0 - 3ds Max Design 2012 64-bit) (Version:  - Autodesk)
Autodesk MatchMover 2012 64-bit (HKLM\...\{4529F749-C362-4119-AFA0-0A3F1CA924AB}) (Version: 14.00.0000 - Autodesk)
Autodesk Material Library 2011 (HKLM-x32\...\{9DEABCB6-B759-4D52-92F8-51B34A2B4D40}) (Version: 2.0.0.49 - Autodesk)
Autodesk Material Library 2011 Base Image library (HKLM-x32\...\{CD1E078C-A6B9-47DA-B035-6365C85C7832}) (Version: 2.0.0.49 - Autodesk)
Autodesk Material Library 2011 Medium Image library (HKLM-x32\...\{975951E7-14D0-49AF-A630-89680D12D7F6}) (Version: 2.0.0.49 - Autodesk)
Autodesk Material Library 2012 (HKLM-x32\...\{8F0837C2-EE09-4903-88F3-1976FE7FFF4E}) (Version: 2.5.0.8 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2012 (HKLM-x32\...\{65420DC9-306E-4371-905F-F4DC3B418E52}) (Version: 2.5.0.8 - Autodesk)
Autodesk Material Library Low Resolution Image Library 2012 (HKLM-x32\...\{24FF088D-CDCF-480C-8A4B-98F14A54CAA8}) (Version: 2.5.0.8 - Autodesk)
Autodesk Material Library Medium Resolution Image Library 2012 (HKLM-x32\...\{B5751715-EC10-43D9-8C95-62E1368433EF}) (Version: 2.5.0.8 - Autodesk)
Autodesk Maya 2012 64-bit (HKLM\...\Autodesk Maya 2012 64-bit) (Version: 14.0.0.0 - Autodesk)
Autodesk Maya 2012 64-bit (Version: 14.0.0.0 - Autodesk) Hidden
Autodesk Revit Architecture 2012 (HKLM\...\Autodesk Revit Architecture 2012) (Version: 11.03.09231 - Autodesk)
Autodesk Softimage 2012 64-bit (HKLM\...\{7E8B0B79-FE18-446D-A0C7-F4CD3F4964BB}) (Version: 10.0.0000 - Autodesk)
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.4.672 - Avira)
AVS Audio Converter 7 (HKLM-x32\...\AVS Audio Converter_is1) (Version: 7.2.1.528 - Online Media Technologies Ltd.)
Battlefield Play4Free (HKCU\...\{87686C21-8A15-4b4d-A3F1-11141D9BE094}) (Version:  - EA Digital illusions)
BitTorrent (HKLM-x32\...\BitTorrent) (Version: 7.8.0.29610 - BitTorrent Inc.)
Broadcom Gigabit NetLink Controller (HKLM\...\{96F70DF8-160F-4F9C-9B9E-2A9B439B4EB9}) (Version: 12.26.01 - Broadcom Corporation)
Broadcom Wireless LAN Driver Installation Program for Windows7 (HKLM-x32\...\{88410D8F-8529-492B-B556-2394A29B811B}) (Version: 5.60.18.8 - Broadcom)
Canon MG5200 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5200_series) (Version:  - )
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Core Implementation (x32 Version: 2009.1111.2327.42077 - ATI) Hidden
Catalyst Control Center Graphics Full Existing (x32 Version: 2009.1111.2327.42077 - ATI) Hidden
Catalyst Control Center Graphics Full New (x32 Version: 2009.1111.2327.42077 - ATI) Hidden
Catalyst Control Center Graphics Light (x32 Version: 2009.1111.2327.42077 - ATI) Hidden
Catalyst Control Center Graphics Previews Vista (x32 Version: 2009.1111.2327.42077 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2009.1111.2327.42077 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2009.1111.2327.42077 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2009.1111.2326.42077 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2009.1111.2326.42077 - ATI) Hidden
CCC Help Czech (x32 Version: 2009.1111.2326.42077 - ATI) Hidden
CCC Help Danish (x32 Version: 2009.1111.2326.42077 - ATI) Hidden
CCC Help Dutch (x32 Version: 2009.1111.2326.42077 - ATI) Hidden
CCC Help English (x32 Version: 2009.1111.2326.42077 - ATI) Hidden
CCC Help Finnish (x32 Version: 2009.1111.2326.42077 - ATI) Hidden
CCC Help French (x32 Version: 2009.1111.2326.42077 - ATI) Hidden
CCC Help German (x32 Version: 2009.1111.2326.42077 - ATI) Hidden
CCC Help Greek (x32 Version: 2009.1111.2326.42077 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2009.1111.2326.42077 - ATI) Hidden
CCC Help Italian (x32 Version: 2009.1111.2326.42077 - ATI) Hidden
CCC Help Japanese (x32 Version: 2009.1111.2326.42077 - ATI) Hidden
CCC Help Korean (x32 Version: 2009.1111.2326.42077 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2009.1111.2326.42077 - ATI) Hidden
CCC Help Polish (x32 Version: 2009.1111.2326.42077 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2009.1111.2326.42077 - ATI) Hidden
CCC Help Russian (x32 Version: 2009.1111.2326.42077 - ATI) Hidden
CCC Help Spanish (x32 Version: 2009.1111.2326.42077 - ATI) Hidden
CCC Help Swedish (x32 Version: 2009.1111.2326.42077 - ATI) Hidden
CCC Help Thai (x32 Version: 2009.1111.2326.42077 - ATI) Hidden
CCC Help Turkish (x32 Version: 2009.1111.2326.42077 - ATI) Hidden
ccc-core-static (x32 Version: 2009.1111.2327.42077 - Ihr Firmenname) Hidden
ccc-utility64 (Version: 2009.1111.2327.42077 - ATI) Hidden
CINEMA 4D 11.514 (HKLM\...\MAXONB6EC381C) (Version: 11.514 - MAXON Computer GmbH)
Commandos 2: Men of Courage (HKLM-x32\...\Steam App 6830) (Version:  - Pyro Studios)
Composite 2012 64-bit (HKLM\...\{EA234BC3-39FE-4734-B72F-076086889F6D}) (Version: 7.0.0 - Autodesk)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version:  - Valve)
Dropbox (HKCU\...\Dropbox) (Version: 2.8.2 - Dropbox, Inc.)
EasyBits GO (HKCU\...\Game Organizer) (Version:  - EasyBits Media)
eMule (HKLM-x32\...\eMule) (Version:  - )
ENE CIR Receiver Driver (HKLM\...\2C293EC1A06665BB961CBA4EC7AFF4BF2BEAD042) (Version: 2.7.4.1 - ENE)
EverestPoker.com (HKCU\...\EverestPoker.com) (Version:  - )
FARO LS 1.1.406.58 (HKLM-x32\...\{951B0F30-9F1A-4BF6-B3DA-99EB0E917B1C}) (Version: 4.6.58.2 - FARO Scanner Production)
Fingerprint Solution (x32 Version: 6.1.56.0 - Egis Technology Inc.) Hidden
Flamingo 2.0 (HKLM-x32\...\{C475527D-AB5C-47D8-8C25-85CA3E42B5A4}) (Version: 2.0.30611.0 - Robert McNeel & Associates)
Flamingo nXt (HKLM\...\{D6CF21CA-976D-4E1D-BF53-01D503500C1F}) (Version: 3.1.2012.0410 - Robert McNeel & Associates)
Flamingo nXt de-de Language Pack (HKLM-x32\...\{E08C20AC-1FD2-439D-897D-C92FC2DF39F5}) (Version: 3.1.2012.0410 - Robert McNeel & Associates)
Full Tilt Poker (HKLM-x32\...\{D4C9692E-4EFA-4DA0-8B7F-9439466D9E31}) (Version: 4.63.10.WIN.FullTilt.COM - )
Google Chrome (HKCU\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)
Google Drive (HKLM-x32\...\{D9F75285-4864-461D-83DA-8D056BAC44D1}) (Version: 1.16.6866.4367 - Google, Inc.)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google SketchUp 8 (HKLM-x32\...\{4422D20B-F530-4E65-8504-31396C9BC066}) (Version: 3.0.3196 - Google, Inc.)
Google+ Auto Backup (HKCU\...\Google+ Auto Backup) (Version: 1.0.25.133 - Google, Inc.)
Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
Grasshopper (HKLM-x32\...\Grasshopper) (Version:  - )
Intel(R) Turbo Boost Technology Driver (HKLM-x32\...\{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}) (Version: 01.00.01.1002 - Intel Corporation)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - Intel Corporation)
IsoBuster 2.8 (HKLM-x32\...\IsoBuster_is1) (Version: 2.8 - Smart Projects)
iTunes (HKLM\...\{1493B2AE-0261-47D2-B1AA-F4DAD0F6C48B}) (Version: 10.7.0.21 - Apple Inc.)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 37 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216032FF}) (Version: 6.0.370 - Oracle)
Java(TM) 7 Update 1 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417001FF}) (Version: 7.0.10 - Oracle)
JMicron 1394 Filter Driver (HKLM-x32\...\{13C96625-28E4-4c58-ADE0-CDAFC64752EB}) (Version: 1.00.06.00 - JMicron Technology Corp.)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
Malwarebytes' Anti-Malware (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version:  - Malwarebytes Corporation)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft IntelliPoint 8.2 (HKLM\...\Microsoft IntelliPoint 8.2) (Version: 8.20.468.0 - Microsoft Corporation)
Microsoft IntelliPoint 8.2 (Version: 8.20.468.0 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft VC80 Support DLLs (x32 Version: 1.0.0 - McNeel & Associates) Hidden
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 x64 ATL Runtime 9.0.30729 (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 x64 CRT Runtime 9.0.30729 (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 x64 MFC Runtime 9.0.30729 (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 x64 OpenMP Runtime 9.0.30729 (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 x86 ATL Runtime 9.0.30729 (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 x86 CRT Runtime 9.0.30729 (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 x86 MFC Runtime 9.0.30729 (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 x86 OpenMP Runtime 9.0.30729 (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU (HKLM\...\Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU) (Version:  - Microsoft Corporation)
Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU (Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU Service Pack 1 (KB945140) (HKLM-x32\...\{90A80D89-A0E4-33C1-B13D-B93CB3496867}.KB945140) (Version: 1 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM-x32\...\{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Runtime (HKLM-x32\...\{299C0434-4F4E-341F-A916-4E07AEB35E79}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft_VC80_ATL_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Mozilla Firefox 27.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 27.0.1 (x86 de)) (Version: 27.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 27.0.1 - Mozilla)
NVIDIA PhysX Plug-in for Autodesk Maya 2012 64 bit (HKLM\...\{FC4AD39F-9DCE-4BD0-B7D0-7C81CEB9F04B}) (Version: 2.60.0216.1828 - NVIDIA Corporation)
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
PDF24 Creator 5.2.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 0.9.9 - Frank Heindörfer, Philip Chinery)
Pepakura Designer 3 (HKLM-x32\...\pepakura_designer3en) (Version:  - TamaSoftware)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
PokerStars.eu (HKLM-x32\...\PokerStars.eu) (Version:  - PokerStars.eu)
PokerStars.fr (HKLM-x32\...\PokerStars.fr) (Version:  - PokerStars.fr)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.990 - Even Balance, Inc.)
PxMergeModule (x32 Version: 1.00.0000 - Your Company Name) Hidden
QuickTime (HKLM-x32\...\{0E64B098-8018-4256-BA23-C316A43AD9B0}) (Version: 7.72.80.56 - Apple Inc.)
R for Windows 3.0.1 (HKLM\...\R for Windows 3.0.1_is1) (Version: 3.0.1 - R Core Team)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5972 - Realtek Semiconductor Corp.)
Revit Architecture 2012 (Version: 11.03.09231 - Autodesk) Hidden
Revit Architecture 2012 Language Pack - English (Version: 11.03.09231 - Autodesk) Hidden
Rhino RDK (HKLM-x32\...\Rhino RDK) (Version:  - )
Rhinoceros 4.0 (HKLM-x32\...\{5C2CBFFD-FC3B-4AA9-993B-CE2B8DA25B87}) (Version: 4.0.20118 - McNeel & Associates)
Rhinoceros 4.0 SR5b (HKLM-x32\...\{5B9E1A73-6A74-4DAF-AF1C-DDEBD79C942E}) (Version: 4.0.40226 - Robert McNeel & Associates)
Rhinoceros 4.0 SR8 (HKLM-x32\...\{95E1E426-EE9E-4F68-8F02-58A5A09B38F3}) (Version: 4.0.50401 - Robert McNeel & Associates)
SketchUp 2013 (HKLM-x32\...\{B75BC01B-4586-43F8-9349-D250DB98F26F}) (Version: 13.0.4812 - Trimble Navigation Limited)
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.10.9560 - Skype Technologies S.A.)
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
SopCast 3.8.3 (HKLM-x32\...\SopCast) (Version: 3.8.3 - www.sopcast.com)
Spotify (HKCU\...\Spotify) (Version: 0.9.6.81.gd359a796 - Spotify AB)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 14.0.4.0 - Synaptics Incorporated)
Torrent Stream 2.0.1 (HKCU\...\TorrentStream) (Version: 2.0.1 - Torrent Stream)
TT1281 Driver (HKLM-x32\...\{99B364F5-8051-4118-BFAA-FF466F151748}) (Version: 1.0.0.16 - LITEON)
Uninstall 1.0.0.1 (HKLM-x32\...\Uninstall_is1) (Version:  - )
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2473228) (Version: 1 - Microsoft Corporation)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{EA54F104-79D2-48CC-9ABC-91A63C43D353}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2881065) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{B7EF38F7-1D58-4085-A9A4-0F6C69A5AA1E}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
Veetle TV 0.9.18 (HKLM-x32\...\Veetle TV) (Version: 0.9.18 - Veetle, Inc)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{6DA2B636-698A-3294-BF4A-B5E11B238CDD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{8CCEA24C-51AE-3B71-9092-7D0C44DDA2DF}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{C3A57BB3-9AA6-3F6F-9395-6C062BDD5FC4}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{F6F09DD8-F39B-3A16-ADB9-C9E6B56903F9}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{04B34E21-5BEE-3D2B-8D3D-E3E80D253F64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{14866AAD-1F23-39AC-A62B-7091ED1ADE64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{4B90093A-5D9C-3956-8ABB-95848BE6EFAD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{B42E259C-E4D4-37F1-A1B2-EB9C4FC5A04D}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
VLC media player 2.1.0 (HKLM\...\VLC media player) (Version: 2.1.0 - VideoLAN)
V-Ray for Rhinoceros 4.0 (HKLM-x32\...\{54DBAF71-635A-45CB-A7DD-7EAB60F5C460}) (Version: 1.00.0000 - ASGvis, LLC)
WebSpades (HKLM\...\WebSpades) (Version: 2014.07.01.221247 - WebSpades)
WibuKey Setup (WibuKey Remove) (HKLM\...\{00060000-0000-1004-8002-0000C06B5161}) (Version: Version 6.00a of 2009-Dec-03 (Build 129) (Setup) - WIBU-SYSTEMS AG)
WindowsMangerProtect20.0.0.502 (HKLM-x32\...\WindowsMangerProtect) (Version: 20.0.0.502 - WindowsProtect LIMITED)
WinRAR 4.00 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.00.0 - win.rar GmbH)

==================== Restore Points  =========================

30-06-2014 14:51:43 Geplanter Prüfpunkt
02-07-2014 10:07:42 AA11

==================== Hosts content: ==========================

2009-07-14 04:34 - 2011-03-28 19:31 - 00002000 ____A C:\Windows\system32\Drivers\etc\hosts
0.0.0.0       localhost 
127.0.0.1 activate.adobe.com 
127.0.0.1 practivate.adobe.com 
127.0.0.1 ereg.adobe.com 
127.0.0.1 activate.wip3.adobe.com 
127.0.0.1 wip3.adobe.com 
127.0.0.1 3dns-3.adobe.com 
127.0.0.1 3dns-2.adobe.com 
127.0.0.1 adobe-dns.adobe.com 
127.0.0.1 adobe-dns-2.adobe.com 
127.0.0.1 adobe-dns-3.adobe.com 
127.0.0.1 ereg.wip3.adobe.com 
127.0.0.1 activate-sea.adobe.com 
127.0.0.1 wwis-dubc1-vip60.adobe.com 
127.0.0.1 activate-sjc0.adobe.com 
0.0.0.0       localhost 
127.0.0.1 activate.adobe.com 
127.0.0.1 practivate.adobe.com 
127.0.0.1 ereg.adobe.com 
127.0.0.1 activate.wip3.adobe.com 
127.0.0.1 wip3.adobe.com 
127.0.0.1 3dns-3.adobe.com 
127.0.0.1 3dns-2.adobe.com 
127.0.0.1 adobe-dns.adobe.com 
127.0.0.1 adobe-dns-2.adobe.com 
127.0.0.1 adobe-dns-3.adobe.com 
127.0.0.1 ereg.wip3.adobe.com 
127.0.0.1 activate-sea.adobe.com 
127.0.0.1 wwis-dubc1-vip60.adobe.com 


==================== Scheduled Tasks (whitelisted) =============

Task: {0BCB8F21-7044-4459-8474-53293EA59C4D} - System32\Tasks\{2A760783-25BA-4B91-AE60-E68777A40394} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2014-05-08] (Skype Technologies S.A.)
Task: {431BDC0C-F1D3-4F44-98E4-3A94AE3B5F13} - System32\Tasks\{D8723098-9F85-40A9-8807-BAFF6B697F29} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2014-05-08] (Skype Technologies S.A.)
Task: {76DACACD-20DB-42DA-B93D-88CAA2182A32} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-03-27] (Google Inc.)
Task: {80EDECDE-6BE6-4759-9DBA-9D0876329522} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => C:\Program Files\Microsoft IntelliPoint\IPoint.exe [2011-08-01] (Microsoft Corporation)
Task: {82C9D984-B353-4CE6-8B8D-155D25A0B72F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-03-27] (Google Inc.)
Task: {AB781E94-9E40-4049-8089-955C2F8B35B5} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {DC3BB3FC-8281-47AC-823D-7F3320D553CD} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-14] (Adobe Systems Incorporated)
Task: {E43647F6-69F6-44FE-8514-AAD07DB80ABB} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3542374432-354979354-222888450-1000Core => C:\Users\Doro Gabriel\AppData\Local\Google\Update\GoogleUpdate.exe [2012-12-01] (Google Inc.)
Task: {E741E59A-1E43-43F9-9C99-31338BD4F282} - System32\Tasks\AdobeAAMUpdater-1.0-DoroGabriel-PC-Doro Gabriel => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06] (Adobe Systems Incorporated)
Task: {FF6FC979-27AB-41E1-989F-618566506A98} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3542374432-354979354-222888450-1000UA => C:\Users\Doro Gabriel\AppData\Local\Google\Update\GoogleUpdate.exe [2012-12-01] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => ?
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => ?
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => ?
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3542374432-354979354-222888450-1000Core.job => ?
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3542374432-354979354-222888450-1000UA.job => ?

==================== Loaded Modules (whitelisted) =============

2008-05-26 19:24 - 2008-05-26 19:24 - 00103424 _____ () C:\Program Files (x86)\Acer Bio Protection\PwdFilterV64.DLL
2011-03-20 12:18 - 2005-03-12 01:07 - 00087040 _____ () C:\Windows\System32\pdfcmnnt.dll
2011-02-22 21:52 - 2011-02-22 21:52 - 00086016 _____ () C:\Program Files\Autodesk\3ds Max Design 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe
2009-07-29 14:10 - 2009-07-29 14:10 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2011-03-24 16:49 - 2011-03-24 16:49 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2011-03-21 14:37 - 2011-03-02 13:40 - 00164864 _____ () C:\Program Files\WinRAR\rarext.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 02082160 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareShellExtension.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00685904 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\SQLite.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 03393352 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\RCF.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00123776 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\boost_filesystem-vc100-mt-1_55.dll
2014-06-03 16:19 - 2014-06-03 16:19 - 00024440 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\boost_system-vc100-mt-1_55.dll
2014-07-01 16:36 - 2014-07-01 17:02 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-07-02 00:13 - 2014-07-02 00:13 - 00318752 _____ () C:\Program Files (x86)\WebSpades\updateWebSpades.exe
2014-07-02 11:20 - 2014-07-02 11:20 - 00318752 _____ () C:\Program Files (x86)\WebSpades\bin\utilWebSpades.exe
2014-06-03 16:18 - 2014-06-03 16:18 - 07715160 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareTray.exe
2014-06-03 16:18 - 2014-06-03 16:18 - 00055680 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\boost_date_time-vc100-mt-1_55.dll
2014-06-03 16:19 - 2014-06-03 16:19 - 00103800 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\boost_thread-vc100-mt-1_55.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00033656 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\boost_chrono-vc100-mt-1_55.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00500088 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\boost_locale-vc100-mt-1_55.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00364896 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\HtmlFramework.dll
2014-06-03 16:19 - 2014-06-03 16:19 - 00149840 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\libssh2.dll
2014-06-03 16:19 - 2014-06-03 16:19 - 00106824 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\zlib.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00066904 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\DllStorage.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00803696 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareTrayDefaultSkin.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00139608 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\Localization.dll
2014-06-03 15:47 - 2014-06-03 15:47 - 00706864 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareService.exe
2014-06-03 16:18 - 2014-06-03 16:18 - 10070888 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareServiceKernel.dll
2014-06-03 16:19 - 2014-06-03 16:19 - 00788856 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\boost_regex-vc100-mt-1_55.dll
2014-06-03 16:17 - 2014-06-03 16:17 - 00604520 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareActivation.dll
2014-06-03 16:19 - 2014-06-03 16:19 - 00158032 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\pugixml.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00360312 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareApplicationUpdater.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00142696 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareGamingMode.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00098648 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareReset.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00120152 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareTime.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00290168 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareDefinitionsUpdater.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00198024 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareDefinitionsUpdaterScheduler.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00417128 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareIgnoreList.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00245608 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareQuarantine.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00336752 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareAntiMalwareEngine.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00212336 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareAntiRootkitEngine.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00509808 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareScannerHistory.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00610144 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareScanner.dll
2014-06-03 16:19 - 2014-06-03 16:19 - 00035192 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\boost_timer-vc100-mt-1_55.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00326000 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareScannerScheduler.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00453496 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareRealTimeProtection.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00227688 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareIncompatibles.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00218976 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareAntiSpam.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00171368 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareAntiPhishing.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00786800 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareParentalControl.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 01936744 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareWebProtection.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00422256 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareEmailProtection.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00650608 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareNetworkProtection.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00358744 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwarePromo.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00298336 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareFeedback.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00371576 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareThreatWorkAlliance.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00154464 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\SecurityCenter.dll
2014-07-02 11:23 - 2014-06-28 03:45 - 00096544 _____ () C:\Program Files (x86)\WebSpades\bin\WebSpades.BrowserAdapter.exe
2011-11-02 00:26 - 2011-11-02 00:26 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2011-11-02 00:26 - 2011-11-02 00:26 - 01242472 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-06-24 20:02 - 2014-06-24 20:02 - 00043008 _____ () c:\Users\Doro Gabriel\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp3bavgo.dll
2013-08-23 21:01 - 2013-08-23 21:01 - 25100288 _____ () C:\Users\Doro Gabriel\AppData\Roaming\Dropbox\bin\libcef.dll
2014-06-26 16:39 - 2014-06-26 16:39 - 00098816 _____ () C:\Users\Doro Gabriel\AppData\Local\Temp\_MEI68922\win32api.pyd
2014-06-26 16:39 - 2014-06-26 16:39 - 00110080 _____ () C:\Users\Doro Gabriel\AppData\Local\Temp\_MEI68922\pywintypes27.dll
2014-06-26 16:39 - 2014-06-26 16:39 - 00364544 _____ () C:\Users\Doro Gabriel\AppData\Local\Temp\_MEI68922\pythoncom27.dll
2014-06-26 16:39 - 2014-06-26 16:39 - 00045568 _____ () C:\Users\Doro Gabriel\AppData\Local\Temp\_MEI68922\_socket.pyd
2014-06-26 16:39 - 2014-06-26 16:39 - 01160704 _____ () C:\Users\Doro Gabriel\AppData\Local\Temp\_MEI68922\_ssl.pyd
2014-06-26 16:39 - 2014-06-26 16:39 - 00320512 _____ () C:\Users\Doro Gabriel\AppData\Local\Temp\_MEI68922\win32com.shell.shell.pyd
2014-06-26 16:39 - 2014-06-26 16:39 - 00713216 _____ () C:\Users\Doro Gabriel\AppData\Local\Temp\_MEI68922\_hashlib.pyd
2014-06-26 16:39 - 2014-06-26 16:39 - 01175040 _____ () C:\Users\Doro Gabriel\AppData\Local\Temp\_MEI68922\wx._core_.pyd
2014-06-26 16:39 - 2014-06-26 16:39 - 00805888 _____ () C:\Users\Doro Gabriel\AppData\Local\Temp\_MEI68922\wx._gdi_.pyd
2014-06-26 16:39 - 2014-06-26 16:39 - 00811008 _____ () C:\Users\Doro Gabriel\AppData\Local\Temp\_MEI68922\wx._windows_.pyd
2014-06-26 16:39 - 2014-06-26 16:39 - 01062400 _____ () C:\Users\Doro Gabriel\AppData\Local\Temp\_MEI68922\wx._controls_.pyd
2014-06-26 16:39 - 2014-06-26 16:39 - 00735232 _____ () C:\Users\Doro Gabriel\AppData\Local\Temp\_MEI68922\wx._misc_.pyd
2014-06-26 16:39 - 2014-06-26 16:39 - 00128512 _____ () C:\Users\Doro Gabriel\AppData\Local\Temp\_MEI68922\_elementtree.pyd
2014-06-26 16:39 - 2014-06-26 16:39 - 00127488 _____ () C:\Users\Doro Gabriel\AppData\Local\Temp\_MEI68922\pyexpat.pyd
2014-06-26 16:39 - 2014-06-26 16:39 - 00557056 _____ () C:\Users\Doro Gabriel\AppData\Local\Temp\_MEI68922\pysqlite2._sqlite.pyd
2014-06-26 16:39 - 2014-06-26 16:39 - 00007168 _____ () C:\Users\Doro Gabriel\AppData\Local\Temp\_MEI68922\hashobjs_ext.pyd
2014-06-26 16:39 - 2014-06-26 16:39 - 00087552 _____ () C:\Users\Doro Gabriel\AppData\Local\Temp\_MEI68922\_ctypes.pyd
2014-06-26 16:39 - 2014-06-26 16:39 - 00119808 _____ () C:\Users\Doro Gabriel\AppData\Local\Temp\_MEI68922\win32file.pyd
2014-06-26 16:39 - 2014-06-26 16:39 - 00108544 _____ () C:\Users\Doro Gabriel\AppData\Local\Temp\_MEI68922\win32security.pyd
2014-06-26 16:39 - 2014-06-26 16:39 - 00018432 _____ () C:\Users\Doro Gabriel\AppData\Local\Temp\_MEI68922\win32event.pyd
2014-06-26 16:39 - 2014-06-26 16:39 - 00038912 _____ () C:\Users\Doro Gabriel\AppData\Local\Temp\_MEI68922\win32inet.pyd
2014-06-26 16:39 - 2014-06-26 16:39 - 00070656 _____ () C:\Users\Doro Gabriel\AppData\Local\Temp\_MEI68922\wx._html2.pyd
2014-06-26 16:39 - 2014-06-26 16:39 - 00167936 _____ () C:\Users\Doro Gabriel\AppData\Local\Temp\_MEI68922\win32gui.pyd
2014-06-26 16:39 - 2014-06-26 16:39 - 00011264 _____ () C:\Users\Doro Gabriel\AppData\Local\Temp\_MEI68922\win32crypt.pyd
2014-06-26 16:39 - 2014-06-26 16:39 - 00027136 _____ () C:\Users\Doro Gabriel\AppData\Local\Temp\_MEI68922\_multiprocessing.pyd
2014-06-26 16:39 - 2014-06-26 16:39 - 00122368 _____ () C:\Users\Doro Gabriel\AppData\Local\Temp\_MEI68922\wx._wizard.pyd
2014-06-26 16:39 - 2014-06-26 16:39 - 00010240 _____ () C:\Users\Doro Gabriel\AppData\Local\Temp\_MEI68922\select.pyd
2014-06-26 16:39 - 2014-06-26 16:39 - 00024064 _____ () C:\Users\Doro Gabriel\AppData\Local\Temp\_MEI68922\win32pipe.pyd
2014-06-26 16:39 - 2014-06-26 16:39 - 00686080 _____ () C:\Users\Doro Gabriel\AppData\Local\Temp\_MEI68922\unicodedata.pyd
2014-06-26 16:39 - 2014-06-26 16:39 - 00025600 _____ () C:\Users\Doro Gabriel\AppData\Local\Temp\_MEI68922\win32pdh.pyd
2014-06-26 16:39 - 2014-06-26 16:39 - 00525640 _____ () C:\Users\Doro Gabriel\AppData\Local\Temp\_MEI68922\windows._lib_cacheinvalidation.pyd
2014-06-26 16:39 - 2014-06-26 16:39 - 00035840 _____ () C:\Users\Doro Gabriel\AppData\Local\Temp\_MEI68922\win32process.pyd
2014-06-26 16:39 - 2014-06-26 16:39 - 00017408 _____ () C:\Users\Doro Gabriel\AppData\Local\Temp\_MEI68922\win32profile.pyd
2014-06-26 16:39 - 2014-06-26 16:39 - 00022528 _____ () C:\Users\Doro Gabriel\AppData\Local\Temp\_MEI68922\win32ts.pyd
2014-06-26 16:39 - 2014-06-26 16:39 - 00078336 _____ () C:\Users\Doro Gabriel\AppData\Local\Temp\_MEI68922\wx._animate.pyd
2009-02-26 14:46 - 2009-02-26 14:46 - 00064344 _____ () C:\Program Files (x86)\Microsoft Office\Office12\ADDINS\ColleagueImport.dll
2011-06-22 12:46 - 2011-06-22 12:46 - 00434016 _____ () C:\Program Files (x86)\Microsoft Office\Office12\ADDINS\UmOutlookAddin.dll
2013-07-10 18:07 - 2013-07-10 18:07 - 00756888 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\MSPTLS.DLL
2014-07-02 13:20 - 2014-06-28 03:45 - 00183584 ____N () C:\Program Files (x86)\WebSpades\bin\WebSpadesBAApp.dll
2014-06-13 15:42 - 2014-06-05 15:58 - 00716616 _____ () C:\Users\Doro Gabriel\AppData\Local\Google\Chrome\Application\35.0.1916.153\libglesv2.dll
2014-06-13 15:42 - 2014-06-05 15:58 - 00126280 _____ () C:\Users\Doro Gabriel\AppData\Local\Google\Chrome\Application\35.0.1916.153\libegl.dll
2014-06-13 15:42 - 2014-06-05 15:58 - 04217672 _____ () C:\Users\Doro Gabriel\AppData\Local\Google\Chrome\Application\35.0.1916.153\pdf.dll
2014-06-13 15:42 - 2014-06-05 15:58 - 00414536 _____ () C:\Users\Doro Gabriel\AppData\Local\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll
2014-06-13 15:42 - 2014-06-05 15:58 - 01732424 _____ () C:\Users\Doro Gabriel\AppData\Local\Google\Chrome\Application\35.0.1916.153\ffmpegsumo.dll
2014-06-13 15:42 - 2014-06-05 15:58 - 14612296 _____ () C:\Users\Doro Gabriel\AppData\Local\Google\Chrome\Application\35.0.1916.153\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== EXE Association (whitelisted) =============


==================== MSCONFIG/TASK MANAGER disabled items =========

MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: Spotify => "C:\Users\Doro Gabriel\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Doro Gabriel\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\Steam.exe" -silent

==================== Faulty Device Manager Devices =============

Name: Basissystemgerät
Description: Basissystemgerät
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Basissystemgerät
Description: Basissystemgerät
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Basissystemgerät
Description: Basissystemgerät
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/02/2014 01:41:19 AM) (Source: MsiInstaller) (EventID: 11309) (User: DoroGabriel-PC)
Description: Product: Google Update Helper -- Error 1309. Error reading from file: C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\Google\Update\RequiredFile.txt.  System error 3.  Verify that the file exists and that you can access it.

Error: (06/28/2014 00:32:15 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Die abhängige Assemblierung "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (06/28/2014 00:30:24 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Die abhängige Assemblierung "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (06/25/2014 10:23:49 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Die abhängige Assemblierung "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (06/25/2014 10:22:38 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Die abhängige Assemblierung "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (06/25/2014 09:42:21 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Die abhängige Assemblierung "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (06/25/2014 09:40:53 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Die abhängige Assemblierung "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (06/25/2014 03:07:55 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Die abhängige Assemblierung "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (06/25/2014 03:04:36 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Die abhängige Assemblierung "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (06/25/2014 00:46:58 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Die abhängige Assemblierung "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".


System errors:
=============
Error: (07/02/2014 11:19:35 AM) (Source: Server) (EventID: 2505) (User: )
Description: Aufgrund eines doppelten Netzwerknamens konnte zu der Transportschicht \Device\NetBT_Tcpip_{2F4D42E0-1659-4B47-AC38-831856414E1D} vom Serverdienst nicht gebunden werden. Der Serverdienst konnte nicht gestartet werden.

Error: (07/02/2014 11:19:08 AM) (Source: Tcpip) (EventID: 4199) (User: )
Description: Das System hat einen Adressenkonflikt der IP-Adresse 10.0.0.7 mit dem Computer mit der
Netzwerkhardwareadresse DC-9F-A4-94-AE-1E ermittelt. Netzwerkvorgänge könnten daher auf diesem
System unterbrochen werden.

Error: (07/01/2014 00:17:08 PM) (Source: Tcpip) (EventID: 4199) (User: )
Description: Das System hat einen Adressenkonflikt der IP-Adresse 10.0.0.5 mit dem Computer mit der
Netzwerkhardwareadresse DC-9F-A4-94-AE-1E ermittelt. Netzwerkvorgänge könnten daher auf diesem
System unterbrochen werden.

Error: (06/30/2014 05:42:29 PM) (Source: BROWSER) (EventID: 8032) (User: )
Description: Das Einlesen der Sicherungsliste durch den Suchdienst schlug auf Transport "\Device\NetBT_Tcpip_{2F4D42E0-1659-4B47-AC38-831856414E1D}" zu oft fehl.
Der Sicherungssuchdienst wird beendet.

Error: (06/29/2014 02:59:39 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "MAC00254BB02212",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{2F4D42E0-1659-4B47-AC38-831856414E1D}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (06/28/2014 09:27:37 AM) (Source: Tcpip) (EventID: 4199) (User: )
Description: Das System hat einen Adressenkonflikt der IP-Adresse 10.0.0.9 mit dem Computer mit der
Netzwerkhardwareadresse DC-85-DE-73-32-A4 ermittelt. Netzwerkvorgänge könnten daher auf diesem
System unterbrochen werden.

Error: (06/28/2014 09:27:37 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst eventlog erreicht.

Error: (06/26/2014 09:35:48 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "DIDI-PC",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{2F4D42E0-1659-4B47-AC38-831856414E1D}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (06/25/2014 00:31:47 PM) (Source: BROWSER) (EventID: 8032) (User: )
Description: Das Einlesen der Sicherungsliste durch den Suchdienst schlug auf Transport "\Device\NetBT_Tcpip_{2F4D42E0-1659-4B47-AC38-831856414E1D}" zu oft fehl.
Der Sicherungssuchdienst wird beendet.

Error: (06/24/2014 10:22:12 PM) (Source: Tcpip) (EventID: 4199) (User: )
Description: Das System hat einen Adressenkonflikt der IP-Adresse 10.0.0.8 mit dem Computer mit der
Netzwerkhardwareadresse 44-6D-57-0A-8E-E6 ermittelt. Netzwerkvorgänge könnten daher auf diesem
System unterbrochen werden.


Microsoft Office Sessions:
=========================
Error: (06/05/2011 10:16:20 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6557.5001, Microsoft Office Version: 12.0.6425.1000. This session lasted 5 seconds with 0 seconds of active time.  This session ended with a crash.


==================== Memory info =========================== 

Percentage of memory in use: 60%
Total physical RAM: 8054.78 MB
Available physical RAM: 3221.66 MB
Total Pagefile: 16107.73 MB
Available Pagefile: 11544.16 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:154.19 GB) (Free:43.59 GB) NTFS
Drive d: (Uni) (Fixed) (Total:18.5 GB) (Free:2.15 GB) NTFS
Drive e: (Daten) (Fixed) (Total:292.97 GB) (Free:160.88 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 1A009D23)
Partition 1: (Not Active) - (Size=19 GB) - (Type=07 NTFS)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=293 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=154 GB) - (Type=07 NTFS)

==================== End Of Log ============================

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-07-2014
Ran by Doro Gabriel (administrator) on DOROGABRIEL-PC on 02-07-2014 14:04:45
Running from C:\Users\Doro Gabriel\Desktop
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Egis Technology Inc.) C:\Program Files (x86)\Acer Bio Protection\CompPtcVUI.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Egis Technology Inc.) C:\Program Files (x86)\Acer Bio Protection\BASVC.exe
() C:\Program Files\Autodesk\3ds Max Design 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
(Akamai Technologies, Inc.) C:\Users\Doro Gabriel\AppData\Local\Akamai\netsession_win.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Spotify Ltd) C:\Users\Doro Gabriel\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Akamai Technologies, Inc.) C:\Users\Doro Gabriel\AppData\Local\Akamai\netsession_win.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(WIBU-SYSTEMS AG) C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe
(Dropbox, Inc.) C:\Users\Doro Gabriel\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Egis Technology Inc.) C:\Program Files (x86)\Acer Bio Protection\PdtWzd.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunes.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
() C:\Program Files (x86)\WebSpades\updateWebSpades.exe
(Fuyu LIMITED) C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe
(Cherished Technololgy LIMITED) C:\ProgramData\IePluginServices\PluginService.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe
() C:\Program Files (x86)\WebSpades\bin\utilWebSpades.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avcenter.exe
(Lavasoft) C:\ProgramData\Search Protection\SearchProtection.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareTray.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareService.exe
() C:\Program Files (x86)\WebSpades\bin\WebSpades.BrowserAdapter.exe
(Google Inc.) C:\Users\Doro Gabriel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Doro Gabriel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Doro Gabriel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Doro Gabriel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Doro Gabriel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Doro Gabriel\AppData\Local\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-08-07] (Intel Corporation)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [323072 2009-10-01] (Alps Electric Co., Ltd.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8312352 2009-11-02] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1825064 2009-09-03] (Synaptics Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [IntelliPoint] => C:\Program Files\Microsoft IntelliPoint\ipoint.exe [2417032 2011-08-01] (Microsoft Corporation)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [AdAwareTray] => C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareTray.exe [7715160 2014-06-03] ()
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-11-12] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [VitaKeyPdtWzd] => C:\Program Files (x86)\Acer Bio Protection\PdtWzd.exe [3567616 2009-09-05] (Egis Technology Inc.)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [937920 2011-06-06] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-08-27] (Apple Inc.)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [163000 2012-12-12] (Geek Software GmbH)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [737872 2014-05-20] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [Search Protection] => C:\ProgramData\Search Protection\SearchProtection.exe [949512 2014-02-17] (Lavasoft)
HKU\S-1-5-21-3542374432-354979354-222888450-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Doro Gabriel\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)
HKU\S-1-5-21-3542374432-354979354-222888450-1000\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [427520 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-3542374432-354979354-222888450-1000\...\Run: [Google Update] => C:\Users\Doro Gabriel\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-12-01] (Google Inc.)
HKU\S-1-5-21-3542374432-354979354-222888450-1000\...\Run: [Spotify Web Helper] => C:\Users\Doro Gabriel\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1168896 2013-12-15] (Spotify Ltd)
HKU\S-1-5-21-3542374432-354979354-222888450-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21444224 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-3542374432-354979354-222888450-1000\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [24474752 2014-06-05] (Google)
HKU\S-1-5-21-3542374432-354979354-222888450-1000\...\RunOnce: [FlashPlayerUpdate] - C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_13_0_0_214_Plugin.exe [847536 2014-05-14] (Adobe Systems Incorporated)
AppInit_DLLs: C:\PROGRA~2\SupTab\SEARCH~2.DLL => C:\Program Files (x86)\SupTab\SearchProtect64.dll [102512 2014-05-08] (Skytech Co., Ltd.)
Lsa: [Notification Packages] C:\Program Files (x86)\Acer Bio Protection\PwdFilterV64
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Netzwerk Server.lnk
ShortcutTarget: Netzwerk Server.lnk -> C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe (WIBU-SYSTEMS AG)
Startup: C:\Users\Doro Gabriel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Doro Gabriel\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: GDriveBlacklistedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedEditOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedViewOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSyncedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSyncingOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: Symbol-Overlay-Steuerprogramm für AutoCAD Digitale Signaturen -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll (Autodesk, Inc.)
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 1 (GFS Unread Stub) -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 2 (GFS Stub) -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 2.5 (GFS Unread Folder) -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 3 (GFS Folder) -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 4 (GFS Unread Mark) -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BootExecute: autocheck autochk * bddel.exe

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://securedsearch2.lavasoft.com/index.php?pr=vmn&id=adawaretb&v=3_9&idate=__installtime__&ent=hp&u=___userid___
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://at.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xA75ACD8E1BBBCC01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-at
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.snapdo.com/?publisher=SnapdoEMonYB&dpid=SnapdoEMonYB&co=AT&userid=e0238ae8-dfed-4c5f-9183-fc72878505b4&searchtype=ds&q={searchTerms}&installDate=05/07/2013
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://isearch.omiga-plus.com/?type=sc&ts=1404258177&from=ild&uid=WDCXWD5000BEVT-22A0RT0_WD-WX71C90V9560V9560
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1404258177&from=ild&uid=WDCXWD5000BEVT-22A0RT0_WD-WX71C90V9560V9560&q={searchTerms}
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1404258177&from=ild&uid=WDCXWD5000BEVT-22A0RT0_WD-WX71C90V9560V9560&q={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1404258177&from=ild&uid=WDCXWD5000BEVT-22A0RT0_WD-WX71C90V9560V9560&q={searchTerms}
SearchScopes: HKLM-x32 - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=SnapdoEMonYB&dpid=SnapdoEMonYB&co=AT&userid=e0238ae8-dfed-4c5f-9183-fc72878505b4&searchtype=ds&q={searchTerms}&installDate=05/07/2013
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1404258177&from=ild&uid=WDCXWD5000BEVT-22A0RT0_WD-WX71C90V9560V9560&q={searchTerms}
SearchScopes: HKCU - DefaultScope {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = hxxp://securedsearch2.lavasoft.com/results.php?pr=vmn&id=adawaretb&v=3_9&idate=&hsimp=yhs-lavasoft&ent=ch&q={searchTerms}
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=SnapdoEMonYB&dpid=SnapdoEMonYB&co=AT&userid=e0238ae8-dfed-4c5f-9183-fc72878505b4&searchtype=ds&q={searchTerms}&installDate=05/07/2013
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://startsear.ch/?aff=1&src=sp&cf=cd7b236a-3c91-11e1-becd-1c7508401e08&q={searchTerms}
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1404258177&from=ild&uid=WDCXWD5000BEVT-22A0RT0_WD-WX71C90V9560V9560&q={searchTerms}
SearchScopes: HKCU - {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = hxxp://securedsearch2.lavasoft.com/results.php?pr=vmn&id=adawaretb&v=3_9&idate=&hsimp=yhs-lavasoft&ent=ch&q={searchTerms}
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: IETabPage Class - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - C:\Program Files (x86)\SupTab\SupTab.dll (Thinknice Co. Limited)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
Toolbar: HKLM-x32 - Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)
Toolbar: HKLM-x32 - VShareToolBar - {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - C:\Program Files (x86)\vShare.tv plugin\BarLcher.dll (VShare Inc.)
Toolbar: HKLM-x32 - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
Toolbar: HKCU - No Name - {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} -  No File
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} -  No File
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF ProfilePath: C:\Users\Doro Gabriel\AppData\Roaming\Mozilla\Firefox\Profiles\9io3wi8p.default
FF NewTab: hxxp://isearch.omiga-plus.com/newtab/?type=nt&ts=1404258177&from=ild&uid=WDCXWD5000BEVT-22A0RT0_WD-WX71C90V9560V9560
FF DefaultSearchEngine: omiga-plus
FF SearchEngineOrder.1: Web Search
FF SelectedSearchEngine: omiga-plus
FF Homepage: hxxp://isearch.omiga-plus.com/?type=hp&ts=1404258177&from=ild&uid=WDCXWD5000BEVT-22A0RT0_WD-WX71C90V9560V9560
FF Keyword.URL: hxxp://feed.snapdo.com/?publisher=SnapdoEMonYB&dpid=SnapdoEMonYB&co=AT&userid=e0238ae8-dfed-4c5f-9183-fc72878505b4&searchtype=ds&installDate=05/07/2013&q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @veetle.com/veetleCorePlugin,version=0.9.18 - C:\Program Files (x86)\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF Plugin-x32: @veetle.com/veetlePlayerPlugin,version=0.9.18 - C:\Program Files (x86)\Veetle\Player\npvlc.dll (Veetle Inc)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Doro Gabriel\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Doro Gabriel\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @torrentstream.net/tsplugin,version=2.0.1 - C:\Users\Doro Gabriel\AppData\Roaming\TorrentStream\player\npts_plugin.dll (Innovative Digital Technologies)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npContribute.dll (Adobe Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npvsharetvplg.dll (vShare.tv )
FF SearchPlugin: C:\Users\Doro Gabriel\AppData\Roaming\Mozilla\Firefox\Profiles\9io3wi8p.default\searchplugins\Web Search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\adawaretb.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\omiga-plus.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Fast Start - C:\Users\Doro Gabriel\AppData\Roaming\Mozilla\Firefox\Profiles\9io3wi8p.default\Extensions\faststartff@gmail.com [2014-07-02]
FF Extension: No Name - C:\Users\Doro Gabriel\AppData\Roaming\Mozilla\Firefox\Profiles\9io3wi8p.default\Extensions\{87934c42-161d-45bc-8cef-ef18abe2a30c} [2014-07-02]
FF Extension: vshare Add-On - C:\Users\Doro Gabriel\AppData\Roaming\Mozilla\Firefox\Profiles\9io3wi8p.default\Extensions\{dd05fd3d-18df-4ce4-ae53-e795339c5f01} [2011-08-14]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-06-13]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2014-06-13]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2014-06-13]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2014-06-13]
FF HKLM-x32\...\Firefox\Extensions: [{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}] - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}
FF Extension: Adobe Contribute Toolbar - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9} [2011-03-28]
FF HKLM-x32\...\Firefox\Extensions: [faststartff@gmail.com] - C:\Users\Doro Gabriel\AppData\Roaming\Mozilla\Firefox\Profiles\9io3wi8p.default\extensions\faststartff@gmail.com
FF Extension: Fast Start - C:\Users\Doro Gabriel\AppData\Roaming\Mozilla\Firefox\Profiles\9io3wi8p.default\extensions\faststartff@gmail.com [2014-07-02]
FF HKCU\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]

Chrome: 
=======
CHR HomePage: hxxp://www.google.com/
CHR StartupUrls: "chrome://bookmarks/#1", "hxxp://www.google.com/", "hxxp://www.detail.de/daily/", "hxxp://feed.snapdo.com/?publisher=SnapdoEMonYB&dpid=SnapdoEMonYB&co=AT&userid=e0238ae8-dfed-4c5f-9183-fc72878505b4&searchtype=hp&installDate=05/07/2013", "hxxp://isearch.omiga-plus.com/?type=hp&ts=1404258177&from=ild&uid=WDCXWD5000BEVT-22A0RT0_WD-WX71C90V9560V9560", "hxxp://isearch.omiga-plus.com/?type=hppp&ts=1404295826&from=ild&uid=WDCXWD5000BEVT-22A0RT0_WD-WX71C90V9560V9560"
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Doro Gabriel\AppData\Local\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Doro Gabriel\AppData\Local\Google\Chrome\Application\35.0.1916.153\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Users\Doro Gabriel\AppData\Local\Google\Chrome\Application\35.0.1916.153\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll No File
CHR Plugin: (vShare.tv plug-in) - C:\Users\Doro Gabriel\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpionmjnkbpcdpcflammlgllecmejgjj\1.3_0\chvsharetvplg.dll No File
CHR Plugin: (vShare.tv plug-in) - C:\Program Files (x86)\Mozilla Firefox\plugins\npvsharetvplg.dll (vShare.tv )
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.180.7) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeploytk.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U18) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll No File
CHR Plugin: (Adobe Contribute CS5 ) - C:\Program Files (x86)\Mozilla Firefox\plugins\npContribute.dll (Adobe Systems, Inc.)
CHR Plugin: (2007 Microsoft Office system) - C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Plugin: (Veetle TV Player) - C:\Program Files (x86)\Veetle\Player\npvlc.dll (Veetle Inc)
CHR Plugin: (Veetle TV Core) - C:\Program Files (x86)\Veetle\plugins\npVeetle.dll (Veetle Inc)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Extension: (Google Drive) - C:\Users\Doro Gabriel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-07-02]
CHR Extension: (YouTube) - C:\Users\Doro Gabriel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-06-05]
CHR Extension: (Google-Suche) - C:\Users\Doro Gabriel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-06-05]
CHR Extension: (Google Wallet) - C:\Users\Doro Gabriel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR Extension: (Battlefield Play4Free) - C:\Users\Doro Gabriel\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiokahphinmbmakkehgelkmpolmnbkdh [2014-07-01]
CHR Extension: (Google Mail) - C:\Users\Doro Gabriel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-06-05]
CHR HKCU\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\DOROGA~1\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2014-06-26]
CHR HKCU\...\Chrome\Extension: [ochbjojkpcmlfeagbaahkofepalngihg] - C:\Users\Doro Gabriel\AppData\Roaming\TorrentStream\extensions\chrome\magicplayer.crx [2012-11-05]
CHR HKLM-x32\...\Chrome\Extension: [kpionmjnkbpcdpcflammlgllecmejgjj] - C:\Program Files (x86)\vShare.tv plugin\vshareplg.crx [2011-08-31]
CHR StartMenuInternet: Google Chrome - C:\Users\Doro Gabriel\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-05-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-05-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1039440 2014-05-20] (Avira Operations GmbH & Co. KG)
R2 IePluginServices; C:\ProgramData\IePluginServices\PluginService.exe [704112 2014-05-08] (Cherished Technololgy LIMITED)
R2 IGBASVC; C:\Program Files (x86)\Acer Bio Protection\BASVC.exe [3450368 2009-09-05] (Egis Technology Inc.) [File not signed]
S3 InstallShield Licensing Service; C:\Program Files (x86)\Common Files\InstallShield Shared\Service\InstallShield Licensing Service.exe [78536 2011-10-17] (Macrovision                                                    )
R2 LavasoftAdAwareService11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareService.exe [706864 2014-06-03] ()
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 mi-raysat_3dsmax2012_64; C:\Program Files\Autodesk\3ds Max Design 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe [86016 2011-02-22] () [File not signed]
S4 msvsmon90; C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe [4737024 2008-07-29] (Microsoft Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-07-01] ()
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 Update WebSpades; C:\Program Files (x86)\WebSpades\updateWebSpades.exe [318752 2014-07-02] ()
R2 Util WebSpades; C:\Program Files (x86)\WebSpades\bin\utilWebSpades.exe [318752 2014-07-02] ()
R2 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [535936 2014-07-02] (Fuyu LIMITED)
S3 McNeelUpdates64; "C:\Program Files (x86)\Rhinoceros 4.0\System\RhinoVersionCheckSvc64.exe" [X]

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [112080 2014-05-20] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-05-20] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-14] (Avira Operations GmbH & Co. KG)
R0 johci; C:\Windows\System32\DRIVERS\johci.sys [20392 2009-09-21] (JMicron )
S3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [389240 2014-04-22] (BitDefender S.R.L.)
R2 WIBUKEY; C:\Windows\System32\DRIVERS\WibuKey64.sys [103224 2009-12-03] (WIBU-SYSTEMS AG)
R1 {2635ac50-5488-40bf-9bfd-accb158f8f3f}w64; C:\Windows\System32\drivers\{2635ac50-5488-40bf-9bfd-accb158f8f3f}w64.sys [61120 2014-06-26] (StdLib)
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2030-08-29 15:22 - 2030-08-29 15:22 - 00143872 ____N (Intel Corporation) C:\Windows\SysWOW64\iacenc.dll
2030-08-29 15:22 - 2030-08-29 15:22 - 00056832 ____N () C:\Windows\SysWOW64\iyvu9_32.dll
2014-07-02 14:04 - 2014-07-02 14:05 - 00033572 _____ () C:\Users\Doro Gabriel\Desktop\FRST.txt
2014-07-02 14:04 - 2014-07-02 14:04 - 00000000 ____D () C:\FRST
2014-07-02 14:03 - 2014-07-02 14:03 - 02083840 _____ (Farbar) C:\Users\Doro Gabriel\Desktop\FRST64.exe
2014-07-02 13:20 - 2014-07-02 13:20 - 00000000 ____D () C:\Users\Doro Gabriel\AppData\Roaming\Lavasoft
2014-07-02 12:54 - 2014-07-02 13:29 - 00028672 _____ () C:\Windows\system32\bddel.exe
2014-07-02 12:54 - 2014-07-02 13:29 - 00027340 _____ () C:\Windows\system32\bddel.dat
2014-07-02 12:11 - 2014-07-02 12:12 - 00002312 _____ () C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
2014-07-02 12:11 - 2014-07-02 12:11 - 00000000 ____D () C:\Users\Doro Gabriel\AppData\Roaming\LavasoftStatistics
2014-07-02 12:11 - 2014-07-02 12:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ad-Aware Antivirus
2014-07-02 12:11 - 2014-07-02 12:11 - 00000000 ____D () C:\Program Files\Lavasoft
2014-07-02 12:10 - 2014-07-02 12:10 - 00000000 ____D () C:\Users\Doro Gabriel\AppData\Roaming\SecureSearch
2014-07-02 12:10 - 2014-07-02 12:10 - 00000000 ____D () C:\ProgramData\Search Protection
2014-07-02 12:10 - 2014-07-02 12:10 - 00000000 ____D () C:\Program Files (x86)\Toolbar Cleaner
2014-07-02 12:10 - 2014-07-02 12:10 - 00000000 ____D () C:\Program Files (x86)\Lavasoft
2014-07-02 12:09 - 2014-07-02 12:09 - 00000000 ____D () C:\Program Files\Common Files\Lavasoft
2014-07-02 12:07 - 2014-07-02 12:07 - 01707144 _____ () C:\Users\Doro Gabriel\Downloads\Adaware112_Installer.exe
2014-07-02 12:07 - 2014-07-02 12:07 - 00000000 ____D () C:\ProgramData\Lavasoft
2014-07-02 11:24 - 2014-06-26 16:49 - 00061120 _____ (StdLib) C:\Windows\system32\Drivers\{2635ac50-5488-40bf-9bfd-accb158f8f3f}w64.sys
2014-07-02 01:43 - 2014-07-02 12:54 - 00000000 ____D () C:\Program Files (x86)\SupTab
2014-07-02 01:43 - 2014-07-02 01:43 - 00000000 ____D () C:\Users\Doro Gabriel\AppData\Roaming\SupTab
2014-07-02 01:43 - 2014-07-02 01:43 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2014-07-02 01:43 - 2014-07-02 01:43 - 00000000 ____D () C:\ProgramData\IePluginServices
2014-07-02 01:42 - 2014-07-02 11:23 - 00000000 ____D () C:\Program Files (x86)\WebSpades
2014-07-02 01:41 - 2014-07-02 01:46 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-07-02 01:41 - 2014-07-02 01:41 - 00000000 ____D () C:\Users\Doro Gabriel\AppData\Local\globalUpdate
2014-07-01 16:57 - 2014-07-01 17:02 - 00282104 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr
2014-07-01 16:56 - 2014-07-01 16:56 - 00000000 ____D () C:\Users\Doro Gabriel\AppData\Local\PunkBuster
2014-07-01 16:54 - 2014-07-01 17:07 - 00000000 ____D () C:\Users\Doro Gabriel\Documents\Battlefield Play4Free
2014-07-01 16:36 - 2014-07-01 17:02 - 00282104 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-07-01 16:36 - 2014-07-01 17:02 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-07-01 16:36 - 2014-07-01 16:36 - 00000000 ____D () C:\Users\Doro Gabriel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\EA Games
2014-07-01 16:08 - 2014-07-01 16:08 - 00000000 ____D () C:\Program Files (x86)\EA Games
2014-06-26 16:40 - 2014-06-27 08:28 - 00000000 ___RD () C:\Users\Doro Gabriel\Google Drive
2014-06-26 16:40 - 2014-06-26 16:40 - 00001734 _____ () C:\Users\Doro Gabriel\Desktop\Google Drive.lnk
2014-06-26 16:39 - 2014-06-26 16:39 - 00002049 _____ () C:\Users\Public\Desktop\Google Slides.lnk
2014-06-26 16:39 - 2014-06-26 16:39 - 00002047 _____ () C:\Users\Public\Desktop\Google Sheets.lnk
2014-06-26 16:39 - 2014-06-26 16:39 - 00002037 _____ () C:\Users\Public\Desktop\Google Docs.lnk
2014-06-26 16:39 - 2014-06-26 16:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2014-06-26 16:38 - 2014-06-26 16:38 - 00895120 _____ (Google Inc.) C:\Users\Doro Gabriel\Downloads\googledrivesync.exe
2014-06-24 19:57 - 2014-06-24 19:57 - 00275664 _____ () C:\Windows\Minidump\062414-35552-01.dmp
2014-06-21 15:02 - 2014-06-21 15:02 - 00372704 _____ () C:\Windows\Minidump\062114-34257-01.dmp
2014-06-21 14:52 - 2014-06-21 14:52 - 00275664 _____ () C:\Windows\Minidump\062114-37190-01.dmp
2014-06-20 23:41 - 2014-06-20 23:41 - 00000000 _____ () C:\Users\Doro Gabriel\AppData\Local\{1CCA130F-AF98-456E-BA93-0D01C02EAE30}
2014-06-13 11:55 - 2014-06-13 11:55 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-11 23:29 - 2014-06-11 23:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2014-06-11 23:29 - 2014-06-11 23:29 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-06-11 11:03 - 2014-03-26 16:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-06-11 11:03 - 2014-03-26 16:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-06-11 11:03 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-06-11 11:03 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-06-11 11:03 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-06-11 11:03 - 2014-03-26 16:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-06-11 11:03 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2014-06-11 11:03 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-06-11 11:02 - 2014-05-30 12:21 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-11 11:02 - 2014-05-30 12:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-11 11:02 - 2014-05-30 12:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-06-11 11:02 - 2014-05-30 11:45 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-11 11:02 - 2014-05-30 11:39 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-11 11:02 - 2014-05-30 11:39 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-11 11:02 - 2014-05-30 11:38 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-06-11 11:02 - 2014-05-30 11:28 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-11 11:02 - 2014-05-30 11:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-11 11:02 - 2014-05-30 11:24 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-11 11:02 - 2014-05-30 11:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-11 11:02 - 2014-05-30 11:21 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-06-11 11:02 - 2014-05-30 11:20 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-06-11 11:02 - 2014-05-30 11:18 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-11 11:02 - 2014-05-30 11:11 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-06-11 11:02 - 2014-05-30 11:08 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-11 11:02 - 2014-05-30 11:06 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-11 11:02 - 2014-05-30 11:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-11 11:02 - 2014-05-30 10:55 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-06-11 11:02 - 2014-05-30 10:49 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-11 11:02 - 2014-05-30 10:46 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-11 11:02 - 2014-05-30 10:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-06-11 11:02 - 2014-05-30 10:44 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-11 11:02 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-06-11 11:02 - 2014-05-30 10:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-06-11 11:02 - 2014-05-30 10:38 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-11 11:02 - 2014-05-30 10:35 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-11 11:02 - 2014-05-30 10:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-11 11:02 - 2014-05-30 10:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-11 11:02 - 2014-05-30 10:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-06-11 11:02 - 2014-05-30 10:29 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-11 11:02 - 2014-05-30 10:28 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-06-11 11:02 - 2014-05-30 10:27 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-06-11 11:02 - 2014-05-30 10:24 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-06-11 11:02 - 2014-05-30 10:23 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-11 11:02 - 2014-05-30 10:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-11 11:02 - 2014-05-30 10:10 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-06-11 11:02 - 2014-05-30 10:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-11 11:02 - 2014-05-30 10:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-11 11:02 - 2014-05-30 10:02 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-11 11:02 - 2014-05-30 09:56 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-11 11:02 - 2014-05-30 09:56 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-11 11:02 - 2014-05-30 09:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-11 11:02 - 2014-05-30 09:50 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-06-11 11:02 - 2014-05-30 09:49 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-11 11:02 - 2014-05-30 09:43 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-11 11:02 - 2014-05-30 09:40 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-11 11:02 - 2014-05-30 09:30 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-11 11:02 - 2014-05-30 09:21 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-11 11:02 - 2014-05-30 09:15 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-11 11:02 - 2014-05-30 09:13 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-06-11 11:02 - 2014-05-30 09:13 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-06-11 11:02 - 2014-05-08 11:32 - 01112064 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-06-11 11:02 - 2014-04-25 04:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-06-11 11:02 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-06-11 11:02 - 2014-04-05 04:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-11 11:02 - 2014-04-05 04:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-06-11 11:02 - 2013-11-26 13:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-06-10 21:34 - 2014-06-10 21:34 - 00090624 _____ () C:\Users\Doro Gabriel\Downloads\WM 2014 Tippspiel DEU.xlt
2014-06-03 10:09 - 2014-06-03 10:09 - 00013221 _____ () C:\Users\Doro Gabriel\Downloads\Stückliste Papper Brillen mit Kodierung.xlsx

==================== One Month Modified Files and Folders =======

2030-08-29 15:22 - 2030-08-29 15:22 - 00143872 ____N (Intel Corporation) C:\Windows\SysWOW64\iacenc.dll
2030-08-29 15:22 - 2030-08-29 15:22 - 00056832 ____N () C:\Windows\SysWOW64\iyvu9_32.dll
2014-07-02 14:05 - 2014-07-02 14:04 - 00033572 _____ () C:\Users\Doro Gabriel\Desktop\FRST.txt
2014-07-02 14:04 - 2014-07-02 14:04 - 00000000 ____D () C:\FRST
2014-07-02 14:03 - 2014-07-02 14:03 - 02083840 _____ (Farbar) C:\Users\Doro Gabriel\Desktop\FRST64.exe
2014-07-02 13:59 - 2011-03-20 12:33 - 00000000 ____D () C:\Users\Doro Gabriel\AppData\Roaming\Skype
2014-07-02 13:29 - 2014-07-02 12:54 - 00028672 _____ () C:\Windows\system32\bddel.exe
2014-07-02 13:29 - 2014-07-02 12:54 - 00027340 _____ () C:\Windows\system32\bddel.dat
2014-07-02 13:20 - 2014-07-02 13:20 - 00000000 ____D () C:\Users\Doro Gabriel\AppData\Roaming\Lavasoft
2014-07-02 13:20 - 2009-07-14 04:34 - 00000580 _____ () C:\Windows\win.ini
2014-07-02 13:19 - 2009-07-14 06:45 - 00019840 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-02 13:19 - 2009-07-14 06:45 - 00019840 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-02 12:54 - 2014-07-02 01:43 - 00000000 ____D () C:\Program Files (x86)\SupTab
2014-07-02 12:47 - 2012-12-01 05:02 - 00001148 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3542374432-354979354-222888450-1000UA.job
2014-07-02 12:39 - 2011-03-27 23:28 - 00001122 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-02 12:33 - 2012-05-03 19:13 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-02 12:27 - 2011-03-19 19:01 - 01460595 _____ () C:\Windows\WindowsUpdate.log
2014-07-02 12:12 - 2014-07-02 12:11 - 00002312 _____ () C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
2014-07-02 12:11 - 2014-07-02 12:11 - 00000000 ____D () C:\Users\Doro Gabriel\AppData\Roaming\LavasoftStatistics
2014-07-02 12:11 - 2014-07-02 12:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ad-Aware Antivirus
2014-07-02 12:11 - 2014-07-02 12:11 - 00000000 ____D () C:\Program Files\Lavasoft
2014-07-02 12:10 - 2014-07-02 12:10 - 00000000 ____D () C:\Users\Doro Gabriel\AppData\Roaming\SecureSearch
2014-07-02 12:10 - 2014-07-02 12:10 - 00000000 ____D () C:\ProgramData\Search Protection
2014-07-02 12:10 - 2014-07-02 12:10 - 00000000 ____D () C:\Program Files (x86)\Toolbar Cleaner
2014-07-02 12:10 - 2014-07-02 12:10 - 00000000 ____D () C:\Program Files (x86)\Lavasoft
2014-07-02 12:09 - 2014-07-02 12:09 - 00000000 ____D () C:\Program Files\Common Files\Lavasoft
2014-07-02 12:07 - 2014-07-02 12:07 - 01707144 _____ () C:\Users\Doro Gabriel\Downloads\Adaware112_Installer.exe
2014-07-02 12:07 - 2014-07-02 12:07 - 00000000 ____D () C:\ProgramData\Lavasoft
2014-07-02 11:41 - 2009-07-14 06:51 - 00001645 _____ () C:\Windows\setupact.log
2014-07-02 11:23 - 2014-07-02 01:42 - 00000000 ____D () C:\Program Files (x86)\WebSpades
2014-07-02 01:46 - 2014-07-02 01:41 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-07-02 01:43 - 2014-07-02 01:43 - 00000000 ____D () C:\Users\Doro Gabriel\AppData\Roaming\SupTab
2014-07-02 01:43 - 2014-07-02 01:43 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2014-07-02 01:43 - 2014-07-02 01:43 - 00000000 ____D () C:\ProgramData\IePluginServices
2014-07-02 01:43 - 2012-06-05 02:16 - 00002625 _____ () C:\Users\Doro Gabriel\Desktop\Google Chrome.lnk
2014-07-02 01:43 - 2012-01-27 19:17 - 00001377 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-07-02 01:43 - 2011-03-19 23:08 - 00002166 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-07-02 01:43 - 2011-03-19 19:06 - 00001660 _____ () C:\Users\Doro Gabriel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-07-02 01:41 - 2014-07-02 01:41 - 00000000 ____D () C:\Users\Doro Gabriel\AppData\Local\globalUpdate
2014-07-01 19:46 - 2012-12-01 05:02 - 00001096 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3542374432-354979354-222888450-1000Core.job
2014-07-01 19:38 - 2011-03-27 23:28 - 00001118 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-01 17:07 - 2014-07-01 16:54 - 00000000 ____D () C:\Users\Doro Gabriel\Documents\Battlefield Play4Free
2014-07-01 17:02 - 2014-07-01 16:57 - 00282104 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr
2014-07-01 17:02 - 2014-07-01 16:36 - 00282104 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-07-01 17:02 - 2014-07-01 16:36 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-07-01 16:56 - 2014-07-01 16:56 - 00000000 ____D () C:\Users\Doro Gabriel\AppData\Local\PunkBuster
2014-07-01 16:36 - 2014-07-01 16:36 - 00000000 ____D () C:\Users\Doro Gabriel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\EA Games
2014-07-01 16:33 - 2011-04-25 20:37 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-07-01 16:08 - 2014-07-01 16:08 - 00000000 ____D () C:\Program Files (x86)\EA Games
2014-06-29 16:21 - 2013-12-03 23:06 - 10520227 _____ () C:\Users\Doro Gabriel\Desktop\RhinoCrashDump.dmp
2014-06-27 18:13 - 2009-07-14 19:58 - 00697082 _____ () C:\Windows\system32\perfh007.dat
2014-06-27 18:13 - 2009-07-14 19:58 - 00148346 _____ () C:\Windows\system32\perfc007.dat
2014-06-27 18:13 - 2009-07-14 07:13 - 01613340 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-27 15:26 - 2011-03-19 20:04 - 00002562 _____ () C:\Windows\diagwrn.xml
2014-06-27 15:26 - 2011-03-19 20:04 - 00001908 _____ () C:\Windows\diagerr.xml
2014-06-27 15:26 - 2009-07-14 06:51 - 00000000 _____ () C:\Windows\setuperr.log
2014-06-27 08:28 - 2014-06-26 16:40 - 00000000 ___RD () C:\Users\Doro Gabriel\Google Drive
2014-06-26 16:49 - 2014-07-02 11:24 - 00061120 _____ (StdLib) C:\Windows\system32\Drivers\{2635ac50-5488-40bf-9bfd-accb158f8f3f}w64.sys
2014-06-26 16:40 - 2014-06-26 16:40 - 00001734 _____ () C:\Users\Doro Gabriel\Desktop\Google Drive.lnk
2014-06-26 16:40 - 2011-03-19 19:06 - 00000000 ____D () C:\Users\Doro Gabriel
2014-06-26 16:39 - 2014-06-26 16:39 - 00002049 _____ () C:\Users\Public\Desktop\Google Slides.lnk
2014-06-26 16:39 - 2014-06-26 16:39 - 00002047 _____ () C:\Users\Public\Desktop\Google Sheets.lnk
2014-06-26 16:39 - 2014-06-26 16:39 - 00002037 _____ () C:\Users\Public\Desktop\Google Docs.lnk
2014-06-26 16:39 - 2014-06-26 16:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2014-06-26 16:39 - 2011-03-27 23:28 - 00000000 ____D () C:\Users\Doro Gabriel\AppData\Local\Google
2014-06-26 16:39 - 2011-03-27 23:28 - 00000000 ____D () C:\Program Files (x86)\Google
2014-06-26 16:38 - 2014-06-26 16:38 - 00895120 _____ (Google Inc.) C:\Users\Doro Gabriel\Downloads\googledrivesync.exe
2014-06-24 20:03 - 2014-05-16 10:27 - 00000000 ____D () C:\Users\Doro Gabriel\AppData\Roaming\DropboxMaster
2014-06-24 20:03 - 2012-10-11 16:55 - 00000000 ___RD () C:\Users\Doro Gabriel\Dropbox
2014-06-24 20:03 - 2012-10-11 16:49 - 00000000 ____D () C:\Users\Doro Gabriel\AppData\Roaming\Dropbox
2014-06-24 19:57 - 2014-06-24 19:57 - 00275664 _____ () C:\Windows\Minidump\062414-35552-01.dmp
2014-06-24 19:57 - 2011-12-16 11:44 - 533557498 _____ () C:\Windows\MEMORY.DMP
2014-06-24 19:57 - 2011-12-16 11:44 - 00000000 ____D () C:\Windows\Minidump
2014-06-24 19:57 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-21 15:02 - 2014-06-21 15:02 - 00372704 _____ () C:\Windows\Minidump\062114-34257-01.dmp
2014-06-21 14:52 - 2014-06-21 14:52 - 00275664 _____ () C:\Windows\Minidump\062114-37190-01.dmp
2014-06-21 14:52 - 2012-04-27 18:33 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-06-20 23:41 - 2014-06-20 23:41 - 00000000 _____ () C:\Users\Doro Gabriel\AppData\Local\{1CCA130F-AF98-456E-BA93-0D01C02EAE30}
2014-06-19 19:42 - 2012-12-01 05:02 - 00004132 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3542374432-354979354-222888450-1000UA
2014-06-19 19:42 - 2012-12-01 05:02 - 00003736 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3542374432-354979354-222888450-1000Core
2014-06-19 19:34 - 2011-03-27 23:28 - 00004118 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-19 19:33 - 2011-03-27 23:28 - 00003866 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-16 00:00 - 2011-04-20 21:21 - 00000000 ____D () C:\Users\Doro Gabriel\AppData\Local\PokerStars
2014-06-13 11:55 - 2014-06-13 11:55 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-12 17:36 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-06-12 10:46 - 2012-10-11 16:55 - 00001052 _____ () C:\Users\Doro Gabriel\Desktop\Dropbox.lnk
2014-06-12 10:46 - 2012-10-11 16:54 - 00000000 ____D () C:\Users\Doro Gabriel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-06-12 10:45 - 2011-03-20 12:33 - 00000000 ____D () C:\ProgramData\Skype
2014-06-12 10:44 - 2011-03-20 12:33 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-06-12 10:37 - 2011-03-21 21:22 - 00136960 _____ () C:\Windows\PFRO.log
2014-06-12 10:00 - 2013-08-15 14:04 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-12 09:57 - 2011-03-21 14:43 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-06-12 09:57 - 2011-03-19 21:22 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-06-11 23:29 - 2014-06-11 23:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2014-06-11 23:29 - 2014-06-11 23:29 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-06-11 23:29 - 2013-10-16 22:17 - 00001938 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2014-06-11 23:29 - 2011-03-19 23:17 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2014-06-10 21:34 - 2014-06-10 21:34 - 00090624 _____ () C:\Users\Doro Gabriel\Downloads\WM 2014 Tippspiel DEU.xlt
2014-06-03 10:09 - 2014-06-03 10:09 - 00013221 _____ () C:\Users\Doro Gabriel\Downloads\Stückliste Papper Brillen mit Kodierung.xlsx

Some content of TEMP:
====================
C:\Users\Doro Gabriel\AppData\Local\Temp\9c6d3f6e-5287-47f7-875f-f02135fbba6a.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\AcDeltree.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\AskSLib.dll
C:\Users\Doro Gabriel\AppData\Local\Temp\avgnt.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\chutil.dll
C:\Users\Doro Gabriel\AppData\Local\Temp\contentDATs.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp3bavgo.dll
C:\Users\Doro Gabriel\AppData\Local\Temp\firefoxjre_exe.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\GUR8694.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\InstallAX.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\InstallPlugin.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\jre-1.6.0_20-windows-i586-iftw.exe_90744722.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\jre-6u20-windows-i586-jinstall_uac.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\jre-6u32-windows-i586-iftw.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\jre-6u33-windows-i586-iftw.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\jre-6u35-windows-i586-iftw.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\jre-6u37-windows-i586-iftw.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\jre-7u13-windows-i586-iftw.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\pdf24-creator-update.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\ptu2705_tmp.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\RhinoScriptEditor.dll
C:\Users\Doro Gabriel\AppData\Local\Temp\rhrdk_beta_20070402.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\SecurityScan_Release.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\SpotifyUpgrader.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\Uninstall.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\utt2A31.tmp.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\_unps.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-06-28 00:17

==================== End Of Log ============================

--- --- ---

deeprybka · 02.07.2014, 13:21

Hi,

Code:

ATTFilter

2009-07-14 04:34 - 2011-03-28 19:31 - 00002000 ____A C:\Windows\system32\Drivers\etc\hosts
0.0.0.0       localhost 
127.0.0.1 activate.adobe.com 
127.0.0.1 practivate.adobe.com 
127.0.0.1 ereg.adobe.com 
127.0.0.1 activate.wip3.adobe.com 
127.0.0.1 wip3.adobe.com 
127.0.0.1 3dns-3.adobe.com 
127.0.0.1 3dns-2.adobe.com 
127.0.0.1 adobe-dns.adobe.com 
127.0.0.1 adobe-dns-2.adobe.com 
127.0.0.1 adobe-dns-3.adobe.com 
127.0.0.1 ereg.wip3.adobe.com 
127.0.0.1 activate-sea.adobe.com 
127.0.0.1 wwis-dubc1-vip60.adobe.com 
127.0.0.1 activate-sjc0.adobe.com 
0.0.0.0       localhost 
127.0.0.1 activate.adobe.com 
127.0.0.1 practivate.adobe.com 
127.0.0.1 ereg.adobe.com 
127.0.0.1 activate.wip3.adobe.com 
127.0.0.1 wip3.adobe.com 
127.0.0.1 3dns-3.adobe.com 
127.0.0.1 3dns-2.adobe.com 
127.0.0.1 adobe-dns.adobe.com 
127.0.0.1 adobe-dns-2.adobe.com 
127.0.0.1 adobe-dns-3.adobe.com 
127.0.0.1 ereg.wip3.adobe.com 
127.0.0.1 activate-sea.adobe.com 
127.0.0.1 wwis-dubc1-vip60.adobe.com

Das kann weg oder?

dösen · 02.07.2014, 13:27

Was ist das genau? Unwichtiges wahrscheinlich oder? Wenns hilft kanns weg!!

Wie ich das allerdings lösche weiß ich nicht, bitte um Anleitung

deeprybka · 02.07.2014, 14:01

Ok...

Info

Mehrere Antivirusprogramme:
Ich habe in den Logs festgestellt, dass auf diesem Rechner mehr als ein Antivirusprogramm mit Echtzeitschutz installiert ist.
Das erzeugt antagonistische Effekte und vermindert dadurch die Schutzleistung.
Die Sicherheit wird damit nicht erhöht.

Schritt 1

Bitte deinstalliere folgende Programme:

Java 7 Update 55
Java(TM) 6 Update 37
Java(TM) 7 Update 1
Ad-Aware Antivirus

Versuche es bei Windows 7

zunächst über Systemsteuerung/Programme deinstallieren.

Sollte das nicht gehen, lade Dir bitte Revo Uninstaller

hier herunter. Entpacke die zip-Datei auf den Desktop.

Starte die Revouninstaller.exe
Klicke auf Optionen und wähle als Sprache Deutsch.
Suche im Uninstallerfeld nach den oben angegebenen Programmen und wähle sie einzeln aus.
Klicke jedesmal auf Uninstall.
Wähle anschließend den Modus "Moderat" aus.
Reste löschen:
Klicke auf dann auf und dann auf .

Solltest Du ein Programm nicht finden oder nicht deinstallieren können, mache bitte mit dem nächsten Schritt weiter:

Schritt 2
Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Schritt 3
Bitte lade dir zoek.exe von hier: http://hijackthis.nl/smeenk/

Bitte deaktiviere während des Scans alle Virenscanner, da sie das Ergebnis beeinflussen können.
Starte die zoek.exe mit einem Doppelklick.
Achtung: Das folgende Skript wurde nur für diesen speziellen Fall geschrieben und sollte nicht 1:1 auf andere Computer übernommen werden.
Kopiere den Text der folgenden Box in das Skriptfenster von zoek:
Code:
ATTFilter
```
iedefaults;
FFdefaults;
CHRdefaults;
emptyclsid;
resethosts;
         
```
Nun klicke auf "Run script" und sei geduldig bis das Skript durchgelaufen ist.
Wenn das Tool fertig ist, wird sich eine Logdatei öffnen (ggf. erst nach einem Neustart). Das Log befindet sich aber auch noch unter c:
Bitte poste mir das ZOEK-Log (möglichst in CODE-Tags - #-Symbol im Antwortfenster klicken)

Schritt 4

Bitte starte FRST erneut, und drücke auf Scan.
Bitte poste mir den Inhalt des Logs.

dösen · 02.07.2014, 14:52

Code:

ATTFilter

# AdwCleaner v3.214 - Bericht erstellt am 02/07/2014 um 15:23:12
# Aktualisiert 29/06/2014 von Xplode
# Betriebssystem : Windows 7 Ultimate Service Pack 1 (64 bits)
# Benutzername : Doro Gabriel - DOROGABRIEL-PC
# Gestartet von : C:\Users\Doro Gabriel\Desktop\adwcleaner_3.214.exe
# Option : Löschen

***** [ Dienste ] *****

Dienst Gelöscht : IePluginServices
[#] Dienst Gelöscht : Update WebSpades
[#] Dienst Gelöscht : Util WebSpades

***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\ProgramData\IePluginServices
Ordner Gelöscht : C:\ProgramData\Search Protection
Ordner Gelöscht : C:\Program Files (x86)\globalUpdate
Ordner Gelöscht : C:\Program Files (x86)\SupTab
Ordner Gelöscht : C:\Program Files (x86)\Toolbar Cleaner
Ordner Gelöscht : C:\Program Files (x86)\vShare.tv plugin
[!] Ordner Gelöscht : C:\Program Files (x86)\WebSpades
Ordner Gelöscht : C:\Users\Doro Gabriel\AppData\Local\globalUpdate
Ordner Gelöscht : C:\Users\DOROGA~1\AppData\Local\Temp\WebSpades
Ordner Gelöscht : C:\Users\Doro Gabriel\AppData\LocalLow\adawaretb
Ordner Gelöscht : C:\Users\Doro Gabriel\AppData\Roaming\Babylon
Ordner Gelöscht : C:\Users\Doro Gabriel\AppData\Roaming\dvdvideosoftiehelpers
Ordner Gelöscht : C:\Users\Doro Gabriel\AppData\Roaming\OpenCandy
Ordner Gelöscht : C:\Users\Doro Gabriel\AppData\Roaming\SecureSearch
Ordner Gelöscht : C:\Users\Doro Gabriel\AppData\Roaming\SupTab
Ordner Gelöscht : C:\Users\Doro Gabriel\AppData\Roaming\Mozilla\Firefox\Profiles\9io3wi8p.default\adawaretb
Ordner Gelöscht : C:\Users\Doro Gabriel\AppData\Roaming\Mozilla\Firefox\Profiles\9io3wi8p.default\Extensions\faststartff@gmail.com
Datei Gelöscht : C:\Users\DOROGA~1\AppData\Local\Temp\Uninstall.exe
Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\Plugins\npvsharetvplg.dll
Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\adawaretb.xml
Datei Gelöscht : C:\Users\Doro Gabriel\AppData\Roaming\Mozilla\Firefox\Profiles\9io3wi8p.default\searchplugins\Web Search.xml
Datei Gelöscht : C:\Users\Doro Gabriel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
Datei Gelöscht : C:\Users\Doro Gabriel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal

***** [ Verknüpfungen ] *****

Verknüpfung Desinfiziert : C:\Users\Public\Desktop\Mozilla Firefox.lnk
Verknüpfung Desinfiziert : C:\Users\Doro Gabriel\Desktop\Google Chrome.lnk
Verknüpfung Desinfiziert : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
Verknüpfung Desinfiziert : C:\Users\Doro Gabriel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Verknüpfung Desinfiziert : C:\Users\Doro Gabriel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
Verknüpfung Desinfiziert : C:\Users\Doro Gabriel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Verknüpfung Desinfiziert : C:\Users\Doro Gabriel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Verknüpfung Desinfiziert : C:\Users\Doro Gabriel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
Verknüpfung Desinfiziert : C:\Users\Doro Gabriel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk
Verknüpfung Desinfiziert : C:\Users\Doro Gabriel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk

***** [ Registrierungsdatenbank ] *****

Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [faststartff@gmail.com]
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\kpionmjnkbpcdpcflammlgllecmejgjj
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\MyNewsBarLauncher.IE5BarLauncher
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\MyNewsBarLauncher.IE5BarLauncher.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASMANCS
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Search Protection]
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_per_bit-che_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_per_bit-che_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{8F97BFF8-488B-4107-BCEE-B161AB4E4183}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A1B48071-416D-474E-A13B-BE5456E7FC31}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A1CCCE0D-AE21-42A2-BE58-8E6109410995}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CD4D7B0F-45C6-4bb2-A1E7-54D1754E7FC5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A1B48071-416D-474E-A13B-BE5456E7FC31}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F97BFF8-488B-4107-BCEE-B161AB4E4183}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F97BFF8-488B-4107-BCEE-B161AB4E4183}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A1B48071-416D-474E-A13B-BE5456E7FC31}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4250488A-CB24-0893-C066-B1AEA57BCFF2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{62155D33-3CE2-401E-8967-5A270628A3D5}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Wert Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{62155D33-3CE2-401E-8967-5A270628A3D5}
Daten Wiederhergestellt : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Schlüssel Gelöscht : HKCU\Software\1ClickDownload
Schlüssel Gelöscht : HKCU\Software\SmartBar
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\StartSearch
Schlüssel Gelöscht : HKCU\Software\vShare.tv
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\adawarebp
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Crossrider
Schlüssel Gelöscht : HKLM\Software\adawaretb
Schlüssel Gelöscht : HKLM\Software\Babylon
Schlüssel Gelöscht : HKLM\Software\SupDp
Schlüssel Gelöscht : HKLM\Software\SupTab
Schlüssel Gelöscht : HKLM\Software\Toolbar Cleaner
Schlüssel Gelöscht : HKLM\Software\Wpm
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Toolbar Cleaner
Daten Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SupTab\SEARCH~2.DLL

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17126

Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Search Bar]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [SearchAssistant]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [Default]

-\\ Mozilla Firefox v27.0.1 (de)

[ Datei : C:\Users\Doro Gabriel\AppData\Roaming\Mozilla\Firefox\Profiles\9io3wi8p.default\prefs.js ]

Zeile gelöscht : user_pref("browser.newtab.url", "hxxp://isearch.omiga-plus.com/newtab/?type=nt&ts=1404258177&from=ild&uid=WDCXWD5000BEVT-22A0RT0_WD-WX71C90V9560V9560");
Zeile gelöscht : user_pref("browser.search.defaultengine", "Web Search");
Zeile gelöscht : user_pref("browser.search.order.1", "Web Search");
Zeile gelöscht : user_pref("browser.startup.homepage", "hxxp://isearch.omiga-plus.com/?type=hp&ts=1404258177&from=ild&uid=WDCXWD5000BEVT-22A0RT0_WD-WX71C90V9560V9560");
Zeile gelöscht : user_pref("extensions.enabledItems", "{e0238ae8-dfed-4c5f-9183-fc72878505b4}:1.0,helperbar@helperbar.com:1.0,{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:5.6.0.8442,{dd05fd3d-18df-4ce4-ae53-e795339c5f01}:1.[...]
Zeile gelöscht : user_pref("keyword.URL", "hxxp://feed.snapdo.com/?publisher=SnapdoEMonYB&dpid=SnapdoEMonYB&co=AT&userid=e0238ae8-dfed-4c5f-9183-fc72878505b4&searchtype=ds&installDate=05/07/2013&q=");
Zeile gelöscht : user_pref("vshare.install.date", "1313338946");
Zeile gelöscht : user_pref("vshare.install.finished", "1.0.0");
Zeile gelöscht : user_pref("vshare.install.fresh", "false");
Zeile gelöscht : user_pref("vshare.install.guid", "{6ad08cbd-a92a-48df-bac6-061b675ef822}");
Zeile gelöscht : user_pref("vshare.install.newtab", false);

-\\ Google Chrome v

[ Datei : C:\Users\Doro Gabriel\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Gelöscht [Search Provider] : hxxp://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=AT&userid=73a88569-ea74-4edd-a35a-82777fac0bb4&searchtype=ds&q={searchTerms}
Gelöscht [Search Provider] : hxxp://feed.snapdo.com/?publisher=SnapdoEMonYB&dpid=SnapdoEMonYB&co=AT&userid=e0238ae8-dfed-4c5f-9183-fc72878505b4&searchtype=ds&q={searchTerms}&installDate=05/07/2013
Gelöscht [Search Provider] : hxxp://isearch.omiga-plus.com/web/?type=dspp&ts=1404295825&from=ild&uid=WDCXWD5000BEVT-22A0RT0_WD-WX71C90V9560V9560&q={searchTerms}
Gelöscht [Startup_urls] : hxxp://feed.snapdo.com/?publisher=SnapdoEMonYB&dpid=SnapdoEMonYB&co=AT&userid=e0238ae8-dfed-4c5f-9183-fc72878505b4&searchtype=hp&installDate=05/07/2013
Gelöscht [Startup_urls] : hxxp://isearch.omiga-plus.com/?type=hp&ts=1404258177&from=ild&uid=WDCXWD5000BEVT-22A0RT0_WD-WX71C90V9560V9560
Gelöscht [Startup_urls] : hxxp://isearch.omiga-plus.com/?type=hppp&ts=1404295826&from=ild&uid=WDCXWD5000BEVT-22A0RT0_WD-WX71C90V9560V9560
Gelöscht [Extension] : bopakagnckmlgajfccecajhnimjiiedh
Gelöscht [Extension] : kpionmjnkbpcdpcflammlgllecmejgjj

*************************

AdwCleaner[R0].txt - [17272 octets] - [02/07/2014 15:22:36]
AdwCleaner[S0].txt - [14469 octets] - [02/07/2014 15:23:12]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [14530 octets] ##########

Code:

ATTFilter

Zoek.exe v5.0.0.0 Updated 30-06-2014
Tool run by Doro Gabriel on 02.07.2014 at 15:34:33,53.
Microsoft Windows 7 Ultimate  6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Doro Gabriel\Desktop\zoek.exe [Scan all users] [Script inserted] 

==== System Restore Info ======================

02.07.2014 15:37:04 Zoek.exe System Restore Point Created Succesfully.

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3542374432-354979354-222888450-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DBC80044-A445-435b-BC74-9C25C1C588A9} deleted successfully
HKEY_USERS\S-1-5-21-3542374432-354979354-222888450-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DBC80044-A445-435b-BC74-9C25C1C588A9} deleted successfully
HKEY_USERS\S-1-5-21-3542374432-354979354-222888450-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} deleted successfully
HKEY_USERS\S-1-5-21-3542374432-354979354-222888450-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} deleted successfully

==== Deleting CLSID Registry Values ======================


==== FireFox Fix ======================

Deleted from C:\Users\DOROGA~1\AppData\Roaming\Mozilla\Firefox\Profiles\9io3wi8p.default\prefs.js:
user_pref("browser.search.defaultenginename", "omiga-plus");
user_pref("browser.search.selectedEngine", "omiga-plus");

Added to C:\Users\DOROGA~1\AppData\Roaming\Mozilla\Firefox\Profiles\9io3wi8p.default\prefs.js:
user_pref("browser.startup.homepage", "hxxp://www.google.com");
user_pref("browser.search.defaulturl", "hxxp://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "hxxp://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "hxxp://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}"="C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}" [28.03.2011 19:28]
[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
"{e4f94d1e-2f53-401e-8885-681602c0ddd8}"="C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi" [04.04.2014 12:36]

==== Firefox Extensions ======================

ProfilePath: C:\Users\DOROGA~1\AppData\Roaming\Mozilla\Firefox\Profiles\9io3wi8p.default
- vshare Add-On - C:\Users\Doro Gabriel\AppData\Roaming\Mozilla\Firefox\Profiles\9io3wi8p.default\extensions\{dd05fd3d-18df-4ce4-ae53-e795339c5f01}
- Undetermined - C:\Users\Doro Gabriel\AppData\Roaming\Mozilla\Firefox\Profiles\9io3wi8p.default\extensions\fca3238e-0f52-4634-8e93-c36d211b2ea9@c1c012cf-93b0-488e-a2c5-453d23bec199.com
- Undetermined - C:\Users\Doro Gabriel\AppData\Roaming\Mozilla\Firefox\Profiles\9io3wi8p.default\extensions\faststartff@gmail.com
- Undetermined - %ProfilePath%\extensions\{87934c42-161d-45bc-8cef-ef18abe2a30c}
- vshare Add-On - %ProfilePath%\extensions\{dd05fd3d-18df-4ce4-ae53-e795339c5f01}

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Skype Click to Call - %AppDir%\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
- Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
- Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Doro Gabriel\AppData\Roaming\Mozilla\Firefox\Profiles\9io3wi8p.default
FB5621842FDABF9F8359775573498FBC	- C:\Users\Doro Gabriel\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll -	Google Update
A58DE0A570148AF5FF3512B2A340D09F	- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll -	Shockwave Flash
ACEC2CF02B014071EC47CD37CEBD8199	- C:\Users\Doro Gabriel\AppData\Roaming\TorrentStream\player\npts_plugin.dll -	Torrent Stream P2P Multimedia Plug-in 2


==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Bar"="hxxp://www.google.com"
"Use Search Asst"="yes"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl]
"Default"="hxxp://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchUrl]
"Default"="hxxp://www.google.com"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"Default"="hxxp://www.google.com"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="hxxp://www.google.com"
"SearchAssistant"="hxxp://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="hxxp://go.microsoft.com/fwlink/?LinkId=69157"
"Use Search Asst"="no"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="hxxp://search.msn.com/results.asp?q=%s"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="hxxp://search.msn.com/results.asp?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="hxxp://search.msn.com/results.asp?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="hxxp://go.microsoft.com/fwlink/?LinkId=54896"
"SearchAssistant"="hxxp://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"

==== Reset Google Chrome ======================

C:\Users\Doro Gabriel\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Doro Gabriel\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=0 folders=0 0 bytes)

==== After Reboot ======================

==== Reset Hosts File ======================

Hosts File Reset Successfully

==== EOF on 02.07.2014 at 15:40:24,70 ======================

Ob das zoek richtig gearbeitet hat, weiß ich nicht genau, hab's nicht geschafft rechtzeitig das Avira zu beenden. Aber zumindest chrome ist schon mal ads-frei!!

Ich starte jetzt noch den frst scan!

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-07-2014
Ran by Doro Gabriel (administrator) on DOROGABRIEL-PC on 02-07-2014 15:50:39
Running from C:\Users\Doro Gabriel\Desktop
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Egis Technology Inc.) C:\Program Files (x86)\Acer Bio Protection\CompPtcVUI.exe
(Fuyu LIMITED) C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Egis Technology Inc.) C:\Program Files (x86)\Acer Bio Protection\BASVC.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
(Akamai Technologies, Inc.) C:\Users\Doro Gabriel\AppData\Local\Akamai\netsession_win.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Akamai Technologies, Inc.) C:\Users\Doro Gabriel\AppData\Local\Akamai\netsession_win.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Spotify Ltd) C:\Users\Doro Gabriel\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(WIBU-SYSTEMS AG) C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe
(Dropbox, Inc.) C:\Users\Doro Gabriel\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Egis Technology Inc.) C:\Program Files (x86)\Acer Bio Protection\PdtWzd.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Google Inc.) C:\Users\Doro Gabriel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Doro Gabriel\AppData\Local\Google\Chrome\Application\chrome.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Google Inc.) C:\Users\Doro Gabriel\AppData\Local\Google\Chrome\Application\chrome.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\ipmgui.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Google Inc.) C:\Users\Doro Gabriel\AppData\Local\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-08-07] (Intel Corporation)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [323072 2009-10-01] (Alps Electric Co., Ltd.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8312352 2009-11-02] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1825064 2009-09-03] (Synaptics Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [IntelliPoint] => C:\Program Files\Microsoft IntelliPoint\ipoint.exe [2417032 2011-08-01] (Microsoft Corporation)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-11-12] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [VitaKeyPdtWzd] => C:\Program Files (x86)\Acer Bio Protection\PdtWzd.exe [3567616 2009-09-05] (Egis Technology Inc.)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [937920 2011-06-06] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-08-27] (Apple Inc.)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [163000 2012-12-12] (Geek Software GmbH)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [737872 2014-05-20] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-3542374432-354979354-222888450-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Doro Gabriel\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)
HKU\S-1-5-21-3542374432-354979354-222888450-1000\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [427520 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-3542374432-354979354-222888450-1000\...\Run: [Google Update] => C:\Users\Doro Gabriel\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-12-01] (Google Inc.)
HKU\S-1-5-21-3542374432-354979354-222888450-1000\...\Run: [Spotify Web Helper] => C:\Users\Doro Gabriel\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1168896 2013-12-15] (Spotify Ltd)
HKU\S-1-5-21-3542374432-354979354-222888450-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21444224 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-3542374432-354979354-222888450-1000\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [24474752 2014-06-05] (Google)
Lsa: [Notification Packages] C:\Program Files (x86)\Acer Bio Protection\PwdFilterV64
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Netzwerk Server.lnk
ShortcutTarget: Netzwerk Server.lnk -> C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe (WIBU-SYSTEMS AG)
Startup: C:\Users\Doro Gabriel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Doro Gabriel\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: GDriveBlacklistedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedEditOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedViewOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSyncedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSyncingOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: Symbol-Overlay-Steuerprogramm für AutoCAD Digitale Signaturen -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll (Autodesk, Inc.)
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 1 (GFS Unread Stub) -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 2 (GFS Stub) -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 2.5 (GFS Unread Folder) -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 3 (GFS Folder) -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 4 (GFS Unread Mark) -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://at.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xA75ACD8E1BBBCC01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-at
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
SearchScopes: HKLM-x32 - DefaultScope value is missing.
BHO-x32: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} -  No File
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

Hosts: Hosts file not detected in the default directory
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF ProfilePath: C:\Users\Doro Gabriel\AppData\Roaming\Mozilla\Firefox\Profiles\9io3wi8p.default
FF NewTab: hxxp://www.google.com/
FF DefaultSearchEngine: Google
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.com
FF Keyword.URL: hxxp://www.google.com/search?btnG=Google+Search&q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin - C:\Program Files (x86)\Java\jre6\bin\dtplugin\npDeployJava1.dll No File
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @veetle.com/veetleCorePlugin,version=0.9.18 - C:\Program Files (x86)\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF Plugin-x32: @veetle.com/veetlePlayerPlugin,version=0.9.18 - C:\Program Files (x86)\Veetle\Player\npvlc.dll (Veetle Inc)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Doro Gabriel\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Doro Gabriel\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @torrentstream.net/tsplugin,version=2.0.1 - C:\Users\Doro Gabriel\AppData\Roaming\TorrentStream\player\npts_plugin.dll (Innovative Digital Technologies)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npContribute.dll (Adobe Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\omiga-plus.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: No Name - C:\Users\Doro Gabriel\AppData\Roaming\Mozilla\Firefox\Profiles\9io3wi8p.default\Extensions\{87934c42-161d-45bc-8cef-ef18abe2a30c} [2014-07-02]
FF Extension: vshare Add-On - C:\Users\Doro Gabriel\AppData\Roaming\Mozilla\Firefox\Profiles\9io3wi8p.default\Extensions\{dd05fd3d-18df-4ce4-ae53-e795339c5f01} [2011-08-14]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-06-13]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2014-06-13]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2014-06-13]
FF HKLM-x32\...\Firefox\Extensions: [{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}] - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}
FF Extension: Adobe Contribute Toolbar - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9} [2011-03-28]
FF HKCU\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]

Chrome: 
=======
CHR Extension: (Google Docs) - C:\Users\Doro Gabriel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-07-02]
CHR Extension: (Google Drive) - C:\Users\Doro Gabriel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-07-02]
CHR Extension: (YouTube) - C:\Users\Doro Gabriel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-06-05]
CHR Extension: (Google-Suche) - C:\Users\Doro Gabriel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-06-05]
CHR Extension: (Google Wallet) - C:\Users\Doro Gabriel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR Extension: (TS Magic Player) - C:\Users\Doro Gabriel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ochbjojkpcmlfeagbaahkofepalngihg [2014-07-02]
CHR Extension: (Google Mail) - C:\Users\Doro Gabriel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-06-05]
CHR HKCU\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\DOROGA~1\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2014-06-26]
CHR HKCU\...\Chrome\Extension: [ochbjojkpcmlfeagbaahkofepalngihg] - C:\Users\Doro Gabriel\AppData\Roaming\TorrentStream\extensions\chrome\magicplayer.crx [2012-11-05]
CHR StartMenuInternet: Google Chrome - C:\Users\Doro Gabriel\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-05-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-05-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1039440 2014-05-20] (Avira Operations GmbH & Co. KG)
R2 IGBASVC; C:\Program Files (x86)\Acer Bio Protection\BASVC.exe [3450368 2009-09-05] (Egis Technology Inc.) [File not signed]
S3 InstallShield Licensing Service; C:\Program Files (x86)\Common Files\InstallShield Shared\Service\InstallShield Licensing Service.exe [78536 2011-10-17] (Macrovision                                                    )
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
S2 mi-raysat_3dsmax2012_64; C:\Program Files\Autodesk\3ds Max Design 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe [86016 2011-02-22] () [File not signed]
S4 msvsmon90; C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe [4737024 2008-07-29] (Microsoft Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-07-01] ()
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [535936 2014-07-02] (Fuyu LIMITED)
S3 McNeelUpdates64; "C:\Program Files (x86)\Rhinoceros 4.0\System\RhinoVersionCheckSvc64.exe" [X]

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [112080 2014-05-20] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-05-20] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-14] (Avira Operations GmbH & Co. KG)
R0 johci; C:\Windows\System32\DRIVERS\johci.sys [20392 2009-09-21] (JMicron )
R2 WIBUKEY; C:\Windows\System32\DRIVERS\WibuKey64.sys [103224 2009-12-03] (WIBU-SYSTEMS AG)
R1 {2635ac50-5488-40bf-9bfd-accb158f8f3f}w64; C:\Windows\System32\drivers\{2635ac50-5488-40bf-9bfd-accb158f8f3f}w64.sys [61120 2014-06-26] (StdLib)
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2030-08-29 15:22 - 2030-08-29 15:22 - 00143872 ____N (Intel Corporation) C:\Windows\SysWOW64\iacenc.dll
2030-08-29 15:22 - 2030-08-29 15:22 - 00056832 ____N () C:\Windows\SysWOW64\iyvu9_32.dll
2014-07-02 15:38 - 2014-07-02 15:33 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-07-02 15:36 - 2014-07-02 15:40 - 00007523 _____ () C:\zoek-results.log
2014-07-02 15:33 - 2014-07-02 15:33 - 00000000 ____D () C:\zoek_backup
2014-07-02 15:32 - 2014-07-02 15:33 - 01285120 _____ () C:\Users\Doro Gabriel\Desktop\zoek.exe
2014-07-02 15:22 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-07-02 15:21 - 2014-07-02 15:23 - 00000000 ____D () C:\AdwCleaner
2014-07-02 15:21 - 2014-07-02 15:21 - 01346519 _____ () C:\Users\Doro Gabriel\Desktop\adwcleaner_3.214.exe
2014-07-02 14:05 - 2014-07-02 14:06 - 00059170 _____ () C:\Users\Doro Gabriel\Desktop\Addition.txt
2014-07-02 14:04 - 2014-07-02 15:50 - 00022034 _____ () C:\Users\Doro Gabriel\Desktop\FRST.txt
2014-07-02 14:04 - 2014-07-02 15:50 - 00000000 ____D () C:\FRST
2014-07-02 14:03 - 2014-07-02 14:03 - 02083840 _____ (Farbar) C:\Users\Doro Gabriel\Desktop\FRST64.exe
2014-07-02 13:20 - 2014-07-02 15:19 - 00000000 ____D () C:\Users\Doro Gabriel\AppData\Roaming\Lavasoft
2014-07-02 12:11 - 2014-07-02 12:11 - 00000000 ____D () C:\Users\Doro Gabriel\AppData\Roaming\LavasoftStatistics
2014-07-02 12:11 - 2014-07-02 12:11 - 00000000 ____D () C:\Program Files\Lavasoft
2014-07-02 12:10 - 2014-07-02 12:10 - 00000000 ____D () C:\Program Files (x86)\Lavasoft
2014-07-02 12:07 - 2014-07-02 12:07 - 01707144 _____ () C:\Users\Doro Gabriel\Downloads\Adaware112_Installer.exe
2014-07-02 12:07 - 2014-07-02 12:07 - 00000000 ____D () C:\ProgramData\Lavasoft
2014-07-02 11:24 - 2014-06-26 16:49 - 00061120 _____ (StdLib) C:\Windows\system32\Drivers\{2635ac50-5488-40bf-9bfd-accb158f8f3f}w64.sys
2014-07-02 01:43 - 2014-07-02 01:43 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2014-07-02 01:42 - 2014-07-02 15:23 - 00000000 ____D () C:\Program Files (x86)\WebSpades
2014-07-01 16:57 - 2014-07-01 17:02 - 00282104 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr
2014-07-01 16:56 - 2014-07-01 16:56 - 00000000 ____D () C:\Users\Doro Gabriel\AppData\Local\PunkBuster
2014-07-01 16:54 - 2014-07-01 17:07 - 00000000 ____D () C:\Users\Doro Gabriel\Documents\Battlefield Play4Free
2014-07-01 16:36 - 2014-07-01 17:02 - 00282104 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-07-01 16:36 - 2014-07-01 17:02 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-07-01 16:36 - 2014-07-01 16:36 - 00000000 ____D () C:\Users\Doro Gabriel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\EA Games
2014-07-01 16:08 - 2014-07-01 16:08 - 00000000 ____D () C:\Program Files (x86)\EA Games
2014-06-26 16:40 - 2014-07-02 15:43 - 00000000 ___RD () C:\Users\Doro Gabriel\Google Drive
2014-06-26 16:40 - 2014-06-26 16:40 - 00001734 _____ () C:\Users\Doro Gabriel\Desktop\Google Drive.lnk
2014-06-26 16:39 - 2014-06-26 16:39 - 00002049 _____ () C:\Users\Public\Desktop\Google Slides.lnk
2014-06-26 16:39 - 2014-06-26 16:39 - 00002047 _____ () C:\Users\Public\Desktop\Google Sheets.lnk
2014-06-26 16:39 - 2014-06-26 16:39 - 00002037 _____ () C:\Users\Public\Desktop\Google Docs.lnk
2014-06-26 16:39 - 2014-06-26 16:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2014-06-26 16:38 - 2014-06-26 16:38 - 00895120 _____ (Google Inc.) C:\Users\Doro Gabriel\Downloads\googledrivesync.exe
2014-06-24 19:57 - 2014-06-24 19:57 - 00275664 _____ () C:\Windows\Minidump\062414-35552-01.dmp
2014-06-21 15:02 - 2014-06-21 15:02 - 00372704 _____ () C:\Windows\Minidump\062114-34257-01.dmp
2014-06-21 14:52 - 2014-06-21 14:52 - 00275664 _____ () C:\Windows\Minidump\062114-37190-01.dmp
2014-06-20 23:41 - 2014-06-20 23:41 - 00000000 _____ () C:\Users\Doro Gabriel\AppData\Local\{1CCA130F-AF98-456E-BA93-0D01C02EAE30}
2014-06-13 11:55 - 2014-06-13 11:55 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-11 23:29 - 2014-06-11 23:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2014-06-11 23:29 - 2014-06-11 23:29 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-06-11 11:03 - 2014-03-26 16:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-06-11 11:03 - 2014-03-26 16:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-06-11 11:03 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-06-11 11:03 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-06-11 11:03 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-06-11 11:03 - 2014-03-26 16:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-06-11 11:03 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2014-06-11 11:03 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-06-11 11:02 - 2014-05-30 12:21 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-11 11:02 - 2014-05-30 12:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-11 11:02 - 2014-05-30 12:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-06-11 11:02 - 2014-05-30 11:45 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-11 11:02 - 2014-05-30 11:39 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-11 11:02 - 2014-05-30 11:39 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-11 11:02 - 2014-05-30 11:38 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-06-11 11:02 - 2014-05-30 11:28 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-11 11:02 - 2014-05-30 11:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-11 11:02 - 2014-05-30 11:24 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-11 11:02 - 2014-05-30 11:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-11 11:02 - 2014-05-30 11:21 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-06-11 11:02 - 2014-05-30 11:20 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-06-11 11:02 - 2014-05-30 11:18 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-11 11:02 - 2014-05-30 11:11 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-06-11 11:02 - 2014-05-30 11:08 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-11 11:02 - 2014-05-30 11:06 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-11 11:02 - 2014-05-30 11:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-11 11:02 - 2014-05-30 10:55 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-06-11 11:02 - 2014-05-30 10:49 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-11 11:02 - 2014-05-30 10:46 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-11 11:02 - 2014-05-30 10:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-06-11 11:02 - 2014-05-30 10:44 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-11 11:02 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-06-11 11:02 - 2014-05-30 10:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-06-11 11:02 - 2014-05-30 10:38 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-11 11:02 - 2014-05-30 10:35 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-11 11:02 - 2014-05-30 10:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-11 11:02 - 2014-05-30 10:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-11 11:02 - 2014-05-30 10:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-06-11 11:02 - 2014-05-30 10:29 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-11 11:02 - 2014-05-30 10:28 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-06-11 11:02 - 2014-05-30 10:27 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-06-11 11:02 - 2014-05-30 10:24 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-06-11 11:02 - 2014-05-30 10:23 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-11 11:02 - 2014-05-30 10:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-11 11:02 - 2014-05-30 10:10 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-06-11 11:02 - 2014-05-30 10:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-11 11:02 - 2014-05-30 10:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-11 11:02 - 2014-05-30 10:02 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-11 11:02 - 2014-05-30 09:56 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-11 11:02 - 2014-05-30 09:56 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-11 11:02 - 2014-05-30 09:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-11 11:02 - 2014-05-30 09:50 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-06-11 11:02 - 2014-05-30 09:49 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-11 11:02 - 2014-05-30 09:43 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-11 11:02 - 2014-05-30 09:40 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-11 11:02 - 2014-05-30 09:30 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-11 11:02 - 2014-05-30 09:21 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-11 11:02 - 2014-05-30 09:15 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-11 11:02 - 2014-05-30 09:13 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-06-11 11:02 - 2014-05-30 09:13 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-06-11 11:02 - 2014-05-08 11:32 - 01112064 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-06-11 11:02 - 2014-04-25 04:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-06-11 11:02 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-06-11 11:02 - 2014-04-05 04:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-11 11:02 - 2014-04-05 04:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-06-11 11:02 - 2013-11-26 13:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-06-10 21:34 - 2014-06-10 21:34 - 00090624 _____ () C:\Users\Doro Gabriel\Downloads\WM 2014 Tippspiel DEU.xlt
2014-06-03 10:09 - 2014-06-03 10:09 - 00013221 _____ () C:\Users\Doro Gabriel\Downloads\Stückliste Papper Brillen mit Kodierung.xlsx

==================== One Month Modified Files and Folders =======

2030-08-29 15:22 - 2030-08-29 15:22 - 00143872 ____N (Intel Corporation) C:\Windows\SysWOW64\iacenc.dll
2030-08-29 15:22 - 2030-08-29 15:22 - 00056832 ____N () C:\Windows\SysWOW64\iyvu9_32.dll
2014-07-02 15:51 - 2014-07-02 14:04 - 00022034 _____ () C:\Users\Doro Gabriel\Desktop\FRST.txt
2014-07-02 15:50 - 2014-07-02 14:04 - 00000000 ____D () C:\FRST
2014-07-02 15:47 - 2012-12-01 05:02 - 00001148 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3542374432-354979354-222888450-1000UA.job
2014-07-02 15:46 - 2011-03-20 12:33 - 00000000 ____D () C:\Users\Doro Gabriel\AppData\Roaming\Skype
2014-07-02 15:46 - 2009-07-14 19:58 - 00697082 _____ () C:\Windows\system32\perfh007.dat
2014-07-02 15:46 - 2009-07-14 19:58 - 00148346 _____ () C:\Windows\system32\perfc007.dat
2014-07-02 15:46 - 2009-07-14 07:13 - 01613340 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-02 15:44 - 2012-10-11 16:55 - 00000000 ___RD () C:\Users\Doro Gabriel\Dropbox
2014-07-02 15:44 - 2012-10-11 16:49 - 00000000 ____D () C:\Users\Doro Gabriel\AppData\Roaming\Dropbox
2014-07-02 15:43 - 2014-06-26 16:40 - 00000000 ___RD () C:\Users\Doro Gabriel\Google Drive
2014-07-02 15:43 - 2014-05-16 10:27 - 00000000 ____D () C:\Users\Doro Gabriel\AppData\Roaming\DropboxMaster
2014-07-02 15:40 - 2014-07-02 15:36 - 00007523 _____ () C:\zoek-results.log
2014-07-02 15:39 - 2011-03-27 23:28 - 00001118 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-02 15:39 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-02 15:39 - 2009-07-14 06:51 - 00001757 _____ () C:\Windows\setupact.log
2014-07-02 15:38 - 2011-03-19 19:01 - 01473518 _____ () C:\Windows\WindowsUpdate.log
2014-07-02 15:38 - 2009-07-14 06:45 - 00019840 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-02 15:38 - 2009-07-14 06:45 - 00019840 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-02 15:33 - 2014-07-02 15:38 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-07-02 15:33 - 2014-07-02 15:33 - 00000000 ____D () C:\zoek_backup
2014-07-02 15:33 - 2014-07-02 15:32 - 01285120 _____ () C:\Users\Doro Gabriel\Desktop\zoek.exe
2014-07-02 15:33 - 2012-05-03 19:13 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-02 15:27 - 2012-06-05 02:16 - 00001548 _____ () C:\Users\Doro Gabriel\Desktop\Google Chrome.lnk
2014-07-02 15:25 - 2011-03-21 21:22 - 00166178 _____ () C:\Windows\PFRO.log
2014-07-02 15:23 - 2014-07-02 15:21 - 00000000 ____D () C:\AdwCleaner
2014-07-02 15:23 - 2014-07-02 01:42 - 00000000 ____D () C:\Program Files (x86)\WebSpades
2014-07-02 15:23 - 2012-06-05 02:16 - 00000000 ____D () C:\Users\Doro Gabriel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-07-02 15:23 - 2012-01-27 19:17 - 00001068 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-07-02 15:23 - 2011-03-19 23:08 - 00001056 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-07-02 15:23 - 2011-03-19 19:06 - 00001016 _____ () C:\Users\Doro Gabriel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-07-02 15:23 - 2009-07-14 04:34 - 00000580 _____ () C:\Windows\win.ini
2014-07-02 15:21 - 2014-07-02 15:21 - 01346519 _____ () C:\Users\Doro Gabriel\Desktop\adwcleaner_3.214.exe
2014-07-02 15:19 - 2014-07-02 13:20 - 00000000 ____D () C:\Users\Doro Gabriel\AppData\Roaming\Lavasoft
2014-07-02 14:06 - 2014-07-02 14:05 - 00059170 _____ () C:\Users\Doro Gabriel\Desktop\Addition.txt
2014-07-02 14:03 - 2014-07-02 14:03 - 02083840 _____ (Farbar) C:\Users\Doro Gabriel\Desktop\FRST64.exe
2014-07-02 12:39 - 2011-03-27 23:28 - 00001122 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-02 12:11 - 2014-07-02 12:11 - 00000000 ____D () C:\Users\Doro Gabriel\AppData\Roaming\LavasoftStatistics
2014-07-02 12:11 - 2014-07-02 12:11 - 00000000 ____D () C:\Program Files\Lavasoft
2014-07-02 12:10 - 2014-07-02 12:10 - 00000000 ____D () C:\Program Files (x86)\Lavasoft
2014-07-02 12:07 - 2014-07-02 12:07 - 01707144 _____ () C:\Users\Doro Gabriel\Downloads\Adaware112_Installer.exe
2014-07-02 12:07 - 2014-07-02 12:07 - 00000000 ____D () C:\ProgramData\Lavasoft
2014-07-02 01:43 - 2014-07-02 01:43 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2014-07-01 19:46 - 2012-12-01 05:02 - 00001096 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3542374432-354979354-222888450-1000Core.job
2014-07-01 17:07 - 2014-07-01 16:54 - 00000000 ____D () C:\Users\Doro Gabriel\Documents\Battlefield Play4Free
2014-07-01 17:02 - 2014-07-01 16:57 - 00282104 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr
2014-07-01 17:02 - 2014-07-01 16:36 - 00282104 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-07-01 17:02 - 2014-07-01 16:36 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-07-01 16:56 - 2014-07-01 16:56 - 00000000 ____D () C:\Users\Doro Gabriel\AppData\Local\PunkBuster
2014-07-01 16:36 - 2014-07-01 16:36 - 00000000 ____D () C:\Users\Doro Gabriel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\EA Games
2014-07-01 16:33 - 2011-04-25 20:37 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-07-01 16:08 - 2014-07-01 16:08 - 00000000 ____D () C:\Program Files (x86)\EA Games
2014-06-29 16:21 - 2013-12-03 23:06 - 10520227 _____ () C:\Users\Doro Gabriel\Desktop\RhinoCrashDump.dmp
2014-06-27 15:26 - 2011-03-19 20:04 - 00002562 _____ () C:\Windows\diagwrn.xml
2014-06-27 15:26 - 2011-03-19 20:04 - 00001908 _____ () C:\Windows\diagerr.xml
2014-06-27 15:26 - 2009-07-14 06:51 - 00000000 _____ () C:\Windows\setuperr.log
2014-06-26 16:49 - 2014-07-02 11:24 - 00061120 _____ (StdLib) C:\Windows\system32\Drivers\{2635ac50-5488-40bf-9bfd-accb158f8f3f}w64.sys
2014-06-26 16:40 - 2014-06-26 16:40 - 00001734 _____ () C:\Users\Doro Gabriel\Desktop\Google Drive.lnk
2014-06-26 16:40 - 2011-03-19 19:06 - 00000000 ____D () C:\Users\Doro Gabriel
2014-06-26 16:39 - 2014-06-26 16:39 - 00002049 _____ () C:\Users\Public\Desktop\Google Slides.lnk
2014-06-26 16:39 - 2014-06-26 16:39 - 00002047 _____ () C:\Users\Public\Desktop\Google Sheets.lnk
2014-06-26 16:39 - 2014-06-26 16:39 - 00002037 _____ () C:\Users\Public\Desktop\Google Docs.lnk
2014-06-26 16:39 - 2014-06-26 16:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2014-06-26 16:39 - 2011-03-27 23:28 - 00000000 ____D () C:\Users\Doro Gabriel\AppData\Local\Google
2014-06-26 16:39 - 2011-03-27 23:28 - 00000000 ____D () C:\Program Files (x86)\Google
2014-06-26 16:38 - 2014-06-26 16:38 - 00895120 _____ (Google Inc.) C:\Users\Doro Gabriel\Downloads\googledrivesync.exe
2014-06-24 19:57 - 2014-06-24 19:57 - 00275664 _____ () C:\Windows\Minidump\062414-35552-01.dmp
2014-06-24 19:57 - 2011-12-16 11:44 - 533557498 _____ () C:\Windows\MEMORY.DMP
2014-06-24 19:57 - 2011-12-16 11:44 - 00000000 ____D () C:\Windows\Minidump
2014-06-21 15:02 - 2014-06-21 15:02 - 00372704 _____ () C:\Windows\Minidump\062114-34257-01.dmp
2014-06-21 14:52 - 2014-06-21 14:52 - 00275664 _____ () C:\Windows\Minidump\062114-37190-01.dmp
2014-06-21 14:52 - 2012-04-27 18:33 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-06-20 23:41 - 2014-06-20 23:41 - 00000000 _____ () C:\Users\Doro Gabriel\AppData\Local\{1CCA130F-AF98-456E-BA93-0D01C02EAE30}
2014-06-19 19:42 - 2012-12-01 05:02 - 00004132 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3542374432-354979354-222888450-1000UA
2014-06-19 19:42 - 2012-12-01 05:02 - 00003736 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3542374432-354979354-222888450-1000Core
2014-06-19 19:34 - 2011-03-27 23:28 - 00004118 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-19 19:33 - 2011-03-27 23:28 - 00003866 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-16 00:00 - 2011-04-20 21:21 - 00000000 ____D () C:\Users\Doro Gabriel\AppData\Local\PokerStars
2014-06-13 11:55 - 2014-06-13 11:55 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-12 17:36 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-06-12 10:46 - 2012-10-11 16:55 - 00001052 _____ () C:\Users\Doro Gabriel\Desktop\Dropbox.lnk
2014-06-12 10:46 - 2012-10-11 16:54 - 00000000 ____D () C:\Users\Doro Gabriel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-06-12 10:45 - 2011-03-20 12:33 - 00000000 ____D () C:\ProgramData\Skype
2014-06-12 10:44 - 2011-03-20 12:33 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-06-12 10:00 - 2013-08-15 14:04 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-12 09:57 - 2011-03-21 14:43 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-06-12 09:57 - 2011-03-19 21:22 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-06-11 23:29 - 2014-06-11 23:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2014-06-11 23:29 - 2014-06-11 23:29 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-06-11 23:29 - 2013-10-16 22:17 - 00001938 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2014-06-11 23:29 - 2011-03-19 23:17 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2014-06-10 21:34 - 2014-06-10 21:34 - 00090624 _____ () C:\Users\Doro Gabriel\Downloads\WM 2014 Tippspiel DEU.xlt
2014-06-03 10:09 - 2014-06-03 10:09 - 00013221 _____ () C:\Users\Doro Gabriel\Downloads\Stückliste Papper Brillen mit Kodierung.xlsx

Some content of TEMP:
====================
C:\Users\Doro Gabriel\AppData\Local\Temp\7za.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\9c6d3f6e-5287-47f7-875f-f02135fbba6a.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\AcDeltree.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\AskSLib.dll
C:\Users\Doro Gabriel\AppData\Local\Temp\avgnt.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\chutil.dll
C:\Users\Doro Gabriel\AppData\Local\Temp\contentDATs.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpqosnpe.dll
C:\Users\Doro Gabriel\AppData\Local\Temp\firefoxjre_exe.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\GUR8694.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\hijackthis.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\InstallAX.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\InstallPlugin.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\jre-1.6.0_20-windows-i586-iftw.exe_90744722.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\jre-6u20-windows-i586-jinstall_uac.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\jre-6u32-windows-i586-iftw.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\jre-6u33-windows-i586-iftw.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\jre-6u35-windows-i586-iftw.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\jre-6u37-windows-i586-iftw.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\jre-7u13-windows-i586-iftw.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\pdf24-creator-update.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\ptu2705_tmp.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\Quarantine.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\RhinoScriptEditor.dll
C:\Users\Doro Gabriel\AppData\Local\Temp\rhrdk_beta_20070402.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\SecurityScan_Release.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\sed.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\shortcut.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\SpotifyUpgrader.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\swxcacls.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\utt2A31.tmp.exe
C:\Users\Doro Gabriel\AppData\Local\Temp\_unps.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-06-28 00:17

==================== End Of Log ============================

--- --- ---

--- --- ---

deeprybka · 02.07.2014, 14:59

Schon OK....

Ich sehe leider nicht welche Version von Malwarebytes Du bereits hast. Ist es nicht die neueste, dann deinstalliere sie. Ansonsten analog ohne Download...

Schritt 1

Malwarebytes Antimalware

Download-Link
Installiere das Programm in den vorgegebenen Pfad.
Starte Malwarebytes' Anti-Malware (MBAM).
Sollte die Benutzeroberfläche noch in Englisch sein, klicke auf Settings und wähle bei Language Deutsch aus.
Unter Erkennung und Schutz setze bitte einen Haken bei "Suche nach Rootkits".
Klicke im Anschluss auf "Suchlauf", wähle den Bedrohungssuchlauf aus, aktualisiere die Datenbanken und klicke auf "Suchlauf jetzt starten".
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. (geht so...)
Poste mir den Inhalt der Logdatei (geht so...). Klicke dazu auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Suchlauf-Protokoll aus und klicke auf Ansicht. Klicke auf "In Zwischenablage kopieren" poste mir den Inhalt in Code-Tags als Antwort in den Thread.

Schritt 2

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Schritt 3

Bitte starte FRST erneut, markiere auch die checkbox

und drücke auf Scan.
Bitte poste mir den Inhalt der beiden Logs die erstellt werden.

Gibt es jetzt noch Probleme mit dem PC? Wenn ja, welche?

dösen · 02.07.2014, 17:53

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 02.07.2014
Suchlauf-Zeit: 16:33:59
Logdatei: 
Administrator: Ja

Version: 2.00.2.1012
Malware Datenbank: v2014.07.02.03
Rootkit Datenbank: v2014.07.01.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Self-protection: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Doro Gabriel

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 366806
Verstrichene Zeit: 29 Min, 35 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Heuristics: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 1
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe, 1428, Löschen bei Neustart, [df783466611ac175848eade2837edf21]

Module: 0
(No malicious items detected)

Registrierungsschlüssel: 8
PUP.Optional.WPM.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\WindowsMangerProtect, In Quarantäne, [df783466611ac175848eade2837edf21], 
PUP.Optional.WPM.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\WindowsMangerProtect, In Quarantäne, [df783466611ac175848eade2837edf21], 
PUP.Optional.Sanbreel.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\{2635ac50-5488-40bf-9bfd-accb158f8f3f}w64, In Quarantäne, [b2a511895229a591f5e168a2b54f47b9], 
PUP.Optional.ISearch.A, HKLM\SOFTWARE\WOW6432NODE\omiga-plusSoftware, In Quarantäne, [0f48d5c5dba06cca01f17989758fd42c], 
PUP.Optional.WPM.A, HKLM\SOFTWARE\WOW6432NODE\supWindowsMangerProtect, In Quarantäne, [61f617830f6c3600db3fc9428c785ea2], 
PUP.Optional.WebSpades.A, HKLM\SOFTWARE\WOW6432NODE\WebSpades, In Quarantäne, [e86fd4c63843c86e73512d95ab5746ba], 
PUP.Optional.HDvidCodec.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\HDvid-Codec V9.0, Löschen bei Neustart, [8acdddbda6d556e05ba69c32837f47b9], 
PUP.Optional.WebSpades.A, HKU\S-1-5-21-3542374432-354979354-222888450-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\WebSpades, Löschen bei Neustart, [391e82186714082e952e16ac25dd8f71], 

Registrierungswerte: 1
PUP.Optional.FastStart.A, HKU\S-1-5-21-3542374432-354979354-222888450-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MOZILLA\EXTENDS|appid, faststartff@gmail.com, Löschen bei Neustart, [3720ddbd9dde47efa503b6f922e0837d]

Registrierungsdaten: 1
PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Gut: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Schlecht: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),Ersetzt,[391ef2a8c7b487afea85741ba85c4db3]

Ordner: 3
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect, Löschen bei Neustart, [88cfc0da592251e5a738f5b9778bc739], 
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\log, In Quarantäne, [88cfc0da592251e5a738f5b9778bc739], 
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\update, In Quarantäne, [88cfc0da592251e5a738f5b9778bc739], 

Dateien: 12
PUP.Optional.Sanbreel.A, C:\Windows\System32\drivers\{2635ac50-5488-40bf-9bfd-accb158f8f3f}w64.sys, Löschen bei Neustart, [53cf0796c727185e3df42ee57ab86f57], 
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe, Löschen bei Neustart, [df783466611ac175848eade2837edf21], 
PUP.Optional.Babylon.A, C:\Users\Doro Gabriel\AppData\Local\Temp\953FF00F-BAB0-7891-B71F-81DC0EB9E7F1\Latest\BExternal.dll, In Quarantäne, [a6b14c4e81fa2b0b28d24fd3a35d02fe], 
Trojan.RotBrowse, C:\Users\Doro Gabriel\AppData\Local\Temp\953FF00F-BAB0-7891-B71F-81DC0EB9E7F1\Latest\ccp.dum, In Quarantäne, [7ed9e8b24239c67028bd82f92fd5a15f], 
PUP.Optional.Babylon.A, C:\Users\Doro Gabriel\AppData\Local\Temp\953FF00F-BAB0-7891-B71F-81DC0EB9E7F1\Latest\CrxInstaller.dum, In Quarantäne, [01566d2d4d2e63d3f80567b728d9ad53], 
PUP.Optional.Babylon.A, C:\Users\Doro Gabriel\AppData\Local\Temp\953FF00F-BAB0-7891-B71F-81DC0EB9E7F1\Latest\Setup.exe, In Quarantäne, [3720d0cae2991e1896dd6bb322ded729], 
PUP.Optional.Spigot.A, C:\Users\Doro Gabriel\Downloads\Setup-SopCast-3.8.3-2013-6-26.exe, In Quarantäne, [05528d0df08b76c0acf62505ac553fc1], 
PUP.Optional.MindSpark.A, C:\Users\Doro Gabriel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_allin1convert.dl.tb.ask.com_0.localstorage, In Quarantäne, [ed6a7b1f7308cc6af5c5efd0e71b758b], 
PUP.Optional.MindSpark.A, C:\Users\Doro Gabriel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_allin1convert.dl.tb.ask.com_0.localstorage-journal, In Quarantäne, [13445d3dea910a2c86340db251b15aa6], 
PUP.Optional.ISearch.A, C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\omiga-plus.xml, In Quarantäne, [72e5b8e281fa82b45eb846b4cf348f71], 
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\log\ProtectWindowsManager_2014-07-02[01-43-39-802].log, In Quarantäne, [88cfc0da592251e5a738f5b9778bc739], 
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\update\conf, In Quarantäne, [88cfc0da592251e5a738f5b9778bc739], 

Physische Sektoren: 0
(No malicious items detected)


(end)

Sieht aus als würde das mit dem ESET Onlinescan etwas länger dauern. Bin bei 1,5 h Laufzeit bei 14%. Ich werde dann die restlichen Logfiles hier posten. Danke schon mal für die Mühe!!

HD video codec download Trojaner?

Plagegeister aller Art und deren Bekämpfung: HD video codec download Trojaner?