Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Unerwünschte, leere Pop-up Fenster erscheinen und Wörter sind unterstrichen und verlinkt

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 24.05.2014, 19:13   #1
DJSpeedy
 
Unerwünschte, leere Pop-up Fenster erscheinen und Wörter sind unterstrichen und verlinkt - Standard

Unerwünschte, leere Pop-up Fenster erscheinen und Wörter sind unterstrichen und verlinkt



Hallo Leute,

ich bin mittlerweile relativ selten an meinem PC und habe ihm wenig Beachtung geschenkt.
Früher war ich täglich am PC und habe selber viel "rumgebastelt".
Ich konnte mir in jeder Situation immer weiterhelfen. Andere fragten mich sogar nach meine Rat bei Problemen.
Aber nun ist der knackpunkt gekommen, wo ich nicht wieter weiß.
Ich habe früher viele Programme downgeloaded und manche auch wieder gelöscht und bin davon ausgegangen, dass diese nun weg sind... nun ja anscheinend ist dies nicht der Fall.

Mein Problem:

Es öffnet sich immer wieder ein und die selbe Seite, wenn ich neue Tabs öffne (nicht immer):

hxxp://cdn.cloudwm.com/uploads/19/pop/pop.html?url=http%3A%2F%2F20d625b48e.se%2F%3Fplacement%3D400298%26redirect%26test

Außerdem sind an meinem Computer immer sehr viele Werbetafeln. Wörter sind unterstrichen und fährt man mit der Maus entlang, dann öffnen sich kleine Fenster.

Jetzt ist mir bewusst, dass so etwas nicht normal ist, sondern sogar schädlich. Ich möchte gerne wieder einen "gesunden" PC haben, deswegen bin ich hier.

Ich habe, in vorrigen Threads bereits gelesen, dass man ein paar Tools benutzen kann um raus zu finden was zu tun ist.
Habe bereits Malwarebytes runtergeladen mit Logfile.
FRST mit Logfile, JRT mit Logfile & ComboFix mit Logfile.

Vielleicht kann ja einer helfen.

Geändert von DJSpeedy (24.05.2014 um 19:18 Uhr)

Alt 24.05.2014, 19:20   #2
M-K-D-B
/// TB-Ausbilder
 
Unerwünschte, leere Pop-up Fenster erscheinen und Wörter sind unterstrichen und verlinkt - Standard

Unerwünschte, leere Pop-up Fenster erscheinen und Wörter sind unterstrichen und verlinkt






Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen.


Bitte beachte folgende Hinweise:
  • Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support unterbrechen bis jegliche Art von illegaler Software vom Rechner entfernt wurde.
  • Lies dir die Anleitungen sorgfältig durch. Solltest du Probleme haben, stoppe mit deiner Bearbeitung und beschreibe mir dein Problem so gut es geht.
  • Solltest du mir nicht innerhalb von 3 Tagen antworten, gehe ich davon aus, dass du keine Hilfe mehr benötigst. Dann lösche ich dein Thema aus meinem Abo.
    Solltest du einmal länger abwesend sein, so gib mir bitte Bescheid!
  • Während der Bereinigung bitte nichts installieren oder deinstallieren, außer ich bitte dich darum!
  • Alle zu verwendenen Programme sind auf dem Desktop abzuspeichern und von dort zu starten!


Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Danke für deine Mitarbeit!





Zitat:
Zitat von DJSpeedy Beitrag anzeigen
Ich habe, in vorrigen Threads bereits gelesen, dass man ein paar Tools benutzen kann um raus zu finden was zu tun ist.
Habe bereits Malwarebytes runtergeladen mit Logfile.
FRST mit Logfile, JRT mit Logfile & ComboFix mit Logfile.
Auch wenn du uns nur helfen wolltest, ist das "blinde" Ausführen von irgendwelchen Tools (wenn man keine Ahnung hat) nicht gerade sinnvoll und kann eine Bereinigung erschweren...


Poste mal alle Logdateien, die du hast, dann sehen wir weiter...
__________________

__________________

Alt 24.05.2014, 19:27   #3
DJSpeedy
 
Unerwünschte, leere Pop-up Fenster erscheinen und Wörter sind unterstrichen und verlinkt - Standard

Unerwünschte, leere Pop-up Fenster erscheinen und Wörter sind unterstrichen und verlinkt



zum Thema illegale Tools...
ich habe noch ein paar drauf, die unter anderenm nicht mehr genutzt werden. habe nur nie deinstalliert

sollte es ein problem geben, dann bitte bescheid geben


Logfile von Farbar Recovery:

FRST Additions Logfile:
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23-05-2014
Ran by Lars at 2014-05-24 11:18:12
Running from C:\Users\Lars\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

==================== Installed Programs ======================

µTorrent (HKCU\...\uTorrent) (Version: 3.3.1.30017 - BitTorrent Inc.)
3DMark06 (HKLM-x32\...\{7F3AD00A-1819-4B15-BB7D-08B3586336D7}) (Version: 1.2.1 - Futuremark Corporation)
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.7.0.1530 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.7.0.1530 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Reader X (10.1.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.10 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.5 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.5.9.620 - Adobe Systems, Inc.)
AIO_CDB_ProductContext (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
AIO_CDB_Software (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
AIO_Scan (x32 Version: 130.0.421.000 - Hewlett-Packard) Hidden
Amazon Cloud Player (HKCU\...\Amazon Amazon Cloud Player) (Version: 2.4.0.33 - Amazon Services LLC)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - ATI Technologies Inc.) Hidden
AMD Fuel (Version: 2011.0126.1749.31909 - Ihr Firmenname) Hidden
Apple Application Support (HKLM-x32\...\{D9DAD0FF-495A-472B-9F10-BAE430A26682}) (Version: 3.0.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.14.3.0 - Asmedia Technology)
ATI AVIVO64 Codecs (Version: 11.6.0.10126 - ATI Technologies Inc.) Hidden
ATI Catalyst Install Manager (HKLM\...\{7DE8BAC9-CAF4-FFAD-081A-6D74412E28A6}) (Version: 3.0.812.0 - ATI Technologies, Inc.)
Audio Recorder for Free (HKLM-x32\...\Audio Recorder for Free) (Version:  - Audio-Tool.net)
Aureon 5.1 PCI (HKLM\...\C-Media PCI Audio Driver) (Version:  - )
Auslogics BoostSpeed (HKLM-x32\...\{7216871F-869E-437C-B9BF-2A13F2DCE63F}_is1) (Version: version 4.4 - Auslogics Software Pty Ltd)
Biet-O-Matic v2.14.12 (HKLM-x32\...\Biet-O-Matic v2.14.12) (Version: 2.14.12 - BOM Development Team)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2011.0126.1749.31909 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2011.0126.1749.31909 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2011.0126.1749.31909 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2011.0126.1748.31909 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2011.0126.1748.31909 - ATI) Hidden
CCC Help Czech (x32 Version: 2011.0126.1748.31909 - ATI) Hidden
CCC Help Danish (x32 Version: 2011.0126.1748.31909 - ATI) Hidden
CCC Help Dutch (x32 Version: 2011.0126.1748.31909 - ATI) Hidden
CCC Help English (x32 Version: 2011.0126.1748.31909 - ATI) Hidden
CCC Help Finnish (x32 Version: 2011.0126.1748.31909 - ATI) Hidden
CCC Help French (x32 Version: 2011.0126.1748.31909 - ATI) Hidden
CCC Help German (x32 Version: 2011.0126.1748.31909 - ATI) Hidden
CCC Help Greek (x32 Version: 2011.0126.1748.31909 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2011.0126.1748.31909 - ATI) Hidden
CCC Help Italian (x32 Version: 2011.0126.1748.31909 - ATI) Hidden
CCC Help Japanese (x32 Version: 2011.0126.1748.31909 - ATI) Hidden
CCC Help Korean (x32 Version: 2011.0126.1748.31909 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2011.0126.1748.31909 - ATI) Hidden
CCC Help Polish (x32 Version: 2011.0126.1748.31909 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2011.0126.1748.31909 - ATI) Hidden
CCC Help Russian (x32 Version: 2011.0126.1748.31909 - ATI) Hidden
CCC Help Spanish (x32 Version: 2011.0126.1748.31909 - ATI) Hidden
CCC Help Swedish (x32 Version: 2011.0126.1748.31909 - ATI) Hidden
CCC Help Thai (x32 Version: 2011.0126.1748.31909 - ATI) Hidden
CCC Help Turkish (x32 Version: 2011.0126.1748.31909 - ATI) Hidden
ccc-core-static (x32 Version: 2011.0126.1749.31909 - Ihr Firmenname) Hidden
ccc-utility64 (Version: 2011.0126.1749.31909 - ATI) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 3.04 - Piriform)
Codec Pack Packages (HKCU\...\Codec Pack Packages) (Version:  - ) <==== ATTENTION
Copy (x32 Version: 130.0.428.000 - Hewlett-Packard) Hidden
CPUID CPU-Z 1.61.3 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DC-Bass Source 1.3.0 (HKLM-x32\...\DC-Bass Source) (Version:  - )
DENON DJ ASIO Driver (HKLM-x32\...\{E4EC27CD-229E-481E-84F1-7AB83AC479BE}) (Version: 2.2.2 - DENON_DJ)
Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 130.0.465.000 - Hewlett-Packard) Hidden
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.8 - DivX, LLC)
DocProc (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
eMule (HKLM-x32\...\eMule) (Version:  - )
EPSON AL-C1600 (HKLM\...\EPSON AL-C1600) (Version:  - )
EPU-4 Engine (HKLM-x32\...\{8F66047B-1AF3-40D9-80D7-106E2EDC2C2A}) (Version: 1.03.03 - )
F300 (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
F300_Help (x32 Version: 82.0.242.000 - Hewlett-Packard) Hidden
F300Trb (x32 Version: 82.0.242.000 - Hewlett-Packard) Hidden
Fax (x32 Version: 130.0.418.000 - Hewlett-Packard) Hidden
Fences 2 (HKLM-x32\...\Fences 22.01) (Version: 2.01 - Stardock Corporation)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
GfK Internet-Monitor (HKLM-x32\...\39992AD7-103F-4308-8BB7-3F65F543604D) (Version: 12.6.186 - GfK)
GfK Proxy Service (HKLM-x32\...\NuragoProxyService) (Version:  - )
GIMP 2.6.11 (HKLM-x32\...\WinGimp-2.0_is1) (Version: 2.6.11 - The GIMP Team)
GMX ProfiFax (HKLM-x32\...\GMX ProfiFax) (Version: 2.00.236 - 1&1 Mail & Media GmbH)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.114 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HashCheck Shell Extension (x86-32) (HKLM-x32\...\HashCheck Shell Extension) (Version: 2.1.11.1 - Kai Liu)
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP)
HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. B (HKLM\...\{B61ED343-0B14-4241-999C-490CB1A20DA4}) (Version: 13.0 - HP)
HP Smart Web Printing 4.51 (HKLM\...\HP Smart Web Printing) (Version: 4.51 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Update (HKLM-x32\...\{7059BDA7-E1DB-442C-B7A1-6144596720A4}) (Version: 4.000.011.006 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
HPPhotoGadget (x32 Version: 130.0.282.000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabelContent1 (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPPhotosmartEssential (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HydraVision (x32 Version: 4.2.184.0 - ATI Technologies Inc.) Hidden
iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)
iTunes (HKLM\...\{9D20916D-C1E9-4E39-9723-13D200D87C40}) (Version: 11.2.0.114 - Apple Inc.)
Java 7 Update 13 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417013FF}) (Version: 7.0.130 - Oracle)
Java(TM) 6 Update 24 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216024FF}) (Version: 6.0.240 - Oracle)
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
K-Lite Codec Pack (64-bit) v4.5.0 (HKLM\...\KLiteCodecPack64_is1) (Version: 4.5.0 - )
K-Lite Codec Pack 7.0.0 (Full) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 7.0.0 - )
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
League of Legends (HKLM-x32\...\{92606477-9366-4D3B-8AE3-6BE4B29727AB}) (Version: 1.3 - Riot Games)
Logitech GamePanel Software 3.03.133 (HKLM\...\{6CC95B76-D380-46B2-9022-9353938E48BA}) (Version: 3.03.133 - Logitech Inc.)
Logitech GamePanel Software 3.06.109 (HKLM\...\{A1E85B9A-AFAD-4D38-AF01-6B020DD5213A}) (Version: 3.06.109 - Logitech Inc.)
Lumac (HKLM-x32\...\InstallShield_{5DE11949-2B11-4F13-BAD5-1C237122CFDB}) (Version: 1.1.92.0 - Firstload)
Lumac (x32 Version: 1.1.92.0 - Firstload) Hidden
MAGIX Media Manager 2004 silver (HKLM-x32\...\MAGIX Media Manager 2004 silver) (Version: 2.0.7.0 - MAGIX AG)
MAGIX Online Druck Service (HKLM-x32\...\MAGIX Online Druck Service) (Version:  - Silverwire Software GmbH)
MAGIX ringtone maker (HKLM-x32\...\MAGIX ringtone maker) (Version: 1.0.0.4 - MAGIX AG)
MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0407-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.0.4035.0328 - Microsoft Corporation)
Microsoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft XML Parser (x32 Version: 8.0.7820.0 - Microsoft Corporation) Hidden
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 25.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 25.0.1 (x86 de)) (Version: 25.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 25.0.1 - Mozilla)
Mp3tag v2.59a (HKLM-x32\...\Mp3tag) (Version: v2.59a - Florian Heidenreich)
MSI Afterburner 2.1.0 (HKLM-x32\...\Afterburner) (Version: 2.1.0 - MSI Co., LTD)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Native Instruments Audio 2 DJ (HKLM-x32\...\Native Instruments Audio 2 DJ) (Version:  - Native Instruments)
Native Instruments Audio 2 DJ Driver (HKLM-x32\...\Native Instruments Audio 2 DJ Driver) (Version:  - Native Instruments)
Native Instruments Audio 2 DJ Driver (Version: 3.1.0.761 - Native Instruments) Hidden
Native Instruments Audio 4 DJ (HKLM-x32\...\Native Instruments Audio 4 DJ) (Version:  - Native Instruments)
Native Instruments Audio 4 DJ Driver (HKLM-x32\...\Native Instruments Audio 4 DJ Driver) (Version:  - Native Instruments)
Native Instruments Audio 4 DJ Driver (Version: 3.1.0.761 - Native Instruments) Hidden
Native Instruments Audio 8 DJ (HKLM-x32\...\Native Instruments Audio 8 DJ) (Version:  - Native Instruments)
Native Instruments Audio 8 DJ Driver (HKLM-x32\...\Native Instruments Audio 8 DJ Driver) (Version:  - Native Instruments)
Native Instruments Audio 8 DJ Driver (Version: 3.1.0.761 - Native Instruments) Hidden
Native Instruments Controller Editor (HKLM-x32\...\Native Instruments Controller Editor) (Version: 1.6.2.1863 - Native Instruments)
Native Instruments Controller Editor (Version: 1.6.2.1863 - Native Instruments) Hidden
Native Instruments Maschine Controller (HKLM-x32\...\Native Instruments Maschine Controller) (Version:  - Native Instruments)
Native Instruments Maschine Controller (Version: 3.0.1.648 - Native Instruments) Hidden
Native Instruments Service Center (HKLM-x32\...\Native Instruments Service Center) (Version:  - Native Instruments)
Native Instruments Service Center (Version: 2.2.6.676 - Native Instruments) Hidden
Native Instruments Traktor 2 (HKLM-x32\...\Native Instruments Traktor 2) (Version: 2.6.8.382 - Native Instruments)
Native Instruments Traktor 2 (Version: 2.6.8.382 - Native Instruments) Hidden
Native Instruments Traktor Audio 10 (HKLM-x32\...\Native Instruments Traktor Audio 10) (Version:  - Native Instruments)
Native Instruments Traktor Audio 10 Driver (HKLM-x32\...\Native Instruments Traktor Audio 10 Driver) (Version:  - Native Instruments)
Native Instruments Traktor Audio 10 Driver (Version: 3.1.0.761 - Native Instruments) Hidden
Native Instruments Traktor Audio 2 (HKLM-x32\...\Native Instruments Traktor Audio 2) (Version:  - Native Instruments)
Native Instruments Traktor Audio 2 Driver (HKLM-x32\...\Native Instruments Traktor Audio 2 Driver) (Version:  - Native Instruments)
Native Instruments Traktor Audio 2 Driver (Version: 3.1.0.761 - Native Instruments) Hidden
Native Instruments Traktor Audio 2 MK2 Driver (HKLM-x32\...\Native Instruments Traktor Audio 2 MK2 Driver) (Version:  - Native Instruments)
Native Instruments Traktor Audio 2 MK2 Driver (Version: 3.1.3.804 - Native Instruments) Hidden
Native Instruments Traktor Audio 6 (HKLM-x32\...\Native Instruments Traktor Audio 6) (Version:  - Native Instruments)
Native Instruments Traktor Audio 6 Driver (HKLM-x32\...\Native Instruments Traktor Audio 6 Driver) (Version:  - Native Instruments)
Native Instruments Traktor Audio 6 Driver (Version: 3.1.0.761 - Native Instruments) Hidden
Native Instruments Traktor Kontrol F1 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol F1 Driver) (Version:  - Native Instruments)
Native Instruments Traktor Kontrol F1 Driver (Version: 3.0.2.664 - Native Instruments) Hidden
Native Instruments Traktor Kontrol S2 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol S2 Driver) (Version:  - Native Instruments)
Native Instruments Traktor Kontrol S2 Driver (Version: 3.1.0.761 - Native Instruments) Hidden
Native Instruments Traktor Kontrol S2 MK2 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol S2 MK2 Driver) (Version:  - Native Instruments)
Native Instruments Traktor Kontrol S2 MK2 Driver (Version: 3.1.2.795 - Native Instruments) Hidden
Native Instruments Traktor Kontrol S4 (HKLM-x32\...\Native Instruments Traktor Kontrol S4) (Version:  - Native Instruments)
Native Instruments Traktor Kontrol S4 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol S4 Driver) (Version:  - Native Instruments)
Native Instruments Traktor Kontrol S4 Driver (Version: 3.1.0.761 - Native Instruments) Hidden
Native Instruments Traktor Kontrol S4 MK2 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol S4 MK2 Driver) (Version:  - Native Instruments)
Native Instruments Traktor Kontrol S4 MK2 Driver (Version: 3.1.2.795 - Native Instruments) Hidden
Native Instruments Traktor Kontrol X1 (HKLM-x32\...\Native Instruments Traktor Kontrol X1) (Version:  - Native Instruments)
Native Instruments Traktor Kontrol X1 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol X1 Driver) (Version:  - Native Instruments)
Native Instruments Traktor Kontrol X1 Driver (Version: 3.0.1.648 - Native Instruments) Hidden
Native Instruments Traktor Kontrol X1 MK2 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol X1 MK2 Driver) (Version:  - Native Instruments)
Native Instruments Traktor Kontrol X1 MK2 Driver (Version: 3.1.1.780 - Native Instruments) Hidden
Native Instruments Traktor Kontrol Z1 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol Z1 Driver) (Version:  - Native Instruments)
Native Instruments Traktor Kontrol Z1 Driver (Version: 3.1.1.780 - Native Instruments) Hidden
Native Instruments Traktor Kontrol Z2 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol Z2 Driver) (Version:  - Native Instruments)
Native Instruments Traktor Kontrol Z2 Driver (Version: 3.1.0.761 - Native Instruments) Hidden
Nero 8 (HKLM-x32\...\{9EDBB857-8028-49CD-B9C9-0B4D10CD1031}) (Version: 8.10.290 - Nero AG)
neroxml (x32 Version: 1.0.0 - Nero AG) Hidden
Network64 (Version: 130.0.572.000 - Hewlett-Packard) Hidden
Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden
Notepad++ (HKLM-x32\...\Notepad++) (Version: 5.6.8 - )
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
OpenSource Flash Video Splitter 1.0.0.5 (HKLM-x32\...\OpenSource Flash Video Splitter) (Version: 1.0.0.5 - )
Opticon USB Drivers Installer (HKLM-x32\...\Opticon USB Installer) (Version:  - )
Panel Client 3.2 (HKLM-x32\...\Panel Client_is1) (Version:  - GfK Panel Services Deutschland GmbH)
Photo Gallery (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Pidgin (HKLM-x32\...\Pidgin) (Version: 2.10.9 - )
Platform (x32 Version: 1.39 - VIA Technologies, Inc.) Hidden
PowerISO (HKLM-x32\...\PowerISO) (Version:  - )
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Razer Game Booster (HKLM-x32\...\Razer Game Booster_is1) (Version: 4.2.45.0 - Razer Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.52.203.2012 - Realtek)
Remote Mouse version 2.54 (HKLM-x32\...\{01E4BC6D-3ACC-45E1-8928-C2FF626F63F3}_is1) (Version: 2.54 - Remote Mouse)
Remote Panel Program (HKLM-x32\...\{13AA13C1-E4B9-4048-B4A6-9C9B86D44F57}) (Version:  - )
RocketDock 1.3.5 (HKLM-x32\...\RocketDock_is1) (Version:  - Punk Software)
Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
SmartWebPrinting (x32 Version: 130.0.457.000 - Hewlett-Packard) Hidden
SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
SpeedCommander 13 (x64) (HKLM\...\SpeedCommander 13 (x64)) (Version: 13.40.6300 - SWE Sven Ritter)
Status (x32 Version: 130.0.469.000 - Hewlett-Packard) Hidden
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.27614 - TeamViewer)
TECHNO4EVER Player 1.1.3 (HKLM-x32\...\{9AF19FCD-2362-493D-A127-C47BB284A636}) (Version: 1.1.3 - TECHNO4EVER Radio- und Mediengesellschaft mbH)
TERA (HKLM-x32\...\{A2F166A0-F031-4E27-A057-C69733219434}_is1) (Version: 7 - Gameforge Productions GmbH)
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 130.0.422.000 - Hewlett-Packard) Hidden
UnloadSupport (x32 Version: 11.0.0 - Hewlett-Packard) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{EA54F104-79D2-48CC-9ABC-91A63C43D353}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2880505) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{2720451F-5D04-43EC-AB1F-26D948FD971B}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VIA Plattform-Geräte-Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.39 - VIA Technologies, Inc.)
Vista Game Explorer Editor (HKLM-x32\...\VGEE) (Version: Beta 2.14a - Ryan Richter)
Visual C++ 9.0 CRT (x86) WinSXS MSM (x32 Version: 9.0 - Microsoft Corporation) Hidden
VLC media player 2.1.4 (HKLM\...\VLC media player) (Version: 2.1.4 - VideoLAN)
Warcraft III (HKLM-x32\...\Warcraft III) (Version:  - Blizzard Entertainment)
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
Windows Cleaner (HKLM-x32\...\Vtools_WindowsCleaner_is1) (Version: 1.0.0 - Vtools)
Windows Live Communications Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Family Safety (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
winKeyLock version 1.0.1.3 (HKLM-x32\...\winKeyLock_is1) (Version: 1.0.1 - winKeyLock)
WinRAR 4.00 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.00.0 - win.rar GmbH)
WMV9/VC-1 Video Playback (Version: 1.00.0000 - ATI Technologies Inc.) Hidden
Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.2) (Version: 1.3.2 - Xvid Team)

==================== Restore Points  =========================

24-05-2014 08:27:27 Windows Update

==================== Hosts content: ==========================

2009-07-14 04:34 - 2014-03-22 18:04 - 00000994 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {1B2905D8-9584-4CD3-AB59-90BF090161E7} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-16] (Adobe Systems Incorporated)
Task: {24B654B2-B7EA-45CB-9CF7-95ACD67C5C7D} - System32\Tasks\Amazon Music Helper => C:\Users\Lars\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe [2014-05-08] ()
Task: {3370000F-E1FF-4575-A340-672AE206A346} - System32\Tasks\ASUS\ASUS SIX Engine => C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe [2012-01-03] (ASUSTek Computer Inc.)
Task: {3AF57CFF-0CF4-4755-BF98-509EC78AC5C8} - \DigitalSite No Task File <==== ATTENTION
Task: {3FB27DB5-FE54-4244-A9CB-9027EF2FF08C} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2013-11-20] (Apple Inc.)
Task: {54EDCEFE-8B33-42F8-9464-EEAD4AAE47B2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-07] (Google Inc.)
Task: {6E3A13BA-8055-4948-94A4-C385C5873545} - \bench-sys No Task File <==== ATTENTION
Task: {812530AD-22BA-4413-AFF6-517EC59FC1C2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-07] (Google Inc.)
Task: {A1D60D55-A6B8-401B-BC05-2938E02DF2F2} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => d:\program files\windows defender\MpCmdRun.exe
Task: {A3AE5A93-2948-485B-A93D-82B057BF782B} - \BitGuard No Task File <==== ATTENTION
Task: {B29A0C2F-3D50-434C-AC1C-80205D088FD1} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {C4E8B14A-4159-4C58-BDAD-281DBBFC97E8} - System32\Tasks\Microsoft\Windows Defender\MpIdleTask => d:\program files\windows defender\MpCmdRun.exe
Task: {CE2A5F4A-6D53-4AA9-B75E-33053699DC04} - System32\Tasks\Razer_Game_Booster_AutoUpdate => C:\Program Files (x86)\Razer\Razer Game Booster\AutoUpdate.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-02-07 14:55 - 2011-03-02 13:40 - 00164864 _____ () C:\Program Files\WinRAR\rarext.dll
2014-03-03 21:50 - 2014-02-20 18:25 - 03293672 _____ () C:\Program Files (x86)\GfK Internet-Monitor\GfK-Reporting.exe
2014-03-03 21:50 - 2014-02-20 18:25 - 01356264 _____ () C:\Program Files (x86)\GfK Internet-Monitor\GfK-Updater.exe
2013-12-13 10:11 - 2014-05-08 19:26 - 03145536 _____ () C:\Users\Lars\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
2013-02-07 15:09 - 2011-12-06 03:58 - 00078448 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\QsApoApi64.dll
2013-02-07 15:09 - 2011-12-06 03:58 - 00386160 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\Dts2ApoApi64.dll
2014-01-29 18:05 - 2014-01-29 18:05 - 00402872 _____ () C:\Program Files (x86)\Universal Updater\UpdaterService.exe
2011-01-26 19:00 - 2011-01-26 19:00 - 00079872 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Services.dll
2004-03-22 00:37 - 2004-03-22 00:37 - 00744448 _____ () C:\Program Files (x86)\winKeyLock\winKeyLock.exe
2013-02-07 15:10 - 2009-01-15 15:55 - 00565248 _____ () C:\Program Files (x86)\ASUS\EPU-4 Engine\pngio.dll
2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-01-20 14:16 - 2014-01-20 14:16 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-03-28 11:32 - 2012-11-08 13:19 - 00474360 _____ () C:\Program Files (x86)\GfK Internet-Monitor\UpdateHelper.dll
2013-02-08 01:00 - 2007-05-28 23:13 - 00145920 _____ () C:\Program Files (x86)\Auslogics\Auslogics BoostSpeed\madBasic_.bpl
2013-02-08 01:00 - 2007-05-28 23:13 - 00316928 _____ () C:\Program Files (x86)\Auslogics\Auslogics BoostSpeed\madExcept_.bpl
2013-02-08 01:00 - 2007-05-28 23:13 - 00041984 _____ () C:\Program Files (x86)\Auslogics\Auslogics BoostSpeed\madDisAsm_.bpl
2013-02-08 01:00 - 2008-04-08 05:11 - 00053248 _____ () C:\Program Files (x86)\Auslogics\Auslogics BoostSpeed\armaccess.dll
2013-09-14 01:51 - 2013-09-14 01:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\zlib1.dll
2013-09-14 01:50 - 2013-09-14 01:50 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\libxml2.dll
2014-01-05 21:57 - 2013-11-19 22:34 - 00152576 _____ () C:\Program Files (x86)\Remote Mouse\FileS.dll
2014-02-08 12:00 - 2012-11-20 17:13 - 00264192 _____ () C:\Program Files (x86)\Razer\Razer Game Booster\D3DX8Wrapper.dll
2014-02-08 12:00 - 2013-11-12 10:57 - 00098304 _____ () C:\Program Files (x86)\Razer\Razer Game Booster\EasyHook32.dll
2014-05-24 10:21 - 2014-05-14 01:40 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\libglesv2.dll
2014-05-24 10:21 - 2014-05-14 01:40 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\libegl.dll
2014-05-24 10:21 - 2014-05-14 01:40 - 04217672 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\pdf.dll
2014-05-24 10:21 - 2014-05-14 01:40 - 00414536 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ppGoogleNaClPluginChrome.dll
2014-05-24 10:21 - 2014-05-14 01:40 - 01732424 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ffmpegsumo.dll
2014-05-08 09:40 - 2014-02-20 17:32 - 00256512 _____ () C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekfcceehmjiicgpkeblpbcpglgdklklh\13.4.568_0\plugin\npgacela_private.dll
2014-05-08 09:40 - 2014-02-20 17:32 - 00261608 _____ () C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekfcceehmjiicgpkeblpbcpglgdklklh\13.4.568_0\plugin\npgacela.dll
2014-05-24 10:21 - 2014-05-14 01:40 - 13695816 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Windows\system32\Drivers\nglfsegm.sys:changelist
AlternateDataStreams: C:\Windows\system32\Drivers\qqczqvzb.sys:changelist
AlternateDataStreams: C:\Windows\system32\Drivers\xrehzkvs.sys:changelist
AlternateDataStreams: C:\ProgramData\TEMP:373E1720

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"

==================== EXE Association (whitelisted) =============


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============

Name: Logitech GamePanel-Geräte (QVGA)
Description: Logitech GamePanel-Geräte (QVGA)
Class Guid: {997b5d8d-c442-4f2e-baf3-9c8e671e9e21}
Manufacturer: Logitech Inc
Service: WUDFRd
Problem: : Windows cannot initialize the device driver for this hardware. (Code 37)
Resolution: The driver returned failure from its DriverEntry routine. Uninstall the driver, and then click "Scan for hardware changes" to reinstall or upgrade the driver.

Name: Logitech GamePanel-Geräte (Mono)
Description: Logitech GamePanel-Geräte (Mono)
Class Guid: {997b5d8d-c442-4f2e-baf3-9c8e671e9e21}
Manufacturer: Logitech Inc
Service: WUDFRd
Problem: : Windows cannot initialize the device driver for this hardware. (Code 37)
Resolution: The driver returned failure from its DriverEntry routine. Uninstall the driver, and then click "Scan for hardware changes" to reinstall or upgrade the driver.

Name: Microsoft-ISATAP-Adapter
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (05/24/2014 10:18:03 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/24/2014 10:08:33 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/24/2014 10:04:55 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: taskeng.exe, Version: 6.1.7601.17514, Zeitstempel: 0x4ce79d2c
Name des fehlerhaften Moduls: msvcrt.dll, Version: 7.0.7601.17744, Zeitstempel: 0x4eeb033f
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000027de
ID des fehlerhaften Prozesses: 0x7e4
Startzeit der fehlerhaften Anwendung: 0xtaskeng.exe0
Pfad der fehlerhaften Anwendung: taskeng.exe1
Pfad des fehlerhaften Moduls: taskeng.exe2
Berichtskennung: taskeng.exe3

Error: (05/24/2014 09:59:58 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/24/2014 09:58:05 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: taskeng.exe, Version: 6.1.7601.17514, Zeitstempel: 0x4ce79d2c
Name des fehlerhaften Moduls: msvcrt.dll, Version: 7.0.7601.17744, Zeitstempel: 0x4eeb033f
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000027de
ID des fehlerhaften Prozesses: 0xa04
Startzeit der fehlerhaften Anwendung: 0xtaskeng.exe0
Pfad der fehlerhaften Anwendung: taskeng.exe1
Pfad des fehlerhaften Moduls: taskeng.exe2
Berichtskennung: taskeng.exe3

Error: (05/22/2014 01:47:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: taskeng.exe, Version: 6.1.7601.17514, Zeitstempel: 0x4ce79d2c
Name des fehlerhaften Moduls: msvcrt.dll, Version: 7.0.7601.17744, Zeitstempel: 0x4eeb033f
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000027de
ID des fehlerhaften Prozesses: 0x1a98
Startzeit der fehlerhaften Anwendung: 0xtaskeng.exe0
Pfad der fehlerhaften Anwendung: taskeng.exe1
Pfad des fehlerhaften Moduls: taskeng.exe2
Berichtskennung: taskeng.exe3

Error: (05/22/2014 09:47:00 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: taskeng.exe, Version: 6.1.7601.17514, Zeitstempel: 0x4ce79d2c
Name des fehlerhaften Moduls: msvcrt.dll, Version: 7.0.7601.17744, Zeitstempel: 0x4eeb033f
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000027de
ID des fehlerhaften Prozesses: 0xe50
Startzeit der fehlerhaften Anwendung: 0xtaskeng.exe0
Pfad der fehlerhaften Anwendung: taskeng.exe1
Pfad des fehlerhaften Moduls: taskeng.exe2
Berichtskennung: taskeng.exe3

Error: (05/22/2014 05:47:00 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: taskeng.exe, Version: 6.1.7601.17514, Zeitstempel: 0x4ce79d2c
Name des fehlerhaften Moduls: msvcrt.dll, Version: 7.0.7601.17744, Zeitstempel: 0x4eeb033f
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000027de
ID des fehlerhaften Prozesses: 0xfd0
Startzeit der fehlerhaften Anwendung: 0xtaskeng.exe0
Pfad der fehlerhaften Anwendung: taskeng.exe1
Pfad des fehlerhaften Moduls: taskeng.exe2
Berichtskennung: taskeng.exe3

Error: (05/22/2014 01:47:00 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: taskeng.exe, Version: 6.1.7601.17514, Zeitstempel: 0x4ce79d2c
Name des fehlerhaften Moduls: msvcrt.dll, Version: 7.0.7601.17744, Zeitstempel: 0x4eeb033f
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000027de
ID des fehlerhaften Prozesses: 0x1738
Startzeit der fehlerhaften Anwendung: 0xtaskeng.exe0
Pfad der fehlerhaften Anwendung: taskeng.exe1
Pfad des fehlerhaften Moduls: taskeng.exe2
Berichtskennung: taskeng.exe3

Error: (05/21/2014 09:47:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: taskeng.exe, Version: 6.1.7601.17514, Zeitstempel: 0x4ce79d2c
Name des fehlerhaften Moduls: msvcrt.dll, Version: 7.0.7601.17744, Zeitstempel: 0x4eeb033f
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000027de
ID des fehlerhaften Prozesses: 0x1790
Startzeit der fehlerhaften Anwendung: 0xtaskeng.exe0
Pfad der fehlerhaften Anwendung: taskeng.exe1
Pfad des fehlerhaften Moduls: taskeng.exe2
Berichtskennung: taskeng.exe3


System errors:
=============
Error: (05/24/2014 10:16:32 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "GfKLSPService" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (05/24/2014 10:16:32 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst GfKLSPService erreicht.

Error: (05/24/2014 10:15:25 AM) (Source: volmgr) (EventID: 46) (User: )
Description: Die Initialisierung des Speicherabbildes ist fehlgeschlagen.

Error: (05/24/2014 10:05:10 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "GfKLSPService" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (05/24/2014 10:05:10 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst GfKLSPService erreicht.

Error: (05/24/2014 10:04:25 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎24.‎05.‎2014 um 10:02:45 unerwartet heruntergefahren.

Error: (05/24/2014 10:03:11 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {3EB3C877-1F16-487C-9050-104DBCD66683}

Error: (05/24/2014 09:58:16 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "GfKLSPService" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (05/24/2014 09:58:16 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst GfKLSPService erreicht.

Error: (05/22/2014 03:50:02 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {3EB3C877-1F16-487C-9050-104DBCD66683}


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2013-03-02 17:26:16.370
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\cmudax3.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-03-02 17:26:16.338
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\cmudax3.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info =========================== 

Percentage of memory in use: 21%
Total physical RAM: 16366.12 MB
Available physical RAM: 12807.04 MB
Total Pagefile: 32730.41 MB
Available Pagefile: 28598.96 MB
Total Virtual: 8192 MB
Available Virtual: 8191.79 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:931.41 GB) (Free:62.82 GB) NTFS
Drive e: () (Fixed) (Total:372.6 GB) (Free:38.19 GB) NTFS
Drive g: () (Fixed) (Total:1397.26 GB) (Free:759.88 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: ED9E570F)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 373 GB) (Disk ID: 1E521E51)
Partition 1: (Active) - (Size=373 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (Size: 1397 GB) (Disk ID: 6B26A4FC)
Partition 1: (Not Active) - (Size=-698723990528) - (Type=07 NTFS)

==================== End Of Log ============================
         
--- --- ---


Logfile von FRST:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 23-05-2014
Ran by Lars (administrator) on LARS-PC on 24-05-2014 11:17:42
Running from C:\Users\Lars\Downloads
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe
(Advanced Micro Devices) C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Logitech Inc.) C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler.exe
(Logitech Inc.) C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe
() C:\Program Files (x86)\GfK Internet-Monitor\GfK-Reporting.exe
() C:\Program Files (x86)\GfK Internet-Monitor\GfK-Updater.exe
(Auslogics) C:\Program Files (x86)\Auslogics\Auslogics BoostSpeed\BoostSpeed.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Nero AG) C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
(Nero AG) C:\Program Files (x86)\Common Files\Nero\Lib\NMBgMonitor.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
() C:\Users\Lars\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
(RemoteMouse.net) C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
(PowerISO Computing, Inc.) C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
() C:\Program Files (x86)\Universal Updater\UpdaterService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Nero AG) C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe
(Nero AG) C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(GfK) C:\Program Files (x86)\GfK Internet-Monitor\Chrome Extension\GfK-Chrome-Helper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Razer Game Booster\main.exe
() C:\Program Files (x86)\winKeyLock\winKeyLock.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation)
HKLM\...\Run: [Launch LgDeviceAgent] => C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe [415816 2010-08-03] (Logitech Inc.)
HKLM\...\Run: [Launch LCDMon] => C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe [2412616 2010-08-03] (Logitech Inc.)
HKLM\...\Run: [Launch LGDCore] => C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe [4725320 2010-08-03] (Logitech Inc.)
HKLM\...\Run: [CmPCIaudio] => C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\cmicnfg3.cpl,CMICtrlWnd
HKLM\...\Run: [Fences] => C:\Program Files (x86)\Stardock\Fences\Fences.exe [4017368 2012-10-29] (Stardock Corporation)
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5015040 2012-02-09] (VIA)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-01-26] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54840 2007-05-08] (Hewlett-Packard)
HKLM-x32\...\Run: [hpqSRMon] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard)
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [180224 2009-03-15] (PowerISO Computing, Inc.)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [TvApp] => "C:\Program Files (x86)\TvApp\TvApp.exe" nogui
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-05-14] (Apple Inc.)
HKLM-x32\...\Runonce: [RemoveLSP] - cmd.exe /C rmdir /S /Q "C:\Program Files (x86)\GfKLSPService" [X]
HKU\.DEFAULT\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\.DEFAULT\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1
HKU\.DEFAULT\...\Policies\Explorer: [NoResolveSearch] 1
HKU\.DEFAULT\...\Policies\Explorer: [NoInternetOpenWith] 1
HKU\S-1-5-21-1005217006-152471606-131910131-1000\...\Run: [Auslogics BoostSpeed 4] => C:\Program Files (x86)\Auslogics\Auslogics BoostSpeed\boostspeed.exe [362096 2009-03-16] (Auslogics)
HKU\S-1-5-21-1005217006-152471606-131910131-1000\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files (x86)\Common Files\Nero\Lib\NMBgMonitor.exe [202024 2007-10-23] (Nero AG)
HKU\S-1-5-21-1005217006-152471606-131910131-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-1005217006-152471606-131910131-1000\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-1005217006-152471606-131910131-1000\...\Run: [Amazon Cloud Player] => C:\Users\Lars\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe [3145536 2014-05-08] ()
HKU\S-1-5-21-1005217006-152471606-131910131-1000\...\Run: [Remote Mouse] => C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe [1200640 2014-03-30] (RemoteMouse.net)
HKU\S-1-5-21-1005217006-152471606-131910131-1000\...\Run: [msnmsgr] => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [4272840 2014-03-31] (Microsoft Corporation)
HKU\S-1-5-21-1005217006-152471606-131910131-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20922016 2014-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-1005217006-152471606-131910131-1000\...\Policies\Explorer: [NoInternetOpenWith] 1
HKU\S-1-5-21-1005217006-152471606-131910131-1000\...\Policies\Explorer: [RestrictRun] 0
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\Users\Lars\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Fences.lnk
ShortcutTarget: Fences.lnk -> C:\Program Files (x86)\Stardock\Fences\Fences.exe (Stardock Corporation)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
SearchScopes: HKLM - {758B870D-DF78-4A6A-9955-DEDDCACF94DC} URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
SearchScopes: HKCU - {41F23684-D0B3-4D6C-AC19-5D82E79E82CD} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=744028&p={searchTerms}
SearchScopes: HKCU - {758B870D-DF78-4A6A-9955-DEDDCACF94DC} URL = 
BHO: GfK Internet-Monitor - {4BEEA052-726D-4A6E-B65D-A6BD07C263F3} - C:\Program Files (x86)\GfK Internet-Monitor\x64\Gacela2.dll (GfK)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: GfK Internet-Monitor - {4BEEA052-726D-4A6E-B65D-A6BD07C263F3} - C:\Program Files (x86)\GfK Internet-Monitor\Gacela2.dll (GfK)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Lars\AppData\Roaming\Mozilla\Firefox\Profiles\1ipdivd3.default
FF Homepage: hxxp://search.easylifeapp.com/?zy=k
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @java.com/DTPlugin,version=10.13.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.13.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.1 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.4 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll No File
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @phonostar.de/phonostar-Player - C:\Program Files (x86)\phonostar-Player\npphonostarDetectNP.dll No File
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: SNT - C:\Users\Lars\AppData\Roaming\Mozilla\Firefox\Profiles\1ipdivd3.default\Extensions\b3bawn@iao-ee.co.uk [2014-05-24]
FF Extension: HD Streamer - C:\Users\Lars\AppData\Roaming\Mozilla\Firefox\Profiles\1ipdivd3.default\Extensions\hd_streamer@iMedia [2014-05-24]
FF Extension: greatsaver - C:\Users\Lars\AppData\Roaming\Mozilla\Firefox\Profiles\1ipdivd3.default\Extensions\rfpgtz@oosjo.com [2014-05-24]
FF Extension: LastPass - C:\Users\Lars\AppData\Roaming\Mozilla\Firefox\Profiles\1ipdivd3.default\Extensions\support@lastpass.com [2013-04-26]
FF Extension: YoutubeAdblocker - C:\Users\Lars\AppData\Roaming\Mozilla\Firefox\Profiles\1ipdivd3.default\Extensions\y8tzhoay@obxgpp.co.uk [2014-05-24]
FF Extension: Flashblock - C:\Users\Lars\AppData\Roaming\Mozilla\Firefox\Profiles\1ipdivd3.default\Extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a} [2013-11-16]
FF Extension: Personas Plus - C:\Users\Lars\AppData\Roaming\Mozilla\Firefox\Profiles\1ipdivd3.default\Extensions\personas@christopher.beard.xpi [2013-02-08]
FF Extension: Address Bar Search - C:\Users\Lars\AppData\Roaming\Mozilla\Firefox\Profiles\1ipdivd3.default\Extensions\{badea1ae-72ed-4f6a-8c37-4db9a4ac7bc9}.xpi [2013-10-25]
FF Extension: Adblock Plus - C:\Users\Lars\AppData\Roaming\Mozilla\Firefox\Profiles\1ipdivd3.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-10-26]
FF Extension: Download Statusbar - C:\Users\Lars\AppData\Roaming\Mozilla\Firefox\Profiles\1ipdivd3.default\Extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}.xpi [2013-02-08]
FF Extension: Tab Mix Plus - C:\Users\Lars\AppData\Roaming\Mozilla\Firefox\Profiles\1ipdivd3.default\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2013-09-21]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013-02-25]
FF HKLM-x32\...\Firefox\Extensions: [gacela2@nurago.com] - C:\Program Files (x86)\GfK Internet-Monitor
FF Extension: GfK Internet-Monitor - C:\Program Files (x86)\GfK Internet-Monitor [2013-03-28]
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013-02-25]

Chrome: 
=======
CHR HomePage: hxxp://websearch.searchsunmy.info/?pid=377&r=2013/12/25&hid=1764838136908533383&lg=EN&cc=DE&unqvl=45
CHR StartupUrls: "", "hxxp://www.delta-homes.com/?utm_source=b&utm_medium=wpm0226&utm_campaign=installer&utm_content=hp&from=wpm0226&uid=ST1000DM005XHD103SJ_S246J9EC419309&ts=1393433864"
CHR Extension: (GfK Internet-Monitor) - C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekfcceehmjiicgpkeblpbcpglgdklklh [2014-05-08]
CHR Extension: (AdBlock) - C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-12-13]
CHR Extension: (Google Wallet) - C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-02]
CHR Extension: (HD Streamer) - C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\Extensions\oleglodmkonbpfmlffapjfednjopbeeh [2014-04-29]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [354304 2011-01-26] (Advanced Micro Devices, Inc.)
R2 AMD Reservation Manager; C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe [194496 2010-06-17] (Advanced Micro Devices)
R2 GfK-Reporting-Service; C:\Program Files (x86)\GfK Internet-Monitor\GfK-Reporting.exe [3293672 2014-02-20] ()
R2 GfK-Update-Service; C:\Program Files (x86)\GfK Internet-Monitor\GfK-Updater.exe [1356264 2014-02-20] ()
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation)
R2 Nero BackItUp Scheduler 3; C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe [853288 2007-09-20] (Nero AG)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation)
R3 NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [382248 2007-10-23] (Nero AG)
R2 RzKLService; C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe [105448 2014-02-25] (Razer Inc.)
R2 UniversalUpdater; C:\Program Files (x86)\Universal Updater\UpdaterService.exe [402872 2014-01-29] ()
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27760 2011-11-11] (VIA Technologies, Inc.)

==================== Drivers (Whitelisted) ====================

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-23] ()
S3 CM1063264; C:\Windows\System32\drivers\CM10664.sys [984064 2007-04-13] (C-Media Inc)
R3 cmuda3; C:\Windows\System32\drivers\cmudax3.sys [828416 2007-04-12] (C-Media Inc)
R3 LGPBTDD; C:\Windows\System32\Drivers\LGPBTDD.sys [30728 2009-07-01] (Logitech Inc.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-17] ()
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)
R1 wStLib64; C:\Windows\System32\drivers\wStLib64.sys [61112 2014-03-20] (StdLib)
S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [X]
S3 MSICDSetup; \??\D:\CDriver64.sys [X]
U4 SR; 
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 WinRing0_1_2_0; \??\C:\Program Files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-24 11:17 - 2014-05-24 11:17 - 00023568 _____ () C:\Users\Lars\Downloads\FRST.txt
2014-05-24 11:15 - 2014-05-24 11:17 - 00000000 ____D () C:\FRST
2014-05-24 11:14 - 2014-05-24 11:15 - 02067456 _____ (Farbar) C:\Users\Lars\Downloads\FRST64.exe
2014-05-24 10:21 - 2014-05-24 10:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-05-24 10:15 - 2014-05-24 10:15 - 00004284 _____ () C:\Windows\PFRO.log
2014-05-24 09:57 - 2014-05-24 10:15 - 00000168 _____ () C:\Windows\setupact.log
2014-05-24 09:57 - 2014-05-24 09:57 - 00000000 _____ () C:\Windows\setuperr.log
2014-05-20 17:59 - 2014-05-20 18:00 - 00000000 ____D () C:\Program Files (x86)\winKeyLock
2014-05-20 17:59 - 2014-05-20 17:59 - 00000963 _____ () C:\Users\Lars\Desktop\winKeyLock.lnk
2014-05-20 17:59 - 2014-05-20 17:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\winKeyLock
2014-05-20 17:58 - 2014-05-20 17:58 - 00645904 _____ (winKeyLock ) C:\Users\Lars\Downloads\InstallWinKeyLock1.0.1.exe
2014-05-20 10:57 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-05-20 10:56 - 2014-05-24 10:13 - 00000000 ____D () C:\AdwCleaner
2014-05-20 10:52 - 2014-05-20 10:52 - 00961360 _____ (Chip Digital GmbH) C:\Users\Lars\Desktop\AdwCleaner.exe
2014-05-20 09:02 - 2014-05-20 09:04 - 00000000 ____D () C:\Users\Lars\Desktop\Vertrag VF Oli Kamera
2014-05-20 08:48 - 2014-05-24 09:56 - 00000668 _____ () C:\aaw7boot.log
2014-05-16 09:06 - 2014-05-16 09:07 - 00000000 ____D () C:\Users\Lars\Downloads\__MACOSX
2014-05-16 09:06 - 2014-05-16 09:06 - 00000000 ____D () C:\Users\Lars\Downloads\FATSUMO_PROMO
2014-05-16 08:13 - 2014-05-16 08:13 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-16 08:12 - 2014-05-16 08:12 - 00001783 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-05-16 08:12 - 2014-05-16 08:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-05-16 08:11 - 2014-05-16 08:12 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-05-16 08:11 - 2014-05-16 08:12 - 00000000 ____D () C:\Program Files\iTunes
2014-05-16 08:11 - 2014-05-16 08:12 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-05-16 08:11 - 2014-05-16 08:11 - 00000000 ____D () C:\Program Files\iPod
2014-05-16 07:51 - 2014-05-06 07:14 - 19274752 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-16 07:51 - 2014-05-06 07:14 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-16 07:51 - 2014-05-06 05:48 - 14367232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-16 07:51 - 2014-05-06 05:48 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-16 07:51 - 2014-05-06 05:37 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-16 07:51 - 2014-05-06 05:26 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-16 07:46 - 2014-05-09 08:14 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-16 07:46 - 2014-05-09 08:11 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-16 07:46 - 2014-03-25 04:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-16 07:46 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-05-16 07:45 - 2014-04-12 04:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-05-16 07:45 - 2014-04-12 04:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-05-16 07:45 - 2014-04-12 04:19 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-05-16 07:45 - 2014-04-12 04:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-05-16 07:45 - 2014-04-12 04:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-05-16 07:45 - 2014-04-12 04:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-05-16 07:45 - 2014-04-12 04:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-05-16 07:45 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-05-16 07:45 - 2014-04-12 04:10 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-05-16 07:45 - 2014-03-04 11:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-05-16 07:45 - 2014-03-04 11:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-05-16 07:45 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-05-16 07:45 - 2014-03-04 11:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-05-16 07:45 - 2014-03-04 11:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-05-16 07:45 - 2014-03-04 11:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-05-16 07:45 - 2014-03-04 11:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-05-16 07:45 - 2014-03-04 11:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-05-16 07:45 - 2014-03-04 11:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-05-16 07:45 - 2014-03-04 11:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-05-16 07:45 - 2014-03-04 11:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-05-16 07:45 - 2014-03-04 11:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-05-16 07:45 - 2014-03-04 11:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-05-16 07:45 - 2014-03-04 11:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-05-16 07:45 - 2014-03-04 11:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-05-16 07:45 - 2014-03-04 11:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-05-16 07:45 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-05-16 07:45 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-05-16 07:45 - 2014-03-04 11:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-05-16 07:45 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-05-16 07:45 - 2014-03-04 11:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-05-16 07:45 - 2014-03-04 11:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-05-16 07:45 - 2014-03-04 11:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-05-16 07:45 - 2014-03-04 11:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-05-16 07:45 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-05-16 07:45 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-05-16 07:45 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-05-16 07:45 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-05-16 07:45 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-05-16 07:45 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-05-16 07:45 - 2014-03-04 11:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-05-16 07:45 - 2014-03-04 11:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-05-09 22:54 - 2014-05-24 10:02 - 00000000 ____D () C:\ProgramData\Lavasoft
2014-05-09 22:54 - 2014-05-24 10:02 - 00000000 ____D () C:\Program Files (x86)\Lavasoft
2014-05-09 12:30 - 2014-05-09 12:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mp3tag
2014-05-09 12:21 - 2014-05-09 12:21 - 00001026 _____ () C:\Users\Lars\Desktop\MP3Gain.lnk
2014-05-09 11:53 - 2014-05-09 11:53 - 00001002 _____ () C:\Users\Public\Desktop\Traktor 2.lnk
2014-05-09 11:53 - 2014-05-09 11:53 - 00000000 __HDC () C:\ProgramData\{0495C70B-87F4-4A64-87B3-4FB0BA1F60D2}
2014-05-09 11:49 - 2014-05-09 11:49 - 00000000 __HDC () C:\ProgramData\{4682E4CB-7209-4099-8AA1-580ABCCCE731}
2014-05-09 11:49 - 2014-05-09 11:49 - 00000000 __HDC () C:\ProgramData\{033B4844-E9C3-45D2-88D9-34DDF3F91100}
2014-05-09 11:48 - 2014-05-09 11:48 - 00000000 __HDC () C:\ProgramData\{D2030082-F62A-402A-9456-8009276FD896}
2014-05-09 11:48 - 2014-05-09 11:48 - 00000000 __HDC () C:\ProgramData\{B3478C15-588A-4968-AD66-76AA98803A28}
2014-05-09 11:48 - 2014-05-09 11:48 - 00000000 __HDC () C:\ProgramData\{0CC85DFF-E70A-4AB0-968A-F1F98F4D0C67}
2014-05-09 11:47 - 2014-05-09 11:47 - 00000000 __HDC () C:\ProgramData\{662EAAEC-9E9A-4C69-A658-884E51E909BB}
2014-05-09 11:47 - 2014-05-09 11:47 - 00000000 __HDC () C:\ProgramData\{5EE4F9B1-7274-48A2-9C25-C287604C3058}
2014-05-09 11:46 - 2014-05-09 11:46 - 00000000 __HDC () C:\ProgramData\{EB21323D-3F46-4EF0-B849-B096B7705C69}
2014-05-09 11:46 - 2014-05-09 11:46 - 00000000 __HDC () C:\ProgramData\{9B09061B-0A4F-42DA-9987-7D3F452DCB09}
2014-05-09 11:46 - 2014-05-09 11:46 - 00000000 __HDC () C:\ProgramData\{9597097D-B8DC-4754-AF2D-CB61CCFC861A}
2014-05-09 11:46 - 2014-05-09 11:46 - 00000000 __HDC () C:\ProgramData\{219191E6-6846-4329-889D-7956C487D9A6}
2014-05-09 11:45 - 2014-05-09 11:45 - 00000000 __HDC () C:\ProgramData\{B7C85E99-2AC6-455D-B4D1-752A56403757}
2014-05-09 11:45 - 2014-05-09 11:45 - 00000000 __HDC () C:\ProgramData\{AF79C86B-2321-4D47-A168-2A24BA2B6A73}
2014-05-09 11:45 - 2014-05-09 11:45 - 00000000 __HDC () C:\ProgramData\{9F570B21-E27A-40BE-A508-292899A7D042}
2014-05-09 11:44 - 2014-05-09 11:44 - 00001094 _____ () C:\Users\Public\Desktop\Controller Editor.lnk
2014-05-09 11:44 - 2014-05-09 11:44 - 00000000 __HDC () C:\ProgramData\{BD26D777-CA21-4BDD-A581-6BCFE4F0F941}
2014-05-09 11:44 - 2014-05-09 11:44 - 00000000 __HDC () C:\ProgramData\{57B31BE2-3175-4425-9722-D2AC5F68C7BD}
2014-05-09 11:11 - 2014-05-09 11:11 - 00001069 _____ () C:\Users\Lars\Desktop\DENON DJ ASIO Driver.lnk
2014-05-09 11:11 - 2014-05-09 11:11 - 00000000 ____D () C:\Users\Lars\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DENON_DJ
2014-05-09 11:11 - 2014-05-09 11:11 - 00000000 ____D () C:\Program Files (x86)\DENON_DJ
2014-04-26 14:54 - 2014-04-26 14:54 - 00000802 _____ () C:\Users\Public\Desktop\MAGIX Media Manager 2004 silver.lnk
2014-04-26 14:54 - 2014-04-26 14:54 - 00000000 ____D () C:\Users\Lars\Documents\My MAGIX Online Druck Service Files
2014-04-26 14:54 - 2014-04-26 14:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX Online Druck Service
2014-04-26 14:54 - 2014-04-26 14:54 - 00000000 ____D () C:\Program Files (x86)\MAGIX Online Druck Service
2014-04-26 14:54 - 2014-04-26 14:54 - 00000000 _____ () C:\Windows\ringtonemaker.INI
2014-04-26 14:54 - 2004-06-01 17:20 - 00339968 _____ (PoINT Software & Systems GmbH) C:\Windows\SysWOW64\DLLAV32.dll
2014-04-26 14:54 - 2004-05-30 01:17 - 00180224 _____ (PoINT Software & Systems GmbH) C:\Windows\SysWOW64\DLLRES32.dll
2014-04-26 14:54 - 2004-05-30 01:17 - 00151552 _____ (PoINT Software & Systems GmbH) C:\Windows\SysWOW64\DLLDEV32.dll
2014-04-26 14:54 - 2004-05-30 01:17 - 00126976 _____ (PoINT Software & Systems GmbH) C:\Windows\SysWOW64\DLLDRV32.dll
2014-04-26 14:54 - 2004-05-30 01:17 - 00049152 _____ (PoINT Software & Systems GmbH) C:\Windows\SysWOW64\DLLIO32.dll
2014-04-26 14:54 - 2004-05-30 01:17 - 00036864 _____ (PoINT Software & Systems GmbH) C:\Windows\SysWOW64\DLLPNT32.dll
2014-04-26 14:54 - 2004-05-30 01:17 - 00028672 _____ (PoINT Software & Systems GmbH) C:\Windows\SysWOW64\STRING32.dll
2014-04-26 14:54 - 2004-03-11 16:49 - 00014182 _____ () C:\Windows\SysWOW64\DLLAV32.lib
2014-04-26 14:54 - 2003-04-18 16:29 - 00044544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml4a.dll
2014-04-26 14:54 - 2003-03-14 10:35 - 00040960 _____ (PoINT Software & Systems GmbH) C:\Windows\SysWOW64\DLLRD32.dll
2014-04-26 14:54 - 2003-03-14 10:33 - 00114688 _____ (PoINT Software & Systems GmbH) C:\Windows\SysWOW64\DLLCDA32.dll
2014-04-26 14:54 - 2003-03-14 10:33 - 00061440 _____ (PoINT Software & Systems GmbH) C:\Windows\SysWOW64\DLLCDF32.dll
2014-04-26 14:54 - 2003-03-14 10:33 - 00053248 _____ (PoINT Software & Systems GmbH) C:\Windows\SysWOW64\DLLPRJ32.dll
2014-04-26 14:54 - 2003-03-14 10:33 - 00045056 _____ (PoINT Software & Systems GmbH) C:\Windows\SysWOW64\DLLIMG32.dll
2014-04-26 14:54 - 2003-03-14 10:32 - 00081920 _____ (PoINT Software & Systems GmbH) C:\Windows\SysWOW64\DLLCPY32.dll
2014-04-26 14:54 - 2003-03-14 10:32 - 00065536 _____ (PoINT Software & Systems GmbH) C:\Windows\SysWOW64\DLLPTL32.dll
2014-04-26 14:54 - 2003-03-14 10:32 - 00057344 _____ (PoINT Software & Systems GmbH) C:\Windows\SysWOW64\DLLTPO32.dll
2014-04-26 14:54 - 2003-03-14 10:32 - 00049152 _____ (PoINT Software & Systems GmbH) C:\Windows\SysWOW64\DLLPRF32.dll
2014-04-26 14:54 - 2003-03-14 10:32 - 00032768 _____ (PoINT Software & Systems GmbH) C:\Windows\SysWOW64\DLLMSC32.dll
2014-04-26 14:54 - 2003-03-14 10:32 - 00032768 _____ (PoINT Software & Systems GmbH) C:\Windows\SysWOW64\DLLISO32.dll
2014-04-26 14:54 - 2003-03-14 10:32 - 00032768 _____ (PoINT Software & Systems GmbH) C:\Windows\SysWOW64\DLLDIR32.dll
2014-04-26 14:54 - 2003-03-14 10:32 - 00024576 _____ (PoINT Software & Systems GmbH) C:\Windows\SysWOW64\TTIC32.dll
2014-04-26 14:54 - 2003-03-14 10:32 - 00024576 _____ (PoINT Software & Systems GmbH) C:\Windows\SysWOW64\TTI32.dll
2014-04-26 14:54 - 2003-03-14 10:32 - 00024576 _____ (PoINT Software & Systems GmbH) C:\Windows\SysWOW64\DLLIX.dll
2014-04-26 14:52 - 2014-04-26 14:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX
2014-04-26 14:52 - 2014-04-26 14:54 - 00000000 ____D () C:\MAGIX
2014-04-26 14:52 - 2014-04-26 14:52 - 00000779 _____ () C:\Users\Public\Desktop\MAGIX ringtone maker.lnk
2014-04-26 14:52 - 2014-04-26 14:52 - 00000024 _____ () C:\Windows\magix.ini
2014-04-26 14:52 - 2014-04-26 14:52 - 00000000 ____D () C:\Windows\SysWOW64\MAGIX
2014-04-26 14:52 - 2004-09-14 14:56 - 00184320 _____ (MAGIX AG) C:\Windows\SysWOW64\mgxoschk.dll
2014-04-26 14:52 - 2004-08-13 12:33 - 00001208 _____ () C:\Windows\mgxoschk.ini
2014-04-26 14:52 - 2002-09-21 00:33 - 01089536 _____ (eHelp Corporation.) C:\Windows\SysWOW64\ROBOEX32.DLL
2014-04-26 14:52 - 1999-01-28 14:44 - 00049152 _____ (Blue Sky Software Corporation.) C:\Windows\SysWOW64\INETWH32.dll
2014-04-26 14:52 - 1998-10-15 17:28 - 00085504 _____ (Blue Sky Software Corporation.) C:\Windows\SysWOW64\HtmlWH.dll

==================== One Month Modified Files and Folders =======

2014-05-24 11:17 - 2014-05-24 11:17 - 00023568 _____ () C:\Users\Lars\Downloads\FRST.txt
2014-05-24 11:17 - 2014-05-24 11:15 - 00000000 ____D () C:\FRST
2014-05-24 11:17 - 2013-03-28 11:32 - 00000000 ____D () C:\Program Files (x86)\GfK Internet-Monitor
2014-05-24 11:17 - 2013-02-25 16:39 - 00000000 ____D () C:\Users\Lars\AppData\Roaming\Skype
2014-05-24 11:15 - 2014-05-24 11:14 - 02067456 _____ (Farbar) C:\Users\Lars\Downloads\FRST64.exe
2014-05-24 10:49 - 2013-09-21 08:41 - 00000000 ____D () C:\Users\Lars\AppData\Roaming\Mp3tag
2014-05-24 10:49 - 2013-05-11 10:10 - 00000000 ____D () C:\Users\Lars\Desktop\neue Musik
2014-05-24 10:48 - 2013-11-24 10:38 - 00000000 ____D () C:\Users\Lars\AppData\Roaming\vlc
2014-05-24 10:44 - 2013-02-09 01:54 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-24 10:31 - 2009-07-14 06:45 - 00021248 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-24 10:31 - 2009-07-14 06:45 - 00021248 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-24 10:30 - 2013-02-07 13:57 - 02007704 _____ () C:\Windows\WindowsUpdate.log
2014-05-24 10:26 - 2013-02-07 15:07 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-24 10:25 - 2010-11-21 08:50 - 00702964 _____ () C:\Windows\system32\perfh007.dat
2014-05-24 10:25 - 2010-11-21 08:50 - 00150604 _____ () C:\Windows\system32\perfc007.dat
2014-05-24 10:25 - 2009-07-14 07:13 - 01629436 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-24 10:21 - 2014-05-24 10:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-05-24 10:21 - 2013-02-07 15:07 - 00000000 ____D () C:\Program Files (x86)\Google
2014-05-24 10:19 - 2013-11-15 20:02 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-24 10:18 - 2013-03-28 11:32 - 00000000 ____D () C:\Program Files (x86)\GfKLSPService
2014-05-24 10:17 - 2014-03-01 16:48 - 00000000 ____D () C:\Users\Lars\Tracing
2014-05-24 10:16 - 2013-02-07 15:07 - 00001102 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-24 10:15 - 2014-05-24 10:15 - 00004284 _____ () C:\Windows\PFRO.log
2014-05-24 10:15 - 2014-05-24 09:57 - 00000168 _____ () C:\Windows\setupact.log
2014-05-24 10:15 - 2013-02-07 14:45 - 00000000 ____D () C:\Users\Lars
2014-05-24 10:15 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-24 10:13 - 2014-05-20 10:56 - 00000000 ____D () C:\AdwCleaner
2014-05-24 10:09 - 2013-10-01 20:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YTD Video Downloader
2014-05-24 10:02 - 2014-05-09 22:54 - 00000000 ____D () C:\ProgramData\Lavasoft
2014-05-24 10:02 - 2014-05-09 22:54 - 00000000 ____D () C:\Program Files (x86)\Lavasoft
2014-05-24 09:57 - 2014-05-24 09:57 - 00000000 _____ () C:\Windows\setuperr.log
2014-05-24 09:56 - 2014-05-20 08:48 - 00000668 _____ () C:\aaw7boot.log
2014-05-22 12:05 - 2013-08-17 21:52 - 00000000 ____D () C:\Users\Lars\Desktop\XTreme 6.1
2014-05-20 18:00 - 2014-05-20 17:59 - 00000000 ____D () C:\Program Files (x86)\winKeyLock
2014-05-20 17:59 - 2014-05-20 17:59 - 00000963 _____ () C:\Users\Lars\Desktop\winKeyLock.lnk
2014-05-20 17:59 - 2014-05-20 17:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\winKeyLock
2014-05-20 17:58 - 2014-05-20 17:58 - 00645904 _____ (winKeyLock ) C:\Users\Lars\Downloads\InstallWinKeyLock1.0.1.exe
2014-05-20 11:01 - 2013-03-09 18:46 - 00001079 _____ () C:\Users\Lars\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-05-20 11:01 - 2013-02-08 00:58 - 00001061 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-05-20 10:52 - 2014-05-20 10:52 - 00961360 _____ (Chip Digital GmbH) C:\Users\Lars\Desktop\AdwCleaner.exe
2014-05-20 09:04 - 2014-05-20 09:02 - 00000000 ____D () C:\Users\Lars\Desktop\Vertrag VF Oli Kamera
2014-05-16 09:10 - 2013-09-19 19:33 - 00000000 ____D () C:\Users\Lars\Downloads\Primeval New World
2014-05-16 09:07 - 2014-05-16 09:06 - 00000000 ____D () C:\Users\Lars\Downloads\__MACOSX
2014-05-16 09:06 - 2014-05-16 09:06 - 00000000 ____D () C:\Users\Lars\Downloads\FATSUMO_PROMO
2014-05-16 08:44 - 2013-05-14 22:44 - 17938608 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-05-16 08:44 - 2013-02-09 01:54 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-05-16 08:44 - 2013-02-09 01:54 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-05-16 08:44 - 2013-02-09 01:54 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-05-16 08:40 - 2013-12-13 10:11 - 00000000 ____D () C:\Users\Lars\AppData\Local\Amazon Cloud Player
2014-05-16 08:39 - 2013-12-13 10:11 - 00001604 _____ () C:\Windows\System32\Tasks\Amazon Music Helper
2014-05-16 08:16 - 2013-02-07 14:51 - 00000000 ___RD () C:\Users\Lars\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-16 08:16 - 2013-02-07 14:51 - 00000000 ___RD () C:\Users\Lars\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-16 08:13 - 2014-05-16 08:13 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-16 08:13 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-05-16 08:12 - 2014-05-16 08:12 - 00001783 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-05-16 08:12 - 2014-05-16 08:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-05-16 08:12 - 2014-05-16 08:11 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-05-16 08:12 - 2014-05-16 08:11 - 00000000 ____D () C:\Program Files\iTunes
2014-05-16 08:12 - 2014-05-16 08:11 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-05-16 08:11 - 2014-05-16 08:11 - 00000000 ____D () C:\Program Files\iPod
2014-05-16 07:51 - 2013-02-08 01:03 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-05-16 07:50 - 2013-09-12 17:45 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-16 07:48 - 2013-02-08 12:34 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-16 07:35 - 2013-02-14 15:59 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2014-05-11 07:36 - 2013-09-21 09:36 - 00000141 _____ () C:\Users\Lars\AppData\Roaming\WB.CFG
2014-05-09 15:21 - 2013-02-07 15:07 - 00004102 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-05-09 15:21 - 2013-02-07 15:07 - 00003850 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-05-09 12:30 - 2014-05-09 12:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mp3tag
2014-05-09 12:30 - 2013-09-21 08:41 - 00000979 _____ () C:\Users\Public\Desktop\Mp3tag.lnk
2014-05-09 12:30 - 2013-09-21 08:41 - 00000000 ____D () C:\Program Files (x86)\Mp3tag
2014-05-09 12:21 - 2014-05-09 12:21 - 00001026 _____ () C:\Users\Lars\Desktop\MP3Gain.lnk
2014-05-09 11:57 - 2013-02-14 14:13 - 00000000 ____D () C:\Users\Lars\Documents\Native Instruments
2014-05-09 11:53 - 2014-05-09 11:53 - 00001002 _____ () C:\Users\Public\Desktop\Traktor 2.lnk
2014-05-09 11:53 - 2014-05-09 11:53 - 00000000 __HDC () C:\ProgramData\{0495C70B-87F4-4A64-87B3-4FB0BA1F60D2}
2014-05-09 11:51 - 2013-02-14 12:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments
2014-05-09 11:49 - 2014-05-09 11:49 - 00000000 __HDC () C:\ProgramData\{4682E4CB-7209-4099-8AA1-580ABCCCE731}
2014-05-09 11:49 - 2014-05-09 11:49 - 00000000 __HDC () C:\ProgramData\{033B4844-E9C3-45D2-88D9-34DDF3F91100}
2014-05-09 11:49 - 2013-02-14 12:30 - 00000000 ____D () C:\Program Files\Native Instruments
2014-05-09 11:48 - 2014-05-09 11:48 - 00000000 __HDC () C:\ProgramData\{D2030082-F62A-402A-9456-8009276FD896}
2014-05-09 11:48 - 2014-05-09 11:48 - 00000000 __HDC () C:\ProgramData\{B3478C15-588A-4968-AD66-76AA98803A28}
2014-05-09 11:48 - 2014-05-09 11:48 - 00000000 __HDC () C:\ProgramData\{0CC85DFF-E70A-4AB0-968A-F1F98F4D0C67}
2014-05-09 11:47 - 2014-05-09 11:47 - 00000000 __HDC () C:\ProgramData\{662EAAEC-9E9A-4C69-A658-884E51E909BB}
2014-05-09 11:47 - 2014-05-09 11:47 - 00000000 __HDC () C:\ProgramData\{5EE4F9B1-7274-48A2-9C25-C287604C3058}
2014-05-09 11:46 - 2014-05-09 11:46 - 00000000 __HDC () C:\ProgramData\{EB21323D-3F46-4EF0-B849-B096B7705C69}
2014-05-09 11:46 - 2014-05-09 11:46 - 00000000 __HDC () C:\ProgramData\{9B09061B-0A4F-42DA-9987-7D3F452DCB09}
2014-05-09 11:46 - 2014-05-09 11:46 - 00000000 __HDC () C:\ProgramData\{9597097D-B8DC-4754-AF2D-CB61CCFC861A}
2014-05-09 11:46 - 2014-05-09 11:46 - 00000000 __HDC () C:\ProgramData\{219191E6-6846-4329-889D-7956C487D9A6}
2014-05-09 11:45 - 2014-05-09 11:45 - 00000000 __HDC () C:\ProgramData\{B7C85E99-2AC6-455D-B4D1-752A56403757}
2014-05-09 11:45 - 2014-05-09 11:45 - 00000000 __HDC () C:\ProgramData\{AF79C86B-2321-4D47-A168-2A24BA2B6A73}
2014-05-09 11:45 - 2014-05-09 11:45 - 00000000 __HDC () C:\ProgramData\{9F570B21-E27A-40BE-A508-292899A7D042}
2014-05-09 11:44 - 2014-05-09 11:44 - 00001094 _____ () C:\Users\Public\Desktop\Controller Editor.lnk
2014-05-09 11:44 - 2014-05-09 11:44 - 00000000 __HDC () C:\ProgramData\{BD26D777-CA21-4BDD-A581-6BCFE4F0F941}
2014-05-09 11:44 - 2014-05-09 11:44 - 00000000 __HDC () C:\ProgramData\{57B31BE2-3175-4425-9722-D2AC5F68C7BD}
2014-05-09 11:44 - 2013-02-14 12:30 - 00000000 ____D () C:\Program Files\Common Files\Native Instruments
2014-05-09 11:11 - 2014-05-09 11:11 - 00001069 _____ () C:\Users\Lars\Desktop\DENON DJ ASIO Driver.lnk
2014-05-09 11:11 - 2014-05-09 11:11 - 00000000 ____D () C:\Users\Lars\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DENON_DJ
2014-05-09 11:11 - 2014-05-09 11:11 - 00000000 ____D () C:\Program Files (x86)\DENON_DJ
2014-05-09 08:14 - 2014-05-16 07:46 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-09 08:11 - 2014-05-16 07:46 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-06 07:14 - 2014-05-16 07:51 - 19274752 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-06 07:14 - 2014-05-16 07:51 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-06 05:48 - 2014-05-16 07:51 - 14367232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-06 05:48 - 2014-05-16 07:51 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-06 05:37 - 2014-05-16 07:51 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-06 05:26 - 2014-05-16 07:51 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-02 23:38 - 2013-02-08 01:06 - 00000000 ____D () C:\Users\Lars\AppData\Roaming\TS3Client
2014-05-02 22:34 - 2013-05-21 01:53 - 00007607 _____ () C:\Users\Lars\AppData\Local\Resmon.ResmonCfg
2014-04-26 14:54 - 2014-04-26 14:54 - 00000802 _____ () C:\Users\Public\Desktop\MAGIX Media Manager 2004 silver.lnk
2014-04-26 14:54 - 2014-04-26 14:54 - 00000000 ____D () C:\Users\Lars\Documents\My MAGIX Online Druck Service Files
2014-04-26 14:54 - 2014-04-26 14:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX Online Druck Service
2014-04-26 14:54 - 2014-04-26 14:54 - 00000000 ____D () C:\Program Files (x86)\MAGIX Online Druck Service
2014-04-26 14:54 - 2014-04-26 14:54 - 00000000 _____ () C:\Windows\ringtonemaker.INI
2014-04-26 14:54 - 2014-04-26 14:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX
2014-04-26 14:54 - 2014-04-26 14:52 - 00000000 ____D () C:\MAGIX
2014-04-26 14:52 - 2014-04-26 14:52 - 00000779 _____ () C:\Users\Public\Desktop\MAGIX ringtone maker.lnk
2014-04-26 14:52 - 2014-04-26 14:52 - 00000024 _____ () C:\Windows\magix.ini
2014-04-26 14:52 - 2014-04-26 14:52 - 00000000 ____D () C:\Windows\SysWOW64\MAGIX

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-02-26 19:00

==================== End Of Log ============================
         
--- --- ---


Logfile von JRT:
JRT Logfile:
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Ultimate x64
Ran by Lars on 24.05.2014 at 16:12:04,69
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1005217006-152471606-131910131-1000\Software\sweetim



~~~ Files

Successfully deleted: [File] "C:\Users\Lars\appdata\locallow\microsoft\silverlight\outofbrowser\index\portal.qtrax.com"



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\ytd video downloader"
Successfully deleted: [Folder] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ytd video downloader"
Successfully deleted: [Folder] "C:\Users\Lars\music\qtrax media library"
Successfully deleted: [Empty Folder] C:\Users\Lars\appdata\local\{1099E58A-8336-4E2F-A3D3-AD113BFE6F06}
Successfully deleted: [Empty Folder] C:\Users\Lars\appdata\local\{138C42C6-0244-402C-A386-B7A032FF811D}
Successfully deleted: [Empty Folder] C:\Users\Lars\appdata\local\{2E01058F-F99F-41A7-9D49-22452CFC0F99}
Successfully deleted: [Empty Folder] C:\Users\Lars\appdata\local\{4447315A-214C-4252-A6A2-52D5ECF8FA65}
Successfully deleted: [Empty Folder] C:\Users\Lars\appdata\local\{64D643C1-DA8B-457F-9FB5-1E3DAD12733C}
Successfully deleted: [Empty Folder] C:\Users\Lars\appdata\local\{87F651C4-C306-4F8A-87D5-A018C2F88F99}
Successfully deleted: [Empty Folder] C:\Users\Lars\appdata\local\{9CF457CC-AC65-4643-B98F-AC788405EBF3}
Successfully deleted: [Empty Folder] C:\Users\Lars\appdata\local\{A02E3B5A-D0E1-4D71-B3BF-E1802E1B5BAD}
Successfully deleted: [Empty Folder] C:\Users\Lars\appdata\local\{A55B7F39-B126-411C-A6B9-9DE661C72AF5}
Successfully deleted: [Empty Folder] C:\Users\Lars\appdata\local\{AC612CF9-3287-4431-A7BC-F163FBB9D74C}
Successfully deleted: [Empty Folder] C:\Users\Lars\appdata\local\{B56B9355-9D16-483A-87AD-A3B334B7A5C3}
Successfully deleted: [Empty Folder] C:\Users\Lars\appdata\local\{BF15DFD4-61A0-4063-8EDC-9D649AD423F8}
Successfully deleted: [Empty Folder] C:\Users\Lars\appdata\local\{C9B852F4-9550-46B7-BCB2-44FBC387C0DC}
Successfully deleted: [Empty Folder] C:\Users\Lars\appdata\local\{CA5003A3-C883-416E-AA41-E03830435F73}
Successfully deleted: [Empty Folder] C:\Users\Lars\appdata\local\{F73BBEF2-78C6-4C67-8558-F369DA905753}



~~~ FireFox

Successfully deleted the following from C:\Users\Lars\AppData\Roaming\mozilla\firefox\profiles\1ipdivd3.default\prefs.js

user_pref("browser.startup.homepage", "hxxp://search.easylifeapp.com/?zy=k");
user_pref("extensions.LOHi64S1y.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"warnalert11.com\")
user_pref("extensions.N6yO5tA.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"warnalert11.com\")>-
user_pref("extensions.tQmox.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"warnalert11.com\")>-1|
user_pref("extensions.tQmox.url", "hxxp://jobfirstnet.in/sync2/?q=hfZ9ofV9CShEAen0rHC6tMqLDe49CNU0mwkMCMlNhd9FrHwGrTkGrTnHrdkMBzqUojw9rdkGqda5rTwGqSh7hfs0pihPBMn0rjrFrTw6pjU8r
Emptied folder: C:\Users\Lars\AppData\Roaming\mozilla\firefox\profiles\1ipdivd3.default\minidumps [113 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 24.05.2014 at 16:19:50,46
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
--- --- ---


habe schon einige Malware Dateien und anderes gelöscht.

Ich war etwas übereifrig und dachte ich pack das alleine, aber mit diesen Logfiles kann ich nichts anfangen..

sorry
__________________

Alt 24.05.2014, 19:39   #4
M-K-D-B
/// TB-Ausbilder
 
Unerwünschte, leere Pop-up Fenster erscheinen und Wörter sind unterstrichen und verlinkt - Standard

Unerwünschte, leere Pop-up Fenster erscheinen und Wörter sind unterstrichen und verlinkt



Was ist mit den anderen Logdateien, von denen du gesprochen hast?

Bitte auch posten...
__________________
Grüße aus Bayern
M-K-D-B

______________________________________

Das Trojaner-Board unterstützen

Alt 24.05.2014, 19:44   #5
DJSpeedy
 
Unerwünschte, leere Pop-up Fenster erscheinen und Wörter sind unterstrichen und verlinkt - Standard

Unerwünschte, leere Pop-up Fenster erscheinen und Wörter sind unterstrichen und verlinkt



ESET ist gerade noch am arbeiten... seit 3h & 15 minuten sucht der bereits.. das kann noch dauern...
ADWCleaner habe ich hier:
AdwCleaner Logfile:
Code:
ATTFilter
# AdwCleaner v3.210 - Bericht erstellt am 20/05/2014 um 11:01:22
# Aktualisiert 19/05/2014 von Xplode
# Betriebssystem : Windows 7 Ultimate Service Pack 1 (64 bits)
# Benutzername : Lars - LARS-PC
# Gestartet von : C:\Users\Lars\AppData\Local\Temp\OCS\Downloads\fc14996dfa99adfc7baae624196888c5\f8b34e3b5e6e337aa6491ee3f713f8f5\adwcleaner_3.209.exe
# Option : Löschen

***** [ Dienste ] *****

Dienst Gelöscht : EnablerService
Dienst Gelöscht : winzipersvc
Dienst Gelöscht : Wpm

***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\ProgramData\IePluginService
Ordner Gelöscht : C:\ProgramData\QuickSet
Ordner Gelöscht : C:\ProgramData\SNT
Ordner Gelöscht : C:\ProgramData\WPM
Ordner Gelöscht : C:\ProgramData\surf  and keep
Ordner Gelöscht : C:\ProgramData\YoutubeAdblocker
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZipper
Ordner Gelöscht : C:\Program Files (x86)\Addon Enabler
Ordner Gelöscht : C:\Program Files (x86)\Bench
Ordner Gelöscht : C:\Program Files (x86)\Conduit
Ordner Gelöscht : C:\Program Files (x86)\GreenTree Applications
Ordner Gelöscht : C:\Program Files (x86)\HD Streamer
Ordner Gelöscht : C:\Program Files (x86)\MyPC Backup
Ordner Gelöscht : C:\Program Files (x86)\SNT
Ordner Gelöscht : C:\Program Files (x86)\Storimbo
Ordner Gelöscht : C:\Program Files (x86)\SupTab
Ordner Gelöscht : C:\Program Files (x86)\WinZip Registry Optimizer
Ordner Gelöscht : C:\Program Files (x86)\WinZipper
Ordner Gelöscht : C:\Program Files (x86)\surf  and keep
Ordner Gelöscht : C:\Program Files (x86)\YoutubeAdblocker
Ordner Gelöscht : C:\Program Files (x86)\Common Files\Spigot
Ordner Gelöscht : C:\Program Files\Conduit
Ordner Gelöscht : C:\Users\Lars\AppData\Local\Conduit
Ordner Gelöscht : C:\Users\Lars\AppData\Local\HD Streamer
Ordner Gelöscht : C:\Users\Lars\AppData\Local\lollipop
Ordner Gelöscht : C:\Users\Lars\AppData\Local\Mobogenie
Ordner Gelöscht : C:\Users\Lars\AppData\Local\Temp\OCS
Ordner Gelöscht : C:\Users\Lars\AppData\LocalLow\Delta
Ordner Gelöscht : C:\Users\Lars\AppData\Roaming\0D0S1L2Z1P1B0T1P1B2Z
Ordner Gelöscht : C:\Users\Lars\AppData\Roaming\Babylon
Ordner Gelöscht : C:\Users\Lars\AppData\Roaming\digitalsite
Ordner Gelöscht : C:\Users\Lars\AppData\Roaming\file scout
Ordner Gelöscht : C:\Users\Lars\AppData\Roaming\OpenCandy
Ordner Gelöscht : C:\Users\Lars\AppData\Roaming\SupTab
Ordner Gelöscht : C:\Users\Lars\AppData\Roaming\Systweak
Ordner Gelöscht : C:\Users\Lars\AppData\Roaming\ValueApps
Ordner Gelöscht : C:\Users\Lars\AppData\Roaming\WinZipper
Ordner Gelöscht : C:\Users\Lars\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard
Ordner Gelöscht : C:\Users\Lars\Documents\Mobogenie
Ordner Gelöscht : C:\Users\Lars\Documents\Optimizer Pro
Ordner Gelöscht : C:\Users\Lars\AppData\Roaming\Mozilla\Firefox\Profiles\1ipdivd3.default\Extensions\quick_start@gmail.com
Datei Gelöscht : C:\Users\Lars\AppData\Roaming\Mozilla\Firefox\Profiles\1ipdivd3.default\Extensions\pricepeep@getpricepeep.com.xpi
Datei Gelöscht : C:\END
Datei Gelöscht : C:\Windows\System32\roboot64.exe
Datei Gelöscht : C:\Users\Lars\daemonprocess.txt
Datei Gelöscht : C:\Users\Lars\AppData\Roaming\LiveSupport.exe_log.txt
Datei Gelöscht : C:\Users\Lars\AppData\Roaming\regsvr32.exe_log.txt
Datei Gelöscht : C:\Users\Lars\AppData\Roaming\Mozilla\Firefox\Profiles\1ipdivd3.default\bProtector_extensions.rdf
Datei Gelöscht : C:\Users\Lars\AppData\Roaming\Mozilla\Firefox\Profiles\1ipdivd3.default\bprotector_extensions.sqlite
Datei Gelöscht : C:\Users\Lars\AppData\Roaming\Mozilla\Firefox\Profiles\1ipdivd3.default\bprotector_prefs.js
Datei Gelöscht : C:\Users\Lars\AppData\Roaming\Mozilla\Firefox\Profiles\1ipdivd3.default\invalidprefs.js
Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\avg-secure-search.xml
Datei Gelöscht : C:\Users\Lars\AppData\Roaming\Mozilla\Firefox\Profiles\1ipdivd3.default\searchplugins\Babylon.xml
Datei Gelöscht : C:\Users\Lars\AppData\Roaming\Mozilla\Firefox\Profiles\1ipdivd3.default\searchplugins\delta.xml
Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\searchplugins\delta-homes.xml
Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\searchplugins\nationzoom.xml
Datei Gelöscht : C:\Users\Lars\AppData\Roaming\Mozilla\Firefox\Profiles\1ipdivd3.default\searchplugins\Web Search.xml
Datei Gelöscht : C:\Users\Lars\AppData\Roaming\Mozilla\Firefox\Profiles\1ipdivd3.default\searchplugins\WebSearch.xml
Datei Gelöscht : C:\Users\Lars\AppData\Roaming\Mozilla\Firefox\Profiles\1ipdivd3.default\user.js
Datei Gelöscht : C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\Extensions\ep.crx
Datei Gelöscht : C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx
Datei Gelöscht : C:\Users\Lars\AppData\Local\Google\Chrome\user data\default\local storage\hxxp_pricegong.conduitapps.com_0.localstorage
Datei Gelöscht : C:\Users\Lars\AppData\Local\Google\Chrome\user data\default\local storage\hxxp_pricegong.conduitapps.com_0.localstorage-journal
Datei Gelöscht : C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_sb.scorecardresearch.com_0.localstorage
Datei Gelöscht : C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_sb.scorecardresearch.com_0.localstorage-journal
Datei Gelöscht : C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_storage.conduit.com_0.localstorage
Datei Gelöscht : C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_storage.conduit.com_0.localstorage-journal
Datei Gelöscht : C:\Windows\Tasks\bench-sys.job
Datei Gelöscht : C:\Windows\System32\Tasks\bench-sys
Datei Gelöscht : C:\Windows\System32\Tasks\BitGuard
Datei Gelöscht : C:\Windows\Tasks\DigitalSite.job
Datei Gelöscht : C:\Windows\System32\Tasks\DigitalSite

***** [ Verknüpfungen ] *****

Verknüpfung Desinfiziert : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
Verknüpfung Desinfiziert : C:\Users\Lars\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
Verknüpfung Desinfiziert : C:\Users\Lars\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk

***** [ Registrierungsdatenbank ] *****

Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{21EAF666-26B3-4a3c-ABD0-CA2F5A326744}]
Wert Gelöscht : [x64] HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{21EAF666-26B3-4a3c-ABD0-CA2F5A326744}]
Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [quick_start@gmail.com]
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\hbcennhacfaagdopikcegfcobcadeocj
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\ogfjmhfnldnajmfaofeiaepghjenbgjo
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\pfndaklgolladniicklehhancnlgocpp
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\*\shell\filescout
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\AddonsFramework.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\ButtonSite.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\NCTAudioCDGrabber2.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\ScriptHost.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PCProxy.DataContainer
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\LatestDLMgr_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\LatestDLMgr_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\speedupmypc_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\speedupmypc_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mobilegeni daemon]
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\YoutubeAdblocker.YoutubeAdblocker
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\YoutubeAdblocker.YoutubeAdblocker.1.0
Schlüssel Gelöscht : HKCU\Software\58558b8dbd6abd40
Schlüssel Gelöscht : HKLM\SOFTWARE\58558b8dbd6abd40
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CrossriderApp0038532.BHO
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CrossriderApp0038532.BHO.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CrossriderApp0038532.Sandbox
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CrossriderApp0038532.Sandbox.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{18B9B16E-716F-43DF-A6AD-512C7D2EB983}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{19975B78-1907-4DD6-A437-4C48120F46A4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{562B9316-C08A-444A-9482-62080DD851AE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{562B9317-C08A-444A-9482-62080DD851AE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{9DC8FA51-B596-4F77-802C-5B295919C205}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3E28F712-0D6C-4EE3-AC8C-8F060F5D7C33}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{533403E2-6E21-4615-9E28-43F4E97E977B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5EB0259D-AB79-4AE6-A6E6-24FFE21C3DA4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{6CE321DA-DC11-45C6-A0FC-4E8A7D978ABC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{6EEBC7FF-67DA-4B90-9251-C2C5696E4B48}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{74137531-80F7-406F-9543-7D11385FA8C8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{832599B2-55BF-4437-8F3E-030CF5AEB262}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{B1A429DB-FB06-4645-B7C0-0CC405EAD3CD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CADAF6BE-BF50-4669-8BFD-C27BD4E6181B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{DD67706E-819E-4EBD-BF8D-6D6147CC7A49}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E6062A33-016E-4BDA-A6F1-890D989F8656}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F62A4AF9-58B4-4FEC-89CC-D717A547D8E8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{65B31E28-C534-5B46-55EB-9AAB46858685}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{045F91B3-695F-423A-98C7-8DE3C47AA020}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1348BD1B-C32A-41A7-9BD4-5377AA1AB925}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2BEF239C-752E-4001-8048-F256E0D8CD93}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{395AFE6E-8308-48DB-89BE-ED5F4AA3D3EC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{43B390F0-6BA2-45CA-ABF2-5DB0CEE9B49D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{49C00A51-6E59-41FE-B3FA-2D2157FAD67B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{6DFF5DBA-AE3A-46DB-B301-ECFFC6DB2982}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{94CADA2E-1D3F-419F-8A3D-06C58EDF53C8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9E52EB8B-8DD9-4605-AD36-D352BCD482F2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A1440EC3-F0FA-407A-B811-DE6668C06D29}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B9A84AD0-5777-46FD-8B8F-1EBD06750FBC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{BBBE01ED-0F1E-44DB-88C1-5CC1AEE3B462}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C1995F88-1C7F-40D7-B0FA-6F107F6308B8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C815E3DA-0823-49B0-9270-D1771D58B317}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DE34CD67-F1C8-4001-9A23-B8A68F63F377}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E4A994B0-5550-4680-A4C6-B9470B888069}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EE95078D-518C-4FD2-8093-FD1D4E33D3CA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F9EB11AB-9384-4736-9B33-993940F88895}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E6062A33-016E-4BDA-A6F1-890D989F8656}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{65B31E28-C534-5B46-55EB-9AAB46858685}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{82E1477C-B154-48D3-9891-33D83C26BCD3}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5682CA62-1A80-40AE-82A0-B67833CE75FF}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{82E1477C-B154-48D3-9891-33D83C26BCD3}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{93DBF2BB-A2B3-4683-A92E-57E60751F346}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{E6062A33-016E-4BDA-A6F1-890D989F8656}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{65B31E28-C534-5B46-55EB-9AAB46858685}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{93DBF2BB-A2B3-4683-A92E-57E60751F346}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{E6062A33-016E-4BDA-A6F1-890D989F8656}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{65B31E28-C534-5B46-55EB-9AAB46858685}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{045F91B3-695F-423A-98C7-8DE3C47AA020}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{1348BD1B-C32A-41A7-9BD4-5377AA1AB925}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{1B97A696-5576-43AC-A73B-E1D2C78F21E8}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2BEF239C-752E-4001-8048-F256E0D8CD93}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{395AFE6E-8308-48DB-89BE-ED5F4AA3D3EC}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{43B390F0-6BA2-45CA-ABF2-5DB0CEE9B49D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{49C00A51-6E59-41FE-B3FA-2D2157FAD67B}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{6DFF5DBA-AE3A-46DB-B301-ECFFC6DB2982}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{75BF416E-4326-45B5-8A2D-AE32D05B930B}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{94CADA2E-1D3F-419F-8A3D-06C58EDF53C8}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{9E52EB8B-8DD9-4605-AD36-D352BCD482F2}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A1440EC3-F0FA-407A-B811-DE6668C06D29}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{B9A84AD0-5777-46FD-8B8F-1EBD06750FBC}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{BBBE01ED-0F1E-44DB-88C1-5CC1AEE3B462}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C1995F88-1C7F-40D7-B0FA-6F107F6308B8}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C815E3DA-0823-49B0-9270-D1771D58B317}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D54C859C-6066-4F31-8FE0-2AAEDCAE67D7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{DE34CD67-F1C8-4001-9A23-B8A68F63F377}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E4A994B0-5550-4680-A4C6-B9470B888069}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{EE95078D-518C-4FD2-8093-FD1D4E33D3CA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{F9EB11AB-9384-4736-9B33-993940F88895}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E6062A33-016E-4BDA-A6F1-890D989F8656}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{65B31E28-C534-5B46-55EB-9AAB46858685}
Wert Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{93DBF2BB-A2B3-4683-A92E-57E60751F346}
Daten Wiederhergestellt : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command
Schlüssel Gelöscht : HKCU\Software\BabSolution
Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\DataMngr
[#] Schlüssel Gelöscht : HKCU\Software\DataMngr_Toolbar
Schlüssel Gelöscht : HKCU\Software\Delta
Schlüssel Gelöscht : HKCU\Software\dsiteproducts
Schlüssel Gelöscht : HKCU\Software\filescout
Schlüssel Gelöscht : HKCU\Software\IGearSettings
Schlüssel Gelöscht : HKCU\Software\Iminent
Schlüssel Gelöscht : HKCU\Software\InstallCore
Schlüssel Gelöscht : HKCU\Software\installedbrowserextensions
Schlüssel Gelöscht : HKCU\Software\InstalledThirdPartyPrograms
Schlüssel Gelöscht : HKCU\Software\LiveSupport
Schlüssel Gelöscht : HKCU\Software\lollipop
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\RegisteredApplicationsEx
Schlüssel Gelöscht : HKCU\Software\SmartBar
Schlüssel Gelöscht : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKCU\Software\AppDataLow\SProtector
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Crossrider
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Feven 1.5
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Search Settings
Schlüssel Gelöscht : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Schlüssel Gelöscht : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Schlüssel Gelöscht : HKLM\Software\Babylon
Schlüssel Gelöscht : HKLM\Software\Bench
Schlüssel Gelöscht : HKLM\Software\DataMngr
Schlüssel Gelöscht : HKLM\Software\Delta
Schlüssel Gelöscht : HKLM\Software\delta-homesSoftware
Schlüssel Gelöscht : HKLM\Software\Feven 1.5
Schlüssel Gelöscht : HKLM\Software\hdcode
Schlüssel Gelöscht : HKLM\Software\Iminent
Schlüssel Gelöscht : HKLM\Software\nationzoomSoftware
Schlüssel Gelöscht : HKLM\Software\SP Global
Schlüssel Gelöscht : HKLM\Software\SProtector
Schlüssel Gelöscht : HKLM\Software\SupTab
Schlüssel Gelöscht : HKLM\Software\supWPM
Schlüssel Gelöscht : HKLM\Software\systweak
Schlüssel Gelöscht : HKLM\Software\Uniblue
Schlüssel Gelöscht : HKLM\Software\V9
Schlüssel Gelöscht : HKLM\Software\winzipersvc
Schlüssel Gelöscht : HKLM\Software\Wpm
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\DigitalSite
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4820778D-AB0D-6D18-C316-52A6A0E1D507}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\HD Streamer
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\winzipper
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\DivX\Install\Setup\WizardLayout\ConduitToolbar
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\HD Streamer
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\InstalledThirdPartyPrograms
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1
Daten Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~2\websea~1\psupport.dll

***** [ Browser ] *****

-\\ Internet Explorer v0.0.0.0

Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Search Bar]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [SearchAssistant]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [Default]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]

-\\ Mozilla Firefox v25.0.1 (de)

[ Datei : C:\Users\Lars\AppData\Roaming\Mozilla\Firefox\Profiles\1ipdivd3.default\prefs.js ]

Zeile gelöscht : user_pref("browser.search.defaultenginename", "delta-homes");
Zeile gelöscht : user_pref("browser.search.defaultenginename,S", "WebSearch");
Zeile gelöscht : user_pref("browser.search.defaulturl", "hxxp://websearch.searchsunmy.info/?pid=377&r=2013/12/25&hid=1764838136908533383&lg=EN&cc=DE&unqvl=45&l=1&q=");
Zeile gelöscht : user_pref("browser.search.order.1", "WebSearch");
Zeile gelöscht : user_pref("browser.search.order.1,S", "WebSearch");
Zeile gelöscht : user_pref("browser.search.selectedEngine,S", "WebSearch");
Zeile gelöscht : user_pref("extensions.crossrider.bic", "13f624d4447e0b1cdd658fca7c4587f0");
Zeile gelöscht : user_pref("extensions.delta.admin", false);
Zeile gelöscht : user_pref("extensions.delta.aflt", "babsst");
Zeile gelöscht : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
Zeile gelöscht : user_pref("extensions.delta.autoRvrt", "false");
Zeile gelöscht : user_pref("extensions.delta.dfltLng", "de");
Zeile gelöscht : user_pref("extensions.delta.excTlbr", false);
Zeile gelöscht : user_pref("extensions.delta.ffxUnstlRst", true);
Zeile gelöscht : user_pref("extensions.delta.id", "3ced9fa1000000000000c860009e0b08");
Zeile gelöscht : user_pref("extensions.delta.instlDay", "15969");
Zeile gelöscht : user_pref("extensions.delta.instlRef", "sst");
Zeile gelöscht : user_pref("extensions.delta.newTab", false);
Zeile gelöscht : user_pref("extensions.delta.prdct", "delta");
Zeile gelöscht : user_pref("extensions.delta.prtnrId", "delta");
Zeile gelöscht : user_pref("extensions.delta.rvrt", "false");
Zeile gelöscht : user_pref("extensions.delta.smplGrp", "none");
Zeile gelöscht : user_pref("extensions.delta.tlbrId", "base");
Zeile gelöscht : user_pref("extensions.delta.tlbrSrchUrl", "");
Zeile gelöscht : user_pref("extensions.delta.vrsn", "1.8.24.6");
Zeile gelöscht : user_pref("extensions.delta.vrsnTs", "1.8.24.68:37:02");
Zeile gelöscht : user_pref("extensions.delta.vrsni", "1.8.24.6");
Zeile gelöscht : user_pref("extensions.delta_i.babExt", "");
Zeile gelöscht : user_pref("extensions.delta_i.babTrack", "affID=119357&tsp=5012");
Zeile gelöscht : user_pref("extensions.delta_i.srcExt", "ss");
Zeile gelöscht : user_pref("extensions.ffxtlbr@delta.com.install-event-fired", true);
Zeile gelöscht : user_pref("extensions.helperbar.Country", "Germany");
Zeile gelöscht : user_pref("extensions.helperbar.DockingPositionDown", false);
Zeile gelöscht : user_pref("extensions.helperbar.LastHiddenTime", 22711266);
Zeile gelöscht : user_pref("extensions.helperbar.SmartbarDisabled", true);
Zeile gelöscht : user_pref("extensions.helperbar.SmartbarStateMinimaized", false);
Zeile gelöscht : user_pref("extensions.helperbar.UserID", "ff6c8ad7-ec72-41dd-99ce-51a4390124a3");
Zeile gelöscht : user_pref("extensions.helperbar.Visibility", true);
Zeile gelöscht : user_pref("extensions.webbooster@iminent.com.install-event-fired", true);
Zeile gelöscht : user_pref("iminent.webbooster.scripts.minibar.ROOTEXTENSION", "chrome://iminentwebbooster/content/minibar");
Zeile gelöscht : user_pref("iminent.webbooster.scripts.minibar.Services.BHPCode", "01");
Zeile gelöscht : user_pref("iminent.webbooster.scripts.minibar.Services.DefaultEvent", "000");
Zeile gelöscht : user_pref("iminent.webbooster.scripts.minibar.Services.DefaultWebSite", "000");
Zeile gelöscht : user_pref("iminent.webbooster.scripts.minibar.Services.IminentClientCode", "11");
Zeile gelöscht : user_pref("iminent.webbooster.scripts.minibar.Services.SmartFavCode", "02");
Zeile gelöscht : user_pref("iminent.webbooster.scripts.minibar.ShowThankyouPixel", "0");
Zeile gelöscht : user_pref("iminent.webbooster.scripts.minibar.registerToolbarEvent134", "1371498496367");

-\\ Google Chrome v34.0.1847.137

[ Datei : C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Gelöscht [Search Provider] : hxxp://websearch.searchsunmy.info/?l=1&q={searchTerms}&pid=377&r=2013/12/25&hid=1764838136908533383&lg=EN&cc=DE&unqvl=45
Gelöscht [Search Provider] : hxxp://search.delta-homes.com/web/?utm_source=b&utm_medium=wpm0226&utm_campaign=installer&utm_content=ds&from=wpm0226&uid=ST1000DM005XHD103SJ_S246J9EC419309&ts=1393433864&type=default&q={searchTerms}
Gelöscht [Search Provider] : hxxp://search.delta-homes.com/web/?utm_source=b&utm_medium=wpm0226&utm_campaign=installer&utm_content=ds&from=wpm0226&uid=ST1000DM005XHD103SJ_S246J9EC419309&ts=1393433864&type=default&q={searchTerms}
Gelöscht [Search Provider] : hxxp://search.delta-homes.com/web/?utm_source=b&utm_medium=wpm0226&utm_campaign=installer&utm_content=ds&from=wpm0226&uid=ST1000DM005XHD103SJ_S246J9EC419309&ts=1393433864&type=default&q={searchTerms}
Gelöscht [Search Provider] : hxxp://search.delta-homes.com/web/?utm_source=b&utm_medium=wpm0226&utm_campaign=installer&utm_content=ds&from=wpm0226&uid=ST1000DM005XHD103SJ_S246J9EC419309&ts=1393433864&type=default&q={searchTerms}
Gelöscht [Startup_urls] : hxxp://www.delta-homes.com/?utm_source=b&utm_medium=wpm0226&utm_campaign=installer&utm_content=hp&from=wpm0226&uid=ST1000DM005XHD103SJ_S246J9EC419309&ts=1393433864
Gelöscht [Homepage] : hxxp://websearch.searchsunmy.info/?pid=377&r=2013/12/25&hid=1764838136908533383&lg=EN&cc=DE&unqvl=45
Gelöscht [Extension] : hbcennhacfaagdopikcegfcobcadeocj
Gelöscht [Extension] : icdlfehblmklkikfigmjhbmmpmkmpooj
Gelöscht [Extension] : ifohbjbgfchkkfhphahclmkpgejiplfo
Gelöscht [Extension] : mhkaekfpcppmmioggniknbnbdbcigpkk
Gelöscht [Extension] : ogfjmhfnldnajmfaofeiaepghjenbgjo
Gelöscht [Extension] : pfndaklgolladniicklehhancnlgocpp

*************************

AdwCleaner[R0].txt - [44992 octets] - [20/05/2014 10:56:35]
AdwCleaner[S0].txt - [40497 octets] - [20/05/2014 11:01:22]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [40558 octets] ##########
         
--- --- ---


Malwarebyte finde ich gerade nicht... ich glaube sogar, dass ich vergessen habe die Logfile zu speichern. kann den test gerne nochmal iwederholen

das waren alle die ich bisher genutzt habe...
bin erst seit 15 Uhr dran

kannst du mir die nächsten schritte erklären?

ESET braucht wohl noch paar minuten... 72% hat er


Alt 24.05.2014, 19:54   #6
M-K-D-B
/// TB-Ausbilder
 
Unerwünschte, leere Pop-up Fenster erscheinen und Wörter sind unterstrichen und verlinkt - Standard

Unerwünschte, leere Pop-up Fenster erscheinen und Wörter sind unterstrichen und verlinkt



Zitat:
Zitat von DJSpeedy Beitrag anzeigen
ESET braucht wohl noch paar minuten... 72% hat er
Wieso hast du überhaupt ein Thema aufgemacht, wenn du sowieso alles alleine machst?
Anscheinend bist du Experte und weißt was zu tun ist... oder du führst einfach mal blind alle Tools aus, von denen du was "gehört" hast, in der Hoffnung, dein Problem würde sich in Luft auflösen...
__________________
--> Unerwünschte, leere Pop-up Fenster erscheinen und Wörter sind unterstrichen und verlinkt

Alt 24.05.2014, 20:38   #7
DJSpeedy
 
Unerwünschte, leere Pop-up Fenster erscheinen und Wörter sind unterstrichen und verlinkt - Standard

Unerwünschte, leere Pop-up Fenster erscheinen und Wörter sind unterstrichen und verlinkt



also Experte würde ich nicht sagen, ich kenne mich ziemlich gut aus und suche halt die "Herausforderung"
leider komme ich an manchen Stellen auch nicht weiter und suche mir die Hilfe bei "Google"
viele user hatten höchstwahrscheinlich mal dasselbe Problem wie ich und wussten nicht weiter.
google hat mich zu 2 Threads bei euch geführt. ich habe mir beide gründlich durchgelesen und gesehen, dass ihr den beiden geholfen habt mit genau diesen programmen die ich nun genutzt habe...
ich kann nur nichts mit diesen logfiles anfangen... was sagen die mir? wie erkenne ich was richtig und was falsch ist?

daher habe ich heute diesen Thread erstellt

ich gebe zu ich bin manchmal ziemlich schnell, aber ich muss dazu sagen... ich habe mir jede Beschreibung der Programme durchgelesen und wusste somit was ich mache.
ist ja auch jetzt egal... ich hoffe du kannst mir helfen...

ich hoffe ich habe kein Schaden angerichtet... zumindest läuft der PC noch und einige Datein sind bereits durch die Programme gelöscht...

nun mache ich nichts wieter...

bitte sag mir was ich nun machen soll.

mein Motto ist: "Learning by Doing"
scheinbar war das hier ein "Fehlgriff"

Logfile Combofix:
Code:
ATTFilter
Combofix Logfile:
Code:
ATTFilter
ComboFix 14-05-19.01 - Lars 24.05.2014  19:53:19.2.4 - x64
Microsoft Windows 7 eXtreme™ Draconis Edition   6.1.7601.1.1252.49.1031.18.16366.12546 [GMT 2:00]
ausgeführt von:: c:\users\Lars\Desktop\Adware Tools\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((   Dateien erstellt von 2014-04-24 bis 2014-05-24  ))))))))))))))))))))))))))))))
.
.
2014-05-24 18:06 . 2014-05-24 18:06	--------	d-----w-	c:\users\Default\AppData\Local\temp
2014-05-24 17:37 . 2014-05-24 17:37	75888	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{D3BCA59A-BCD3-403D-A469-30487799B309}\offreg.dll
2014-05-24 14:22 . 2014-05-24 14:22	--------	d-----w-	c:\program files (x86)\ESET
2014-05-24 14:12 . 2014-05-24 14:12	--------	d-----w-	c:\windows\ERUNT
2014-05-24 14:04 . 2014-05-24 14:04	--------	dc-h--w-	c:\programdata\{FA277A43-401F-4EAE-9068-FCDF88DB3EA9}
2014-05-24 13:58 . 2014-05-24 13:58	--------	dc-h--w-	c:\programdata\{0495C70B-87F4-4A64-87B3-4FB0BA1F60D2}
2014-05-24 13:56 . 2014-05-24 13:56	--------	d-----w-	c:\program files (x86)\Common Files\Native Instruments
2014-05-24 13:42 . 2014-05-24 16:05	122584	----a-w-	c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-05-24 13:42 . 2014-05-24 13:42	--------	d-----w-	c:\program files (x86)\ Malwarebytes Anti-Malware 
2014-05-24 13:42 . 2014-05-24 13:42	--------	d-----w-	c:\programdata\Malwarebytes
2014-05-24 13:42 . 2014-05-12 05:26	63704	----a-w-	c:\windows\system32\drivers\mwac.sys
2014-05-24 13:42 . 2014-05-12 05:26	91352	----a-w-	c:\windows\system32\drivers\mbamchameleon.sys
2014-05-24 13:42 . 2014-05-12 05:25	25816	----a-w-	c:\windows\system32\drivers\mbam.sys
2014-05-24 09:17 . 2014-05-24 09:47	--------	d-----w-	c:\program files (x86)\GfK-ProxyService
2014-05-24 09:15 . 2014-05-24 09:18	--------	d-----w-	C:\FRST
2014-05-24 08:30 . 2014-05-02 17:19	1031560	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{775EAD4B-7940-4863-9871-766ACF85B082}\gapaengine.dll
2014-05-24 08:29 . 2014-04-30 23:20	10702536	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{D3BCA59A-BCD3-403D-A469-30487799B309}\mpengine.dll
2014-05-22 09:30 . 2014-04-30 23:20	10702536	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-05-20 15:59 . 2014-05-20 16:00	--------	d-----w-	c:\program files (x86)\winKeyLock
2014-05-20 08:57 . 2010-08-30 06:34	536576	----a-w-	c:\windows\SysWow64\sqlite3.dll
2014-05-20 08:56 . 2014-05-24 17:48	--------	d-----w-	C:\AdwCleaner
2014-05-16 06:13 . 2014-05-16 06:13	--------	d-s---w-	c:\windows\system32\CompatTel
2014-05-16 06:11 . 2014-05-16 06:11	--------	d-----w-	c:\program files\iPod
2014-05-16 06:11 . 2014-05-16 06:12	--------	d-----w-	c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-05-16 06:11 . 2014-05-16 06:12	--------	d-----w-	c:\program files\iTunes
2014-05-16 06:11 . 2014-05-16 06:12	--------	d-----w-	c:\program files (x86)\iTunes
2014-05-16 05:51 . 2014-05-06 05:14	97280	----a-w-	c:\windows\system32\mshtmled.dll
2014-05-16 05:51 . 2014-05-06 05:14	19274752	----a-w-	c:\windows\system32\mshtml.dll
2014-05-16 05:51 . 2014-05-06 03:37	2706432	----a-w-	c:\windows\system32\mshtml.tlb
2014-05-16 05:51 . 2014-05-06 03:26	2706432	----a-w-	c:\windows\SysWow64\mshtml.tlb
2014-05-16 05:46 . 2014-03-25 02:43	14175744	----a-w-	c:\windows\system32\shell32.dll
2014-05-16 05:46 . 2014-05-09 06:14	477184	----a-w-	c:\windows\system32\aepdu.dll
2014-05-16 05:46 . 2014-05-09 06:11	424448	----a-w-	c:\windows\system32\aeinv.dll
2014-05-09 20:54 . 2014-05-24 08:02	--------	d-----w-	c:\programdata\Lavasoft
2014-05-09 20:54 . 2014-05-24 08:02	--------	d-----w-	c:\program files (x86)\Lavasoft
2014-05-09 09:49 . 2014-05-09 09:49	--------	dc-h--w-	c:\programdata\{033B4844-E9C3-45D2-88D9-34DDF3F91100}
2014-05-09 09:49 . 2014-05-09 09:49	--------	dc-h--w-	c:\programdata\{4682E4CB-7209-4099-8AA1-580ABCCCE731}
2014-05-09 09:48 . 2014-05-09 09:48	--------	dc-h--w-	c:\programdata\{D2030082-F62A-402A-9456-8009276FD896}
2014-05-09 09:48 . 2014-05-09 09:48	--------	dc-h--w-	c:\programdata\{B3478C15-588A-4968-AD66-76AA98803A28}
2014-05-09 09:48 . 2014-05-09 09:48	--------	dc-h--w-	c:\programdata\{0CC85DFF-E70A-4AB0-968A-F1F98F4D0C67}
2014-05-09 09:47 . 2014-05-09 09:47	--------	dc-h--w-	c:\programdata\{662EAAEC-9E9A-4C69-A658-884E51E909BB}
2014-05-09 09:47 . 2014-05-09 09:47	--------	dc-h--w-	c:\programdata\{5EE4F9B1-7274-48A2-9C25-C287604C3058}
2014-05-09 09:46 . 2014-05-09 09:46	--------	dc-h--w-	c:\programdata\{219191E6-6846-4329-889D-7956C487D9A6}
2014-05-09 09:46 . 2014-05-09 09:46	--------	dc-h--w-	c:\programdata\{9B09061B-0A4F-42DA-9987-7D3F452DCB09}
2014-05-09 09:46 . 2014-05-09 09:46	--------	dc-h--w-	c:\programdata\{9597097D-B8DC-4754-AF2D-CB61CCFC861A}
2014-05-09 09:46 . 2014-05-09 09:46	--------	dc-h--w-	c:\programdata\{EB21323D-3F46-4EF0-B849-B096B7705C69}
2014-05-09 09:45 . 2014-05-09 09:45	--------	dc-h--w-	c:\programdata\{9F570B21-E27A-40BE-A508-292899A7D042}
2014-05-09 09:45 . 2014-05-09 09:45	--------	dc-h--w-	c:\programdata\{AF79C86B-2321-4D47-A168-2A24BA2B6A73}
2014-05-09 09:45 . 2014-05-09 09:45	--------	dc-h--w-	c:\programdata\{B7C85E99-2AC6-455D-B4D1-752A56403757}
2014-05-09 09:44 . 2014-05-09 09:44	--------	dc-h--w-	c:\programdata\{57B31BE2-3175-4425-9722-D2AC5F68C7BD}
2014-05-09 09:11 . 2014-05-09 09:11	--------	d-----w-	c:\program files (x86)\DENON_DJ
2014-05-08 11:21 . 2014-05-08 11:21	188272	----a-w-	c:\program files (x86)\Mozilla Firefox\plugins\nppdf32.dll
2014-04-26 12:52 . 2014-04-26 12:52	--------	d-----w-	c:\windows\SysWow64\MAGIX
2014-04-26 12:52 . 2014-04-26 12:54	--------	d-----w-	C:\MAGIX
2014-04-26 12:52 . 2002-09-20 22:33	1089536	----a-w-	c:\windows\SysWow64\ROBOEX32.DLL
2014-04-26 12:52 . 1999-01-28 12:44	49152	----a-w-	c:\windows\SysWow64\INETWH32.dll
2014-04-26 12:52 . 1998-10-15 15:28	85504	----a-w-	c:\windows\SysWow64\HtmlWH.dll
2014-04-26 12:52 . 2004-09-14 12:56	184320	----a-w-	c:\windows\SysWow64\mgxoschk.dll
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-05-16 06:44 . 2013-02-08 23:54	70832	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-05-16 06:44 . 2013-02-08 23:54	692400	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2014-05-16 06:44 . 2013-05-14 20:44	17938608	----a-w-	c:\windows\SysWow64\FlashPlayerInstaller.exe
2014-05-16 05:48 . 2013-02-08 10:34	93223848	----a-w-	c:\windows\system32\MRT.exe
2014-05-02 17:19 . 2013-03-12 08:53	1031560	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2014-03-31 20:46 . 2014-03-31 20:46	130712	----a-w-	c:\windows\SysWow64\MSSTDFMT.DLL
2014-03-31 20:46 . 2014-03-31 20:46	1070232	----a-w-	c:\windows\SysWow64\MSCOMCTL.OCX
2014-03-31 19:41 . 2014-03-31 19:41	58568	----a-w-	c:\windows\SysWow64\sirenacm.dll
2014-03-31 19:34 . 2014-03-31 19:34	322248	----a-w-	c:\windows\WLXPGSS.SCR
2014-03-20 17:14 . 2014-03-20 17:14	61112	----a-w-	c:\windows\system32\drivers\wStLib64.sys
2014-03-13 06:33 . 2014-04-08 23:02	51712	----a-w-	c:\windows\system32\ie4uinit.exe
2014-03-13 06:33 . 2014-04-08 23:02	2238976	----a-w-	c:\windows\system32\wininet.dll
2014-03-13 06:33 . 2014-04-08 23:02	1365504	----a-w-	c:\windows\system32\urlmon.dll
2014-03-13 06:32 . 2014-04-08 23:02	197120	----a-w-	c:\windows\system32\msrating.dll
2014-03-13 06:32 . 2014-04-08 23:02	603136	----a-w-	c:\windows\system32\msfeeds.dll
2014-03-13 06:32 . 2014-04-08 23:02	53760	----a-w-	c:\windows\system32\jsproxy.dll
2014-03-13 06:32 . 2014-04-08 23:02	855552	----a-w-	c:\windows\system32\jscript.dll
2014-03-13 06:32 . 2014-04-08 23:02	3959808	----a-w-	c:\windows\system32\jscript9.dll
2014-03-13 06:31 . 2014-04-08 23:02	526336	----a-w-	c:\windows\system32\ieui.dll
2014-03-13 06:31 . 2014-04-08 23:02	67072	----a-w-	c:\windows\system32\iesetup.dll
2014-03-13 06:31 . 2014-04-08 23:02	15404544	----a-w-	c:\windows\system32\ieframe.dll
2014-03-13 06:31 . 2014-04-08 23:02	2648576	----a-w-	c:\windows\system32\iertutil.dll
2014-03-13 06:31 . 2014-04-08 23:02	39936	----a-w-	c:\windows\system32\iernonce.dll
2014-03-13 06:31 . 2014-04-08 23:02	136704	----a-w-	c:\windows\system32\iesysprep.dll
2014-03-13 05:10 . 2014-04-08 23:02	1766400	----a-w-	c:\windows\SysWow64\wininet.dll
2014-03-13 05:09 . 2014-04-08 23:02	2877952	----a-w-	c:\windows\SysWow64\jscript9.dll
2014-03-13 05:09 . 2014-04-08 23:02	61440	----a-w-	c:\windows\SysWow64\iesetup.dll
2014-03-13 05:09 . 2014-04-08 23:02	109056	----a-w-	c:\windows\SysWow64\iesysprep.dll
2014-03-11 07:52 . 2012-08-30 21:03	133928	----a-w-	c:\windows\system32\drivers\NisDrvWFP.sys
2014-03-04 09:44 . 2014-04-08 23:02	243712	----a-w-	c:\windows\system32\wow64.dll
2014-03-04 09:44 . 2014-04-08 23:02	362496	----a-w-	c:\windows\system32\wow64win.dll
2014-03-04 09:44 . 2014-04-08 23:02	13312	----a-w-	c:\windows\system32\wow64cpu.dll
2014-03-04 09:44 . 2014-04-08 23:02	16384	----a-w-	c:\windows\system32\ntvdm64.dll
2014-03-04 09:44 . 2014-04-08 23:02	1163264	----a-w-	c:\windows\system32\kernel32.dll
2014-03-04 09:17 . 2014-04-08 23:02	14336	----a-w-	c:\windows\SysWow64\ntvdm64.dll
2014-03-04 09:17 . 2014-04-08 23:02	44032	----a-w-	c:\windows\apppatch\acwow64.dll
2014-03-04 09:16 . 2014-04-08 23:02	25600	----a-w-	c:\windows\SysWow64\setup16.exe
2014-03-04 09:16 . 2014-04-08 23:02	5120	----a-w-	c:\windows\SysWow64\wow32.dll
2014-03-04 08:09 . 2014-04-08 23:02	7680	----a-w-	c:\windows\SysWow64\instnm.exe
2014-03-04 08:09 . 2014-04-08 23:02	2048	----a-w-	c:\windows\SysWow64\user.exe
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2014-04-18 22:01	223432	----a-w-	c:\users\Lars\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2014-04-18 22:01	223432	----a-w-	c:\users\Lars\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2014-04-18 22:01	223432	----a-w-	c:\users\Lars\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Auslogics BoostSpeed 4"="c:\program files (x86)\Auslogics\Auslogics BoostSpeed\boostspeed.exe" [2009-03-16 362096]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files (x86)\Common Files\Nero\Lib\NMBgMonitor.exe" [2007-10-23 202024]
"iCloudServices"="c:\program files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" [2013-11-20 59720]
"ApplePhotoStreams"="c:\program files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe" [2013-11-20 59720]
"Amazon Cloud Player"="c:\users\Lars\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe" [2014-05-08 3145536]
"Remote Mouse"="c:\program files (x86)\Remote Mouse\RemoteMouse.exe" [2014-03-30 1200640]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2014-02-10 20922016]
"GfK-Proxy-Service"="c:\program files (x86)\GfK-ProxyService\GfK-ProxyWatchdog.exe" [2014-02-20 21480]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2012-02-09 5015040]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-01-26 336384]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2014-02-12 43848]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"hpqSRMon"="c:\program files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-07-22 150528]
"PWRISOVM.EXE"="c:\program files (x86)\PowerISO\PWRISOVM.EXE" [2009-03-15 180224]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2014-01-17 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2014-05-14 152392]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"GfK-Proxy-Service"="c:\program files (x86)\GfK-ProxyService\GfK-ProxyWatchdog.exe" [2014-02-20 21480]
.
c:\users\Lars\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Fences.lnk - c:\program files (x86)\Stardock\Fences\Fences.exe /startup [2012-10-29 4017368]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-9-20 270336]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 0 (0x0)
"EnableInstallerDetection"= 0 (0x0)
.
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer3"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute	REG_MULTI_SZ   	autoche
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 CM1063264;C-Media CM106 Like Sound UDAX Interface;c:\windows\system32\drivers\CM10664.sys;c:\windows\SYSNATIVE\drivers\CM10664.sys [x]
R3 cpuz136;cpuz136;c:\windows\TEMP\cpuz136\cpuz136_x64.sys;c:\windows\TEMP\cpuz136\cpuz136_x64.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 MSICDSetup;MSICDSetup;d:\cdriver64.sys;d:\CDriver64.sys [x]
R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl64.sys;c:\windows\SYSNATIVE\DRIVERS\netaapl64.sys [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft-Netzwerkinspektion;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 optousb;OPTO ELECTRONICS optousb;c:\windows\system32\DRIVERS\optousb.sys;c:\windows\SYSNATIVE\DRIVERS\optousb.sys [x]
R3 optovcm;OPTO ELECTRONICS optovcm;c:\windows\system32\DRIVERS\optovcm.sys;c:\windows\SYSNATIVE\DRIVERS\optovcm.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys;c:\windows\SYSNATIVE\drivers\terminpt.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys;c:\program files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys [x]
S1 wStLib64;wStLib64;c:\windows\system32\drivers\wStLib64.sys;c:\windows\SYSNATIVE\drivers\wStLib64.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [x]
S2 AMD Reservation Manager;AMD Reservation Manager;c:\program files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe;c:\program files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe [x]
S2 GfK-Proxy-Service;GfK-Proxy-Service;c:\program files (x86)\GfK-ProxyService\GfK-ProxyService.exe;c:\program files (x86)\GfK-ProxyService\GfK-ProxyService.exe [x]
S2 GfK-Reporting-Service;GfK-Reporting-Service;c:\program files (x86)\GfK Internet-Monitor\GfK-Reporting.exe;c:\program files (x86)\GfK Internet-Monitor\GfK-Reporting.exe [x]
S2 GfK-Update-Service;GfK-Update-Service;c:\program files (x86)\GfK Internet-Monitor\GfK-Updater.exe;c:\program files (x86)\GfK Internet-Monitor\GfK-Updater.exe [x]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [x]
S2 MBAMService;MBAMService;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [x]
S2 NIHardwareService;NIHardwareService;c:\program files\Common Files\Native Instruments\Hardware\NIHardwareService.exe;c:\program files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [x]
S2 RzKLService;RzKLService;c:\program files (x86)\Razer\Razer Game Booster\RzKLService.exe;c:\program files (x86)\Razer\Razer Game Booster\RzKLService.exe [x]
S2 TeamViewer9;TeamViewer 9;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [x]
S2 VIAKaraokeService;VIA Karaoke digital mixer Service;c:\windows\system32\viakaraokesrv.exe;c:\windows\SYSNATIVE\viakaraokesrv.exe [x]
S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys;c:\windows\SYSNATIVE\DRIVERS\amdiox64.sys [x]
S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys;c:\windows\SYSNATIVE\DRIVERS\asmthub3.sys [x]
S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys;c:\windows\SYSNATIVE\DRIVERS\asmtxhci.sys [x]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys;c:\windows\SYSNATIVE\drivers\LGBusEnum.sys [x]
S3 LGPBTDD;LGPBTDD.sys Display Driver;c:\windows\system32\Drivers\LGPBTDD.sys;c:\windows\SYSNATIVE\Drivers\LGPBTDD.sys [x]
S3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys;c:\windows\SYSNATIVE\drivers\LGVirHid.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
S3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys;c:\windows\SYSNATIVE\drivers\viahduaa.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - MBAMSWISSARMY
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt	REG_MULTI_SZ   	hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-05-24 08:21	1091912	----a-w-	c:\program files (x86)\Google\Chrome\Application\35.0.1916.114\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2014-05-24 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-02-08 06:44]
.
2014-05-24 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-02-07 13:07]
.
2014-05-24 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-02-07 13:07]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2014-04-18 22:01	262344	----a-w-	c:\users\Lars\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2014-04-18 22:01	262344	----a-w-	c:\users\Lars\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2014-04-18 22:01	262344	----a-w-	c:\users\Lars\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2014-03-11 1271072]
"Launch LgDeviceAgent"="c:\program files\Logitech\GamePanel Software\LgDevAgt.exe" [2010-08-03 415816]
"Launch LCDMon"="c:\program files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe" [2010-08-03 2412616]
"Launch LGDCore"="c:\program files\Logitech\GamePanel Software\G-series Software\LGDCore.exe" [2010-08-03 4725320]
"CmPCIaudio"="c:\windows\Syswow64\cmicnfg3.cpl" [2007-04-12 6103040]
"Fences"="c:\program files (x86)\Stardock\Fences\Fences.exe" [2012-10-29 4017368]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\SharedTaskScheduler]
"{1984DD45-52CF-49cd-AB77-18F378FEA264}"= "c:\program files (x86)\Stardock\Fences\FencesMenu64.dll" [2012-10-29 551640]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mStart Page = hxxp://www.google.com
mDefault_Page_URL = hxxp://www.google.com
uInternet Settings,ProxyOverride = *.local
uInternet Settings,ProxyServer = http=127.0.0.1:7777
uSearchAssistant = hxxp://www.google.com
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~3\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.2.1
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-1005217006-152471606-131910131-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-1005217006-152471606-131910131-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (S-1-5-21-1005217006-152471606-131910131-1000)
@Denied: (2) (LocalSystem)
"Progid"="Outlook.File.vcf"
.
[HKEY_USERS\S-1-5-21-1005217006-152471606-131910131-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-1005217006-152471606-131910131-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (S-1-5-21-1005217006-152471606-131910131-1000)
@Denied: (2) (LocalSystem)
"Progid"="Outlook.File.vcf"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_13_0_0_214_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_13_0_0_214_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_13_0_0_214_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_13_0_0_214_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.13"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2014-05-24  20:28:41
ComboFix-quarantined-files.txt  2014-05-24 18:28
ComboFix2.txt  2014-05-24 10:54
.
Vor Suchlauf: 19 Verzeichnis(se), 66.226.339.840 Bytes frei
Nach Suchlauf: 20 Verzeichnis(se), 66.432.475.136 Bytes frei
.
- - End Of File - - 6B2379D45FA27D2141603F5FF0E0F8E9
         
--- --- --- A36C5E4F47E84449FF07ED3517B43A31
Logfile ESET:
Code:
ATTFilter
C:\AdwCleaner\Quarantine\C\Program Files (x86)\YoutubeAdblocker\UqR.dll.vir	Variante von Win32/AdWare.MultiPlug.N Anwendung
C:\AdwCleaner\Quarantine\C\Program Files (x86)\YoutubeAdblocker\UqR.x64.dll.vir	Variante von Win64/Adware.MultiPlug.A Anwendung
C:\AdwCleaner\Quarantine\C\ProgramData\YoutubeAdblocker\viPX.exe.vir	Variante von Win32/AdWare.MultiPlug.K.gen Anwendung
C:\Program Files (x86)\Vtools\Windows Cleaner\WindowsCleaner.exe	Variante von Win32/AdWare.PCErrorFix.A Anwendung
C:\Users\Lars\AppData\Roaming\Apple Computer\MobileSync\Backup\0ab4a4c543c7fae001fed414d82909d2e9baf9d7\7320d23c4d2ec60d8a0fd27569fb11d3d9ebab4d	Variante von Win32/Injector.AZOS Trojaner
C:\Windows\System32\dfrg\upd.exe	Win32/HafoCoin.AE Trojaner
C:\Windows\SysWOW64\dfrg\upd.exe	Win32/HafoCoin.AE Trojaner
         

Alt 25.05.2014, 13:43   #8
M-K-D-B
/// TB-Ausbilder
 
Unerwünschte, leere Pop-up Fenster erscheinen und Wörter sind unterstrichen und verlinkt - Standard

Unerwünschte, leere Pop-up Fenster erscheinen und Wörter sind unterstrichen und verlinkt



FRST neu ausführen, dann sehen wir weiter:

  • Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Scan.
  • FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
  • Poste mir beide Logdateien mit deiner nächsten Antwort.
__________________
Grüße aus Bayern
M-K-D-B

______________________________________

Das Trojaner-Board unterstützen

Alt 26.05.2014, 18:05   #9
DJSpeedy
 
Unerwünschte, leere Pop-up Fenster erscheinen und Wörter sind unterstrichen und verlinkt - Standard

Unerwünschte, leere Pop-up Fenster erscheinen und Wörter sind unterstrichen und verlinkt



FRST.txt


FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-05-2014 02
Ran by Lars (administrator) on LARS-PC on 26-05-2014 18:00:09
Running from C:\Users\Lars\Desktop\Adware Tools
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices) C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\GfK-ProxyService\GfK-ProxyService.exe
() C:\Program Files (x86)\GfK Internet-Monitor\GfK-Reporting.exe
() C:\Program Files (x86)\GfK Internet-Monitor\GfK-Updater.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Logitech Inc.) C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe
(Logitech Inc.) C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe
(Auslogics) C:\Program Files (x86)\Auslogics\Auslogics BoostSpeed\BoostSpeed.exe
(Nero AG) C:\Program Files (x86)\Common Files\Nero\Lib\NMBgMonitor.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
() C:\Users\Lars\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
(RemoteMouse.net) C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
() C:\Program Files (x86)\GfK-ProxyService\GfK-ProxyWatchdog.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Nero AG) C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
(PowerISO Computing, Inc.) C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Nero AG) C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe
(Nero AG) C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(GfK) C:\Program Files (x86)\GfK Internet-Monitor\Chrome Extension\GfK-Chrome-Helper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation)
HKLM\...\Run: [Launch LgDeviceAgent] => C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe [415816 2010-08-03] (Logitech Inc.)
HKLM\...\Run: [Launch LCDMon] => C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe [2412616 2010-08-03] (Logitech Inc.)
HKLM\...\Run: [Launch LGDCore] => C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe [4725320 2010-08-03] (Logitech Inc.)
HKLM\...\Run: [CmPCIaudio] => C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\cmicnfg3.cpl,CMICtrlWnd
HKLM\...\Run: [Fences] => C:\Program Files (x86)\Stardock\Fences\Fences.exe [4017368 2012-10-29] (Stardock Corporation)
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5015040 2012-02-09] (VIA)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-01-26] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54840 2007-05-08] (Hewlett-Packard)
HKLM-x32\...\Run: [hpqSRMon] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard)
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [180224 2009-03-15] (PowerISO Computing, Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-05-14] (Apple Inc.)
HKU\.DEFAULT\...\Run: [GfK-Proxy-Service] => C:\Program Files (x86)\GfK-ProxyService\GfK-ProxyWatchdog.exe [21480 2014-02-20] ()
HKU\.DEFAULT\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\.DEFAULT\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1
HKU\.DEFAULT\...\Policies\Explorer: [NoResolveSearch] 1
HKU\.DEFAULT\...\Policies\Explorer: [NoInternetOpenWith] 1
HKU\S-1-5-21-1005217006-152471606-131910131-1000\...\Run: [Auslogics BoostSpeed 4] => C:\Program Files (x86)\Auslogics\Auslogics BoostSpeed\boostspeed.exe [362096 2009-03-16] (Auslogics)
HKU\S-1-5-21-1005217006-152471606-131910131-1000\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files (x86)\Common Files\Nero\Lib\NMBgMonitor.exe [202024 2007-10-23] (Nero AG)
HKU\S-1-5-21-1005217006-152471606-131910131-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-1005217006-152471606-131910131-1000\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-1005217006-152471606-131910131-1000\...\Run: [Amazon Cloud Player] => C:\Users\Lars\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe [3145536 2014-05-08] ()
HKU\S-1-5-21-1005217006-152471606-131910131-1000\...\Run: [Remote Mouse] => C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe [1200640 2014-03-30] (RemoteMouse.net)
HKU\S-1-5-21-1005217006-152471606-131910131-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20922016 2014-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-1005217006-152471606-131910131-1000\...\Run: [GfK-Proxy-Service] => C:\Program Files (x86)\GfK-ProxyService\GfK-ProxyWatchdog.exe [21480 2014-02-20] ()
HKU\S-1-5-21-1005217006-152471606-131910131-1000\...\Policies\Explorer: [NoInternetOpenWith] 1
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\Users\Lars\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Fences.lnk
ShortcutTarget: Fences.lnk -> C:\Program Files (x86)\Stardock\Fences\Fences.exe (Stardock Corporation)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: http=127.0.0.1:7777
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - {758B870D-DF78-4A6A-9955-DEDDCACF94DC} URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
SearchScopes: HKCU - {41F23684-D0B3-4D6C-AC19-5D82E79E82CD} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=744028&p={searchTerms}
SearchScopes: HKCU - {758B870D-DF78-4A6A-9955-DEDDCACF94DC} URL = 
BHO: GfK Internet-Monitor - {4BEEA052-726D-4A6E-B65D-A6BD07C263F3} - C:\Program Files (x86)\GfK Internet-Monitor\x64\Gacela2.dll (GfK)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: GfK Internet-Monitor - {4BEEA052-726D-4A6E-B65D-A6BD07C263F3} - C:\Program Files (x86)\GfK Internet-Monitor\Gacela2.dll (GfK)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Lars\AppData\Roaming\Mozilla\Firefox\Profiles\1ipdivd3.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @java.com/DTPlugin,version=10.13.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.13.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.1 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.4 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll No File
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @phonostar.de/phonostar-Player - C:\Program Files (x86)\phonostar-Player\npphonostarDetectNP.dll No File
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: HD Streamer - C:\Users\Lars\AppData\Roaming\Mozilla\Firefox\Profiles\1ipdivd3.default\Extensions\hd_streamer@iMedia [2014-05-24]
FF Extension: LastPass - C:\Users\Lars\AppData\Roaming\Mozilla\Firefox\Profiles\1ipdivd3.default\Extensions\support@lastpass.com [2013-04-26]
FF Extension: Flashblock - C:\Users\Lars\AppData\Roaming\Mozilla\Firefox\Profiles\1ipdivd3.default\Extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a} [2013-11-16]
FF Extension: Personas Plus - C:\Users\Lars\AppData\Roaming\Mozilla\Firefox\Profiles\1ipdivd3.default\Extensions\personas@christopher.beard.xpi [2013-02-08]
FF Extension: Address Bar Search - C:\Users\Lars\AppData\Roaming\Mozilla\Firefox\Profiles\1ipdivd3.default\Extensions\{badea1ae-72ed-4f6a-8c37-4db9a4ac7bc9}.xpi [2013-10-25]
FF Extension: Adblock Plus - C:\Users\Lars\AppData\Roaming\Mozilla\Firefox\Profiles\1ipdivd3.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-10-26]
FF Extension: Download Statusbar - C:\Users\Lars\AppData\Roaming\Mozilla\Firefox\Profiles\1ipdivd3.default\Extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}.xpi [2013-02-08]
FF Extension: Tab Mix Plus - C:\Users\Lars\AppData\Roaming\Mozilla\Firefox\Profiles\1ipdivd3.default\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2013-09-21]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013-02-25]
FF HKLM-x32\...\Firefox\Extensions: [gacela2@nurago.com] - C:\Program Files (x86)\GfK Internet-Monitor
FF Extension: GfK Internet-Monitor - C:\Program Files (x86)\GfK Internet-Monitor [2013-03-28]
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013-02-25]

Chrome: 
=======
CHR HomePage: hxxp://websearch.searchsunmy.info/?pid=377&r=2013/12/25&hid=1764838136908533383&lg=EN&cc=DE&unqvl=45
CHR StartupUrls: "", "hxxp://www.delta-homes.com/?utm_source=b&utm_medium=wpm0226&utm_campaign=installer&utm_content=hp&from=wpm0226&uid=ST1000DM005XHD103SJ_S246J9EC419309&ts=1393433864"
CHR Extension: (GfK Internet-Monitor) - C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekfcceehmjiicgpkeblpbcpglgdklklh [2014-05-08]
CHR Extension: (AdBlock) - C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-12-13]
CHR Extension: (Google Wallet) - C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-02]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [354304 2011-01-26] (Advanced Micro Devices, Inc.)
R2 AMD Reservation Manager; C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe [194496 2010-06-17] (Advanced Micro Devices)
R2 GfK-Proxy-Service; C:\Program Files (x86)\GfK-ProxyService\GfK-ProxyService.exe [45544 2014-02-20] ()
R2 GfK-Reporting-Service; C:\Program Files (x86)\GfK Internet-Monitor\GfK-Reporting.exe [3293672 2014-02-20] ()
R2 GfK-Update-Service; C:\Program Files (x86)\GfK Internet-Monitor\GfK-Updater.exe [1356264 2014-02-20] ()
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation)
R2 Nero BackItUp Scheduler 3; C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe [853288 2007-09-20] (Nero AG)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation)
R3 NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [382248 2007-10-23] (Nero AG)
R2 RzKLService; C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe [105448 2014-02-25] (Razer Inc.)
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27760 2011-11-11] (VIA Technologies, Inc.)

==================== Drivers (Whitelisted) ====================

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-23] ()
S3 CM1063264; C:\Windows\System32\drivers\CM10664.sys [984064 2007-04-13] (C-Media Inc)
R3 cmuda3; C:\Windows\System32\drivers\cmudax3.sys [828416 2007-04-12] (C-Media Inc)
R3 LGPBTDD; C:\Windows\System32\Drivers\LGPBTDD.sys [30728 2009-07-01] (Logitech Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-05-26] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-17] ()
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)
R1 wStLib64; C:\Windows\System32\drivers\wStLib64.sys [61112 2014-03-20] (StdLib)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [X]
S3 MSICDSetup; \??\D:\CDriver64.sys [X]
U4 SR; 
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 WinRing0_1_2_0; \??\C:\Program Files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-25 03:58 - 2014-05-25 03:58 - 163006996 _____ () C:\Users\Lars\Downloads\INTP2268w.rar
2014-05-24 23:41 - 2014-05-24 23:41 - 00349160 _____ () C:\Users\Lars\Downloads\MediaPlayerClassic.exe
2014-05-24 19:16 - 2014-05-26 18:00 - 00000000 ____D () C:\Users\Lars\Desktop\Adware Tools
2014-05-24 16:12 - 2014-05-24 16:12 - 00000000 ____D () C:\Windows\ERUNT
2014-05-24 16:04 - 2014-05-24 16:04 - 00001094 _____ () C:\Users\Public\Desktop\Controller Editor.lnk
2014-05-24 16:04 - 2014-05-24 16:04 - 00000000 __HDC () C:\ProgramData\{FA277A43-401F-4EAE-9068-FCDF88DB3EA9}
2014-05-24 15:58 - 2014-05-24 15:58 - 00001002 _____ () C:\Users\Public\Desktop\Traktor 2.lnk
2014-05-24 15:58 - 2014-05-24 15:58 - 00000000 __HDC () C:\ProgramData\{0495C70B-87F4-4A64-87B3-4FB0BA1F60D2}
2014-05-24 15:52 - 2014-05-24 17:23 - 00133962 _____ () C:\Windows\DPINST.LOG
2014-05-24 15:42 - 2014-05-26 17:55 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-24 15:42 - 2014-05-24 15:42 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-05-24 15:42 - 2014-05-24 15:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-05-24 15:42 - 2014-05-24 15:42 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-24 15:42 - 2014-05-24 15:42 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-05-24 15:42 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-24 15:42 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-24 15:42 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-24 11:54 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-05-24 11:54 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-05-24 11:54 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-05-24 11:54 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-05-24 11:54 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-05-24 11:54 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-05-24 11:54 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-05-24 11:54 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-05-24 11:51 - 2014-05-24 20:30 - 00000000 ____D () C:\Qoobox
2014-05-24 11:51 - 2014-05-24 12:52 - 00000000 ____D () C:\Windows\erdnt
2014-05-24 11:17 - 2014-05-24 11:47 - 00000000 ____D () C:\Program Files (x86)\GfK-ProxyService
2014-05-24 11:15 - 2014-05-26 18:00 - 00000000 ____D () C:\FRST
2014-05-24 10:21 - 2014-05-24 10:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-05-24 10:15 - 2014-05-24 23:07 - 00007754 _____ () C:\Windows\PFRO.log
2014-05-24 09:57 - 2014-05-26 17:52 - 00001568 _____ () C:\Windows\setupact.log
2014-05-24 09:57 - 2014-05-24 09:57 - 00000000 _____ () C:\Windows\setuperr.log
2014-05-20 17:59 - 2014-05-20 18:00 - 00000000 ____D () C:\Program Files (x86)\winKeyLock
2014-05-20 17:59 - 2014-05-20 17:59 - 00000963 _____ () C:\Users\Lars\Desktop\winKeyLock.lnk
2014-05-20 17:59 - 2014-05-20 17:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\winKeyLock
2014-05-20 17:58 - 2014-05-20 17:58 - 00645904 _____ (winKeyLock ) C:\Users\Lars\Downloads\InstallWinKeyLock1.0.1.exe
2014-05-20 10:57 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-05-20 10:56 - 2014-05-24 19:48 - 00000000 ____D () C:\AdwCleaner
2014-05-20 10:52 - 2014-05-20 10:52 - 00961360 _____ (Chip Digital GmbH) C:\Users\Lars\Desktop\AdwCleaner.exe
2014-05-20 09:02 - 2014-05-20 09:04 - 00000000 ____D () C:\Users\Lars\Desktop\Vertrag VF Oli Kamera
2014-05-20 08:48 - 2014-05-24 09:56 - 00000668 _____ () C:\aaw7boot.log
2014-05-16 08:13 - 2014-05-16 08:13 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-16 08:12 - 2014-05-16 08:12 - 00001783 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-05-16 08:12 - 2014-05-16 08:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-05-16 08:11 - 2014-05-16 08:12 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-05-16 08:11 - 2014-05-16 08:12 - 00000000 ____D () C:\Program Files\iTunes
2014-05-16 08:11 - 2014-05-16 08:12 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-05-16 08:11 - 2014-05-16 08:11 - 00000000 ____D () C:\Program Files\iPod
2014-05-16 07:51 - 2014-05-06 07:14 - 19274752 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-16 07:51 - 2014-05-06 07:14 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-16 07:51 - 2014-05-06 05:48 - 14367232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-16 07:51 - 2014-05-06 05:48 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-16 07:51 - 2014-05-06 05:37 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-16 07:51 - 2014-05-06 05:26 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-16 07:46 - 2014-05-09 08:14 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-16 07:46 - 2014-05-09 08:11 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-16 07:46 - 2014-03-25 04:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-16 07:46 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-05-16 07:45 - 2014-04-12 04:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-05-16 07:45 - 2014-04-12 04:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-05-16 07:45 - 2014-04-12 04:19 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-05-16 07:45 - 2014-04-12 04:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-05-16 07:45 - 2014-04-12 04:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-05-16 07:45 - 2014-04-12 04:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-05-16 07:45 - 2014-04-12 04:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-05-16 07:45 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-05-16 07:45 - 2014-04-12 04:10 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-05-16 07:45 - 2014-03-04 11:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-05-16 07:45 - 2014-03-04 11:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-05-16 07:45 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-05-16 07:45 - 2014-03-04 11:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-05-16 07:45 - 2014-03-04 11:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-05-16 07:45 - 2014-03-04 11:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-05-16 07:45 - 2014-03-04 11:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-05-16 07:45 - 2014-03-04 11:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-05-16 07:45 - 2014-03-04 11:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-05-16 07:45 - 2014-03-04 11:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-05-16 07:45 - 2014-03-04 11:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-05-16 07:45 - 2014-03-04 11:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-05-16 07:45 - 2014-03-04 11:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-05-16 07:45 - 2014-03-04 11:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-05-16 07:45 - 2014-03-04 11:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-05-16 07:45 - 2014-03-04 11:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-05-16 07:45 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-05-16 07:45 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-05-16 07:45 - 2014-03-04 11:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-05-16 07:45 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-05-16 07:45 - 2014-03-04 11:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-05-16 07:45 - 2014-03-04 11:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-05-16 07:45 - 2014-03-04 11:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-05-16 07:45 - 2014-03-04 11:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-05-16 07:45 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-05-16 07:45 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-05-16 07:45 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-05-16 07:45 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-05-16 07:45 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-05-16 07:45 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-05-16 07:45 - 2014-03-04 11:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-05-16 07:45 - 2014-03-04 11:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-05-09 22:54 - 2014-05-24 10:02 - 00000000 ____D () C:\ProgramData\Lavasoft
2014-05-09 22:54 - 2014-05-24 10:02 - 00000000 ____D () C:\Program Files (x86)\Lavasoft
2014-05-09 12:30 - 2014-05-09 12:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mp3tag
2014-05-09 12:21 - 2014-05-09 12:21 - 00001026 _____ () C:\Users\Lars\Desktop\MP3Gain.lnk
2014-05-09 11:49 - 2014-05-09 11:49 - 00000000 __HDC () C:\ProgramData\{4682E4CB-7209-4099-8AA1-580ABCCCE731}
2014-05-09 11:49 - 2014-05-09 11:49 - 00000000 __HDC () C:\ProgramData\{033B4844-E9C3-45D2-88D9-34DDF3F91100}
2014-05-09 11:48 - 2014-05-09 11:48 - 00000000 __HDC () C:\ProgramData\{D2030082-F62A-402A-9456-8009276FD896}
2014-05-09 11:48 - 2014-05-09 11:48 - 00000000 __HDC () C:\ProgramData\{B3478C15-588A-4968-AD66-76AA98803A28}
2014-05-09 11:48 - 2014-05-09 11:48 - 00000000 __HDC () C:\ProgramData\{0CC85DFF-E70A-4AB0-968A-F1F98F4D0C67}
2014-05-09 11:47 - 2014-05-09 11:47 - 00000000 __HDC () C:\ProgramData\{662EAAEC-9E9A-4C69-A658-884E51E909BB}
2014-05-09 11:47 - 2014-05-09 11:47 - 00000000 __HDC () C:\ProgramData\{5EE4F9B1-7274-48A2-9C25-C287604C3058}
2014-05-09 11:46 - 2014-05-09 11:46 - 00000000 __HDC () C:\ProgramData\{EB21323D-3F46-4EF0-B849-B096B7705C69}
2014-05-09 11:46 - 2014-05-09 11:46 - 00000000 __HDC () C:\ProgramData\{9B09061B-0A4F-42DA-9987-7D3F452DCB09}
2014-05-09 11:46 - 2014-05-09 11:46 - 00000000 __HDC () C:\ProgramData\{9597097D-B8DC-4754-AF2D-CB61CCFC861A}
2014-05-09 11:46 - 2014-05-09 11:46 - 00000000 __HDC () C:\ProgramData\{219191E6-6846-4329-889D-7956C487D9A6}
2014-05-09 11:45 - 2014-05-09 11:45 - 00000000 __HDC () C:\ProgramData\{B7C85E99-2AC6-455D-B4D1-752A56403757}
2014-05-09 11:45 - 2014-05-09 11:45 - 00000000 __HDC () C:\ProgramData\{AF79C86B-2321-4D47-A168-2A24BA2B6A73}
2014-05-09 11:45 - 2014-05-09 11:45 - 00000000 __HDC () C:\ProgramData\{9F570B21-E27A-40BE-A508-292899A7D042}
2014-05-09 11:44 - 2014-05-09 11:44 - 00000000 __HDC () C:\ProgramData\{57B31BE2-3175-4425-9722-D2AC5F68C7BD}
2014-05-09 11:11 - 2014-05-24 17:23 - 00001069 _____ () C:\Users\Lars\Desktop\DENON DJ ASIO Driver.lnk
2014-05-09 11:11 - 2014-05-09 11:11 - 00000000 ____D () C:\Users\Lars\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DENON_DJ
2014-05-09 11:11 - 2014-05-09 11:11 - 00000000 ____D () C:\Program Files (x86)\DENON_DJ
2014-04-26 14:54 - 2014-04-26 14:54 - 00000802 _____ () C:\Users\Public\Desktop\MAGIX Media Manager 2004 silver.lnk
2014-04-26 14:54 - 2014-04-26 14:54 - 00000000 ____D () C:\Users\Lars\Documents\My MAGIX Online Druck Service Files
2014-04-26 14:54 - 2014-04-26 14:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX Online Druck Service
2014-04-26 14:54 - 2014-04-26 14:54 - 00000000 ____D () C:\Program Files (x86)\MAGIX Online Druck Service
2014-04-26 14:54 - 2014-04-26 14:54 - 00000000 _____ () C:\Windows\ringtonemaker.INI
2014-04-26 14:54 - 2004-06-01 17:20 - 00339968 _____ (PoINT Software & Systems GmbH) C:\Windows\SysWOW64\DLLAV32.dll
2014-04-26 14:54 - 2004-05-30 01:17 - 00180224 _____ (PoINT Software & Systems GmbH) C:\Windows\SysWOW64\DLLRES32.dll
2014-04-26 14:54 - 2004-05-30 01:17 - 00151552 _____ (PoINT Software & Systems GmbH) C:\Windows\SysWOW64\DLLDEV32.dll
2014-04-26 14:54 - 2004-05-30 01:17 - 00126976 _____ (PoINT Software & Systems GmbH) C:\Windows\SysWOW64\DLLDRV32.dll
2014-04-26 14:54 - 2004-05-30 01:17 - 00049152 _____ (PoINT Software & Systems GmbH) C:\Windows\SysWOW64\DLLIO32.dll
2014-04-26 14:54 - 2004-05-30 01:17 - 00036864 _____ (PoINT Software & Systems GmbH) C:\Windows\SysWOW64\DLLPNT32.dll
2014-04-26 14:54 - 2004-05-30 01:17 - 00028672 _____ (PoINT Software & Systems GmbH) C:\Windows\SysWOW64\STRING32.dll
2014-04-26 14:54 - 2004-03-11 16:49 - 00014182 _____ () C:\Windows\SysWOW64\DLLAV32.lib
2014-04-26 14:54 - 2003-04-18 16:29 - 00044544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml4a.dll
2014-04-26 14:54 - 2003-03-14 10:35 - 00040960 _____ (PoINT Software & Systems GmbH) C:\Windows\SysWOW64\DLLRD32.dll
2014-04-26 14:54 - 2003-03-14 10:33 - 00114688 _____ (PoINT Software & Systems GmbH) C:\Windows\SysWOW64\DLLCDA32.dll
2014-04-26 14:54 - 2003-03-14 10:33 - 00061440 _____ (PoINT Software & Systems GmbH) C:\Windows\SysWOW64\DLLCDF32.dll
2014-04-26 14:54 - 2003-03-14 10:33 - 00053248 _____ (PoINT Software & Systems GmbH) C:\Windows\SysWOW64\DLLPRJ32.dll
2014-04-26 14:54 - 2003-03-14 10:33 - 00045056 _____ (PoINT Software & Systems GmbH) C:\Windows\SysWOW64\DLLIMG32.dll
2014-04-26 14:54 - 2003-03-14 10:32 - 00081920 _____ (PoINT Software & Systems GmbH) C:\Windows\SysWOW64\DLLCPY32.dll
2014-04-26 14:54 - 2003-03-14 10:32 - 00065536 _____ (PoINT Software & Systems GmbH) C:\Windows\SysWOW64\DLLPTL32.dll
2014-04-26 14:54 - 2003-03-14 10:32 - 00057344 _____ (PoINT Software & Systems GmbH) C:\Windows\SysWOW64\DLLTPO32.dll
2014-04-26 14:54 - 2003-03-14 10:32 - 00049152 _____ (PoINT Software & Systems GmbH) C:\Windows\SysWOW64\DLLPRF32.dll
2014-04-26 14:54 - 2003-03-14 10:32 - 00032768 _____ (PoINT Software & Systems GmbH) C:\Windows\SysWOW64\DLLMSC32.dll
2014-04-26 14:54 - 2003-03-14 10:32 - 00032768 _____ (PoINT Software & Systems GmbH) C:\Windows\SysWOW64\DLLISO32.dll
2014-04-26 14:54 - 2003-03-14 10:32 - 00032768 _____ (PoINT Software & Systems GmbH) C:\Windows\SysWOW64\DLLDIR32.dll
2014-04-26 14:54 - 2003-03-14 10:32 - 00024576 _____ (PoINT Software & Systems GmbH) C:\Windows\SysWOW64\TTIC32.dll
2014-04-26 14:54 - 2003-03-14 10:32 - 00024576 _____ (PoINT Software & Systems GmbH) C:\Windows\SysWOW64\TTI32.dll
2014-04-26 14:54 - 2003-03-14 10:32 - 00024576 _____ (PoINT Software & Systems GmbH) C:\Windows\SysWOW64\DLLIX.dll
2014-04-26 14:52 - 2014-04-26 14:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX
2014-04-26 14:52 - 2014-04-26 14:54 - 00000000 ____D () C:\MAGIX
2014-04-26 14:52 - 2014-04-26 14:52 - 00000779 _____ () C:\Users\Public\Desktop\MAGIX ringtone maker.lnk
2014-04-26 14:52 - 2014-04-26 14:52 - 00000024 _____ () C:\Windows\magix.ini
2014-04-26 14:52 - 2014-04-26 14:52 - 00000000 ____D () C:\Windows\SysWOW64\MAGIX
2014-04-26 14:52 - 2004-09-14 14:56 - 00184320 _____ (MAGIX AG) C:\Windows\SysWOW64\mgxoschk.dll
2014-04-26 14:52 - 2004-08-13 12:33 - 00001208 _____ () C:\Windows\mgxoschk.ini
2014-04-26 14:52 - 2002-09-21 00:33 - 01089536 _____ (eHelp Corporation.) C:\Windows\SysWOW64\ROBOEX32.DLL
2014-04-26 14:52 - 1999-01-28 14:44 - 00049152 _____ (Blue Sky Software Corporation.) C:\Windows\SysWOW64\INETWH32.dll
2014-04-26 14:52 - 1998-10-15 17:28 - 00085504 _____ (Blue Sky Software Corporation.) C:\Windows\SysWOW64\HtmlWH.dll

==================== One Month Modified Files and Folders =======

2014-05-26 18:00 - 2014-05-24 19:16 - 00000000 ____D () C:\Users\Lars\Desktop\Adware Tools
2014-05-26 18:00 - 2014-05-24 11:15 - 00000000 ____D () C:\FRST
2014-05-26 17:57 - 2013-02-07 13:57 - 02071593 _____ () C:\Windows\WindowsUpdate.log
2014-05-26 17:55 - 2014-05-24 15:42 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-26 17:54 - 2013-03-28 11:32 - 00000000 ____D () C:\Program Files (x86)\GfK Internet-Monitor
2014-05-26 17:54 - 2013-02-25 16:39 - 00000000 ____D () C:\Users\Lars\AppData\Roaming\Skype
2014-05-26 17:52 - 2014-05-24 09:57 - 00001568 _____ () C:\Windows\setupact.log
2014-05-26 17:52 - 2013-02-07 15:07 - 00001102 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-26 17:52 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-25 12:59 - 2014-02-08 11:55 - 00000000 ____D () C:\Users\Lars\AppData\Roaming\.purple
2014-05-25 12:44 - 2013-02-09 01:54 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-25 12:26 - 2013-02-07 15:07 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-25 10:29 - 2013-09-19 19:33 - 00000000 ____D () C:\Users\Lars\Downloads\Primeval New World
2014-05-25 10:10 - 2013-09-21 08:41 - 00000000 ____D () C:\Users\Lars\AppData\Roaming\Mp3tag
2014-05-25 10:10 - 2013-05-11 10:10 - 00000000 ____D () C:\Users\Lars\Desktop\neue Musik
2014-05-25 10:08 - 2013-11-24 10:38 - 00000000 ____D () C:\Users\Lars\AppData\Roaming\vlc
2014-05-25 06:30 - 2013-08-17 21:52 - 00000000 ____D () C:\Users\Lars\Desktop\XTreme 6.1
2014-05-25 03:58 - 2014-05-25 03:58 - 163006996 _____ () C:\Users\Lars\Downloads\INTP2268w.rar
2014-05-24 23:41 - 2014-05-24 23:41 - 00349160 _____ () C:\Users\Lars\Downloads\MediaPlayerClassic.exe
2014-05-24 23:16 - 2009-07-14 06:45 - 00021248 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-24 23:16 - 2009-07-14 06:45 - 00021248 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-24 23:07 - 2014-05-24 10:15 - 00007754 _____ () C:\Windows\PFRO.log
2014-05-24 20:30 - 2014-05-24 11:51 - 00000000 ____D () C:\Qoobox
2014-05-24 20:07 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-05-24 19:48 - 2014-05-20 10:56 - 00000000 ____D () C:\AdwCleaner
2014-05-24 19:33 - 2013-06-17 21:35 - 00000000 ____D () C:\Users\Lars\AppData\Roaming\uTorrent
2014-05-24 17:23 - 2014-05-24 15:52 - 00133962 _____ () C:\Windows\DPINST.LOG
2014-05-24 17:23 - 2014-05-09 11:11 - 00001069 _____ () C:\Users\Lars\Desktop\DENON DJ ASIO Driver.lnk
2014-05-24 16:12 - 2014-05-24 16:12 - 00000000 ____D () C:\Windows\ERUNT
2014-05-24 16:04 - 2014-05-24 16:04 - 00001094 _____ () C:\Users\Public\Desktop\Controller Editor.lnk
2014-05-24 16:04 - 2014-05-24 16:04 - 00000000 __HDC () C:\ProgramData\{FA277A43-401F-4EAE-9068-FCDF88DB3EA9}
2014-05-24 16:03 - 2013-02-14 12:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments
2014-05-24 16:03 - 2013-02-14 12:30 - 00000000 ____D () C:\Program Files\Native Instruments
2014-05-24 16:03 - 2013-02-14 12:30 - 00000000 ____D () C:\Program Files\Common Files\Native Instruments
2014-05-24 15:58 - 2014-05-24 15:58 - 00001002 _____ () C:\Users\Public\Desktop\Traktor 2.lnk
2014-05-24 15:58 - 2014-05-24 15:58 - 00000000 __HDC () C:\ProgramData\{0495C70B-87F4-4A64-87B3-4FB0BA1F60D2}
2014-05-24 15:42 - 2014-05-24 15:42 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-05-24 15:42 - 2014-05-24 15:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-05-24 15:42 - 2014-05-24 15:42 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-24 15:42 - 2014-05-24 15:42 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-05-24 12:52 - 2014-05-24 11:51 - 00000000 ____D () C:\Windows\erdnt
2014-05-24 11:47 - 2014-05-24 11:17 - 00000000 ____D () C:\Program Files (x86)\GfK-ProxyService
2014-05-24 10:25 - 2010-11-21 08:50 - 00702964 _____ () C:\Windows\system32\perfh007.dat
2014-05-24 10:25 - 2010-11-21 08:50 - 00150604 _____ () C:\Windows\system32\perfc007.dat
2014-05-24 10:25 - 2009-07-14 07:13 - 01629436 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-24 10:21 - 2014-05-24 10:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-05-24 10:21 - 2013-02-07 15:07 - 00000000 ____D () C:\Program Files (x86)\Google
2014-05-24 10:19 - 2013-11-15 20:02 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-24 10:17 - 2014-03-01 16:48 - 00000000 ____D () C:\Users\Lars\Tracing
2014-05-24 10:15 - 2013-02-07 14:45 - 00000000 ____D () C:\Users\Lars
2014-05-24 10:02 - 2014-05-09 22:54 - 00000000 ____D () C:\ProgramData\Lavasoft
2014-05-24 10:02 - 2014-05-09 22:54 - 00000000 ____D () C:\Program Files (x86)\Lavasoft
2014-05-24 09:57 - 2014-05-24 09:57 - 00000000 _____ () C:\Windows\setuperr.log
2014-05-24 09:56 - 2014-05-20 08:48 - 00000668 _____ () C:\aaw7boot.log
2014-05-20 18:00 - 2014-05-20 17:59 - 00000000 ____D () C:\Program Files (x86)\winKeyLock
2014-05-20 17:59 - 2014-05-20 17:59 - 00000963 _____ () C:\Users\Lars\Desktop\winKeyLock.lnk
2014-05-20 17:59 - 2014-05-20 17:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\winKeyLock
2014-05-20 17:58 - 2014-05-20 17:58 - 00645904 _____ (winKeyLock ) C:\Users\Lars\Downloads\InstallWinKeyLock1.0.1.exe
2014-05-20 11:01 - 2013-03-09 18:46 - 00001079 _____ () C:\Users\Lars\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-05-20 11:01 - 2013-02-08 00:58 - 00001061 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-05-20 10:52 - 2014-05-20 10:52 - 00961360 _____ (Chip Digital GmbH) C:\Users\Lars\Desktop\AdwCleaner.exe
2014-05-20 09:04 - 2014-05-20 09:02 - 00000000 ____D () C:\Users\Lars\Desktop\Vertrag VF Oli Kamera
2014-05-16 08:44 - 2013-05-14 22:44 - 17938608 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-05-16 08:44 - 2013-02-09 01:54 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-05-16 08:44 - 2013-02-09 01:54 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-05-16 08:44 - 2013-02-09 01:54 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-05-16 08:40 - 2013-12-13 10:11 - 00000000 ____D () C:\Users\Lars\AppData\Local\Amazon Cloud Player
2014-05-16 08:39 - 2013-12-13 10:11 - 00001604 _____ () C:\Windows\System32\Tasks\Amazon Music Helper
2014-05-16 08:16 - 2013-02-07 14:51 - 00000000 ___RD () C:\Users\Lars\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-16 08:16 - 2013-02-07 14:51 - 00000000 ___RD () C:\Users\Lars\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-16 08:13 - 2014-05-16 08:13 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-16 08:13 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-05-16 08:12 - 2014-05-16 08:12 - 00001783 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-05-16 08:12 - 2014-05-16 08:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-05-16 08:12 - 2014-05-16 08:11 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-05-16 08:12 - 2014-05-16 08:11 - 00000000 ____D () C:\Program Files\iTunes
2014-05-16 08:12 - 2014-05-16 08:11 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-05-16 08:11 - 2014-05-16 08:11 - 00000000 ____D () C:\Program Files\iPod
2014-05-16 07:51 - 2013-02-08 01:03 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-05-16 07:50 - 2013-09-12 17:45 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-16 07:48 - 2013-02-08 12:34 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-16 07:35 - 2013-02-14 15:59 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2014-05-12 07:26 - 2014-05-24 15:42 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-12 07:26 - 2014-05-24 15:42 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-12 07:25 - 2014-05-24 15:42 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-11 07:36 - 2013-09-21 09:36 - 00000141 _____ () C:\Users\Lars\AppData\Roaming\WB.CFG
2014-05-09 15:21 - 2013-02-07 15:07 - 00004102 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-05-09 15:21 - 2013-02-07 15:07 - 00003850 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-05-09 12:30 - 2014-05-09 12:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mp3tag
2014-05-09 12:30 - 2013-09-21 08:41 - 00000979 _____ () C:\Users\Public\Desktop\Mp3tag.lnk
2014-05-09 12:30 - 2013-09-21 08:41 - 00000000 ____D () C:\Program Files (x86)\Mp3tag
2014-05-09 12:21 - 2014-05-09 12:21 - 00001026 _____ () C:\Users\Lars\Desktop\MP3Gain.lnk
2014-05-09 11:57 - 2013-02-14 14:13 - 00000000 ____D () C:\Users\Lars\Documents\Native Instruments
2014-05-09 11:49 - 2014-05-09 11:49 - 00000000 __HDC () C:\ProgramData\{4682E4CB-7209-4099-8AA1-580ABCCCE731}
2014-05-09 11:49 - 2014-05-09 11:49 - 00000000 __HDC () C:\ProgramData\{033B4844-E9C3-45D2-88D9-34DDF3F91100}
2014-05-09 11:48 - 2014-05-09 11:48 - 00000000 __HDC () C:\ProgramData\{D2030082-F62A-402A-9456-8009276FD896}
2014-05-09 11:48 - 2014-05-09 11:48 - 00000000 __HDC () C:\ProgramData\{B3478C15-588A-4968-AD66-76AA98803A28}
2014-05-09 11:48 - 2014-05-09 11:48 - 00000000 __HDC () C:\ProgramData\{0CC85DFF-E70A-4AB0-968A-F1F98F4D0C67}
2014-05-09 11:47 - 2014-05-09 11:47 - 00000000 __HDC () C:\ProgramData\{662EAAEC-9E9A-4C69-A658-884E51E909BB}
2014-05-09 11:47 - 2014-05-09 11:47 - 00000000 __HDC () C:\ProgramData\{5EE4F9B1-7274-48A2-9C25-C287604C3058}
2014-05-09 11:46 - 2014-05-09 11:46 - 00000000 __HDC () C:\ProgramData\{EB21323D-3F46-4EF0-B849-B096B7705C69}
2014-05-09 11:46 - 2014-05-09 11:46 - 00000000 __HDC () C:\ProgramData\{9B09061B-0A4F-42DA-9987-7D3F452DCB09}
2014-05-09 11:46 - 2014-05-09 11:46 - 00000000 __HDC () C:\ProgramData\{9597097D-B8DC-4754-AF2D-CB61CCFC861A}
2014-05-09 11:46 - 2014-05-09 11:46 - 00000000 __HDC () C:\ProgramData\{219191E6-6846-4329-889D-7956C487D9A6}
2014-05-09 11:45 - 2014-05-09 11:45 - 00000000 __HDC () C:\ProgramData\{B7C85E99-2AC6-455D-B4D1-752A56403757}
2014-05-09 11:45 - 2014-05-09 11:45 - 00000000 __HDC () C:\ProgramData\{AF79C86B-2321-4D47-A168-2A24BA2B6A73}
2014-05-09 11:45 - 2014-05-09 11:45 - 00000000 __HDC () C:\ProgramData\{9F570B21-E27A-40BE-A508-292899A7D042}
2014-05-09 11:44 - 2014-05-09 11:44 - 00000000 __HDC () C:\ProgramData\{57B31BE2-3175-4425-9722-D2AC5F68C7BD}
2014-05-09 11:11 - 2014-05-09 11:11 - 00000000 ____D () C:\Users\Lars\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DENON_DJ
2014-05-09 11:11 - 2014-05-09 11:11 - 00000000 ____D () C:\Program Files (x86)\DENON_DJ
2014-05-09 08:14 - 2014-05-16 07:46 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-09 08:11 - 2014-05-16 07:46 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-06 07:14 - 2014-05-16 07:51 - 19274752 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-06 07:14 - 2014-05-16 07:51 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-06 05:48 - 2014-05-16 07:51 - 14367232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-06 05:48 - 2014-05-16 07:51 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-06 05:37 - 2014-05-16 07:51 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-06 05:26 - 2014-05-16 07:51 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-02 23:38 - 2013-02-08 01:06 - 00000000 ____D () C:\Users\Lars\AppData\Roaming\TS3Client
2014-05-02 22:34 - 2013-05-21 01:53 - 00007607 _____ () C:\Users\Lars\AppData\Local\Resmon.ResmonCfg
2014-04-26 14:54 - 2014-04-26 14:54 - 00000802 _____ () C:\Users\Public\Desktop\MAGIX Media Manager 2004 silver.lnk
2014-04-26 14:54 - 2014-04-26 14:54 - 00000000 ____D () C:\Users\Lars\Documents\My MAGIX Online Druck Service Files
2014-04-26 14:54 - 2014-04-26 14:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX Online Druck Service
2014-04-26 14:54 - 2014-04-26 14:54 - 00000000 ____D () C:\Program Files (x86)\MAGIX Online Druck Service
2014-04-26 14:54 - 2014-04-26 14:54 - 00000000 _____ () C:\Windows\ringtonemaker.INI
2014-04-26 14:54 - 2014-04-26 14:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX
2014-04-26 14:54 - 2014-04-26 14:52 - 00000000 ____D () C:\MAGIX
2014-04-26 14:52 - 2014-04-26 14:52 - 00000779 _____ () C:\Users\Public\Desktop\MAGIX ringtone maker.lnk
2014-04-26 14:52 - 2014-04-26 14:52 - 00000024 _____ () C:\Windows\magix.ini
2014-04-26 14:52 - 2014-04-26 14:52 - 00000000 ____D () C:\Windows\SysWOW64\MAGIX

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-02-26 19:00

==================== End Of Log ============================
         
--- --- ---


Addition.txt

FRST Additions Logfile:
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-05-2014 02
Ran by Lars at 2014-05-26 18:00:46
Running from C:\Users\Lars\Desktop\Adware Tools
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

==================== Installed Programs ======================

3DMark06 (HKLM-x32\...\{7F3AD00A-1819-4B15-BB7D-08B3586336D7}) (Version: 1.2.1 - Futuremark Corporation)
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.7.0.1530 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.7.0.1530 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Reader X (10.1.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.10 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.5 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.5.9.620 - Adobe Systems, Inc.)
AIO_CDB_ProductContext (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
AIO_CDB_Software (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
AIO_Scan (x32 Version: 130.0.421.000 - Hewlett-Packard) Hidden
Amazon Cloud Player (HKCU\...\Amazon Amazon Cloud Player) (Version: 2.4.0.33 - Amazon Services LLC)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - ATI Technologies Inc.) Hidden
AMD Fuel (Version: 2011.0126.1749.31909 - Ihr Firmenname) Hidden
Apple Application Support (HKLM-x32\...\{D9DAD0FF-495A-472B-9F10-BAE430A26682}) (Version: 3.0.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.14.3.0 - Asmedia Technology)
ATI AVIVO64 Codecs (Version: 11.6.0.10126 - ATI Technologies Inc.) Hidden
ATI Catalyst Install Manager (HKLM\...\{7DE8BAC9-CAF4-FFAD-081A-6D74412E28A6}) (Version: 3.0.812.0 - ATI Technologies, Inc.)
Audio Recorder for Free (HKLM-x32\...\Audio Recorder for Free) (Version:  - Audio-Tool.net)
Aureon 5.1 PCI (HKLM\...\C-Media PCI Audio Driver) (Version:  - )
Auslogics BoostSpeed (HKLM-x32\...\{7216871F-869E-437C-B9BF-2A13F2DCE63F}_is1) (Version: version 4.4 - Auslogics Software Pty Ltd)
Biet-O-Matic v2.14.12 (HKLM-x32\...\Biet-O-Matic v2.14.12) (Version: 2.14.12 - BOM Development Team)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2011.0126.1749.31909 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2011.0126.1749.31909 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2011.0126.1749.31909 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2011.0126.1748.31909 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2011.0126.1748.31909 - ATI) Hidden
CCC Help Czech (x32 Version: 2011.0126.1748.31909 - ATI) Hidden
CCC Help Danish (x32 Version: 2011.0126.1748.31909 - ATI) Hidden
CCC Help Dutch (x32 Version: 2011.0126.1748.31909 - ATI) Hidden
CCC Help English (x32 Version: 2011.0126.1748.31909 - ATI) Hidden
CCC Help Finnish (x32 Version: 2011.0126.1748.31909 - ATI) Hidden
CCC Help French (x32 Version: 2011.0126.1748.31909 - ATI) Hidden
CCC Help German (x32 Version: 2011.0126.1748.31909 - ATI) Hidden
CCC Help Greek (x32 Version: 2011.0126.1748.31909 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2011.0126.1748.31909 - ATI) Hidden
CCC Help Italian (x32 Version: 2011.0126.1748.31909 - ATI) Hidden
CCC Help Japanese (x32 Version: 2011.0126.1748.31909 - ATI) Hidden
CCC Help Korean (x32 Version: 2011.0126.1748.31909 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2011.0126.1748.31909 - ATI) Hidden
CCC Help Polish (x32 Version: 2011.0126.1748.31909 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2011.0126.1748.31909 - ATI) Hidden
CCC Help Russian (x32 Version: 2011.0126.1748.31909 - ATI) Hidden
CCC Help Spanish (x32 Version: 2011.0126.1748.31909 - ATI) Hidden
CCC Help Swedish (x32 Version: 2011.0126.1748.31909 - ATI) Hidden
CCC Help Thai (x32 Version: 2011.0126.1748.31909 - ATI) Hidden
CCC Help Turkish (x32 Version: 2011.0126.1748.31909 - ATI) Hidden
ccc-core-static (x32 Version: 2011.0126.1749.31909 - Ihr Firmenname) Hidden
ccc-utility64 (Version: 2011.0126.1749.31909 - ATI) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 3.04 - Piriform)
Copy (x32 Version: 130.0.428.000 - Hewlett-Packard) Hidden
CPUID CPU-Z 1.61.3 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DC-Bass Source 1.3.0 (HKLM-x32\...\DC-Bass Source) (Version:  - )
DENON DJ ASIO Driver (HKLM-x32\...\{E4EC27CD-229E-481E-84F1-7AB83AC479BE}) (Version: 2.2.2 - DENON_DJ)
Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 130.0.465.000 - Hewlett-Packard) Hidden
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.8 - DivX, LLC)
DocProc (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
eMule (HKLM-x32\...\eMule) (Version:  - )
EPSON AL-C1600 (HKLM\...\EPSON AL-C1600) (Version:  - )
EPU-4 Engine (HKLM-x32\...\{8F66047B-1AF3-40D9-80D7-106E2EDC2C2A}) (Version: 1.03.03 - )
F300 (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
F300_Help (x32 Version: 82.0.242.000 - Hewlett-Packard) Hidden
F300Trb (x32 Version: 82.0.242.000 - Hewlett-Packard) Hidden
Fax (x32 Version: 130.0.418.000 - Hewlett-Packard) Hidden
Fences 2 (HKLM-x32\...\Fences 22.01) (Version: 2.01 - Stardock Corporation)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
GfK Internet-Monitor (HKLM-x32\...\39992AD7-103F-4308-8BB7-3F65F543604D) (Version: 12.6.186 - GfK)
GfK Proxy Service (HKLM-x32\...\NuragoProxyService) (Version:  - )
GIMP 2.6.11 (HKLM-x32\...\WinGimp-2.0_is1) (Version: 2.6.11 - The GIMP Team)
GMX ProfiFax (HKLM-x32\...\GMX ProfiFax) (Version: 2.00.236 - 1&1 Mail & Media GmbH)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.114 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HashCheck Shell Extension (x86-32) (HKLM-x32\...\HashCheck Shell Extension) (Version: 2.1.11.1 - Kai Liu)
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP)
HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. B (HKLM\...\{B61ED343-0B14-4241-999C-490CB1A20DA4}) (Version: 13.0 - HP)
HP Smart Web Printing 4.51 (HKLM\...\HP Smart Web Printing) (Version: 4.51 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Update (HKLM-x32\...\{7059BDA7-E1DB-442C-B7A1-6144596720A4}) (Version: 4.000.011.006 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
HPPhotoGadget (x32 Version: 130.0.282.000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabelContent1 (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPPhotosmartEssential (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HydraVision (x32 Version: 4.2.184.0 - ATI Technologies Inc.) Hidden
iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)
iTunes (HKLM\...\{9D20916D-C1E9-4E39-9723-13D200D87C40}) (Version: 11.2.0.114 - Apple Inc.)
Java 7 Update 13 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417013FF}) (Version: 7.0.130 - Oracle)
Java(TM) 6 Update 24 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216024FF}) (Version: 6.0.240 - Oracle)
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
K-Lite Codec Pack (64-bit) v4.5.0 (HKLM\...\KLiteCodecPack64_is1) (Version: 4.5.0 - )
K-Lite Codec Pack 7.0.0 (Full) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 7.0.0 - )
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
League of Legends (HKLM-x32\...\{92606477-9366-4D3B-8AE3-6BE4B29727AB}) (Version: 1.3 - Riot Games)
Logitech GamePanel Software 3.03.133 (HKLM\...\{6CC95B76-D380-46B2-9022-9353938E48BA}) (Version: 3.03.133 - Logitech Inc.)
Logitech GamePanel Software 3.06.109 (HKLM\...\{A1E85B9A-AFAD-4D38-AF01-6B020DD5213A}) (Version: 3.06.109 - Logitech Inc.)
Lumac (HKLM-x32\...\InstallShield_{5DE11949-2B11-4F13-BAD5-1C237122CFDB}) (Version: 1.1.92.0 - Firstload)
Lumac (x32 Version: 1.1.92.0 - Firstload) Hidden
MAGIX Media Manager 2004 silver (HKLM-x32\...\MAGIX Media Manager 2004 silver) (Version: 2.0.7.0 - MAGIX AG)
MAGIX Online Druck Service (HKLM-x32\...\MAGIX Online Druck Service) (Version:  - Silverwire Software GmbH)
MAGIX ringtone maker (HKLM-x32\...\MAGIX ringtone maker) (Version: 1.0.0.4 - MAGIX AG)
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0407-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.0.4035.0328 - Microsoft Corporation)
Microsoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft XML Parser (x32 Version: 8.0.7820.0 - Microsoft Corporation) Hidden
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 25.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 25.0.1 (x86 de)) (Version: 25.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 25.0.1 - Mozilla)
Mp3tag v2.59a (HKLM-x32\...\Mp3tag) (Version: v2.59a - Florian Heidenreich)
MSI Afterburner 2.1.0 (HKLM-x32\...\Afterburner) (Version: 2.1.0 - MSI Co., LTD)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Native Instruments Audio 2 DJ (HKLM-x32\...\Native Instruments Audio 2 DJ) (Version:  - Native Instruments)
Native Instruments Audio 2 DJ Driver (HKLM-x32\...\Native Instruments Audio 2 DJ Driver) (Version:  - Native Instruments)
Native Instruments Audio 2 DJ Driver (Version: 3.1.0.761 - Native Instruments) Hidden
Native Instruments Audio 4 DJ (HKLM-x32\...\Native Instruments Audio 4 DJ) (Version:  - Native Instruments)
Native Instruments Audio 4 DJ Driver (HKLM-x32\...\Native Instruments Audio 4 DJ Driver) (Version:  - Native Instruments)
Native Instruments Audio 4 DJ Driver (Version: 3.1.0.761 - Native Instruments) Hidden
Native Instruments Audio 8 DJ (HKLM-x32\...\Native Instruments Audio 8 DJ) (Version:  - Native Instruments)
Native Instruments Audio 8 DJ Driver (HKLM-x32\...\Native Instruments Audio 8 DJ Driver) (Version:  - Native Instruments)
Native Instruments Audio 8 DJ Driver (Version: 3.1.0.761 - Native Instruments) Hidden
Native Instruments Controller Editor (HKLM-x32\...\Native Instruments Controller Editor) (Version: 1.6.3.46 - Native Instruments)
Native Instruments Controller Editor (Version: 1.6.3.46 - Native Instruments) Hidden
Native Instruments Maschine Controller (HKLM-x32\...\Native Instruments Maschine Controller) (Version:  - Native Instruments)
Native Instruments Maschine Controller (Version: 3.0.1.648 - Native Instruments) Hidden
Native Instruments Service Center (HKLM-x32\...\Native Instruments Service Center) (Version:  - Native Instruments)
Native Instruments Service Center (Version: 2.2.6.676 - Native Instruments) Hidden
Native Instruments Traktor 2 (HKLM-x32\...\Native Instruments Traktor 2) (Version: 2.6.8.382 - Native Instruments)
Native Instruments Traktor 2 (Version: 2.6.8.382 - Native Instruments) Hidden
Native Instruments Traktor Audio 10 (HKLM-x32\...\Native Instruments Traktor Audio 10) (Version:  - Native Instruments)
Native Instruments Traktor Audio 10 Driver (HKLM-x32\...\Native Instruments Traktor Audio 10 Driver) (Version:  - Native Instruments)
Native Instruments Traktor Audio 10 Driver (Version: 3.1.0.761 - Native Instruments) Hidden
Native Instruments Traktor Audio 2 (HKLM-x32\...\Native Instruments Traktor Audio 2) (Version:  - Native Instruments)
Native Instruments Traktor Audio 2 Driver (HKLM-x32\...\Native Instruments Traktor Audio 2 Driver) (Version:  - Native Instruments)
Native Instruments Traktor Audio 2 Driver (Version: 3.1.0.761 - Native Instruments) Hidden
Native Instruments Traktor Audio 2 MK2 Driver (HKLM-x32\...\Native Instruments Traktor Audio 2 MK2 Driver) (Version:  - Native Instruments)
Native Instruments Traktor Audio 2 MK2 Driver (Version: 3.1.3.804 - Native Instruments) Hidden
Native Instruments Traktor Audio 6 (HKLM-x32\...\Native Instruments Traktor Audio 6) (Version:  - Native Instruments)
Native Instruments Traktor Audio 6 Driver (HKLM-x32\...\Native Instruments Traktor Audio 6 Driver) (Version:  - Native Instruments)
Native Instruments Traktor Audio 6 Driver (Version: 3.1.0.761 - Native Instruments) Hidden
Native Instruments Traktor Kontrol F1 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol F1 Driver) (Version:  - Native Instruments)
Native Instruments Traktor Kontrol F1 Driver (Version: 3.0.2.664 - Native Instruments) Hidden
Native Instruments Traktor Kontrol S2 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol S2 Driver) (Version:  - Native Instruments)
Native Instruments Traktor Kontrol S2 Driver (Version: 3.1.0.761 - Native Instruments) Hidden
Native Instruments Traktor Kontrol S2 MK2 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol S2 MK2 Driver) (Version:  - Native Instruments)
Native Instruments Traktor Kontrol S2 MK2 Driver (Version: 3.1.2.795 - Native Instruments) Hidden
Native Instruments Traktor Kontrol S4 (HKLM-x32\...\Native Instruments Traktor Kontrol S4) (Version:  - Native Instruments)
Native Instruments Traktor Kontrol S4 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol S4 Driver) (Version:  - Native Instruments)
Native Instruments Traktor Kontrol S4 Driver (Version: 3.1.0.761 - Native Instruments) Hidden
Native Instruments Traktor Kontrol S4 MK2 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol S4 MK2 Driver) (Version:  - Native Instruments)
Native Instruments Traktor Kontrol S4 MK2 Driver (Version: 3.1.2.795 - Native Instruments) Hidden
Native Instruments Traktor Kontrol X1 (HKLM-x32\...\Native Instruments Traktor Kontrol X1) (Version:  - Native Instruments)
Native Instruments Traktor Kontrol X1 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol X1 Driver) (Version:  - Native Instruments)
Native Instruments Traktor Kontrol X1 Driver (Version: 3.0.1.648 - Native Instruments) Hidden
Native Instruments Traktor Kontrol X1 MK2 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol X1 MK2 Driver) (Version:  - Native Instruments)
Native Instruments Traktor Kontrol X1 MK2 Driver (Version: 3.1.1.780 - Native Instruments) Hidden
Native Instruments Traktor Kontrol Z1 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol Z1 Driver) (Version:  - Native Instruments)
Native Instruments Traktor Kontrol Z1 Driver (Version: 3.1.1.780 - Native Instruments) Hidden
Native Instruments Traktor Kontrol Z2 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol Z2 Driver) (Version:  - Native Instruments)
Native Instruments Traktor Kontrol Z2 Driver (Version: 3.1.0.761 - Native Instruments) Hidden
Nero 8 (HKLM-x32\...\{9EDBB857-8028-49CD-B9C9-0B4D10CD1031}) (Version: 8.10.290 - Nero AG)
neroxml (x32 Version: 1.0.0 - Nero AG) Hidden
Network64 (Version: 130.0.572.000 - Hewlett-Packard) Hidden
Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden
Notepad++ (HKLM-x32\...\Notepad++) (Version: 5.6.8 - )
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
OpenSource Flash Video Splitter 1.0.0.5 (HKLM-x32\...\OpenSource Flash Video Splitter) (Version: 1.0.0.5 - )
Opticon USB Drivers Installer (HKLM-x32\...\Opticon USB Installer) (Version:  - )
Panel Client 3.2 (HKLM-x32\...\Panel Client_is1) (Version:  - GfK Panel Services Deutschland GmbH)
Photo Gallery (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Pidgin (HKLM-x32\...\Pidgin) (Version: 2.10.9 - )
Platform (x32 Version: 1.39 - VIA Technologies, Inc.) Hidden
PowerISO (HKLM-x32\...\PowerISO) (Version:  - )
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Razer Game Booster (HKLM-x32\...\Razer Game Booster_is1) (Version: 4.2.45.0 - Razer Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.52.203.2012 - Realtek)
Remote Mouse version 2.54 (HKLM-x32\...\{01E4BC6D-3ACC-45E1-8928-C2FF626F63F3}_is1) (Version: 2.54 - Remote Mouse)
Remote Panel Program (HKLM-x32\...\{13AA13C1-E4B9-4048-B4A6-9C9B86D44F57}) (Version:  - )
RocketDock 1.3.5 (HKLM-x32\...\RocketDock_is1) (Version:  - Punk Software)
Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
SmartWebPrinting (x32 Version: 130.0.457.000 - Hewlett-Packard) Hidden
SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
SpeedCommander 13 (x64) (HKLM\...\SpeedCommander 13 (x64)) (Version: 13.40.6300 - SWE Sven Ritter)
Status (x32 Version: 130.0.469.000 - Hewlett-Packard) Hidden
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.27614 - TeamViewer)
TECHNO4EVER Player 1.1.3 (HKLM-x32\...\{9AF19FCD-2362-493D-A127-C47BB284A636}) (Version: 1.1.3 - TECHNO4EVER Radio- und Mediengesellschaft mbH)
TERA (HKLM-x32\...\{A2F166A0-F031-4E27-A057-C69733219434}_is1) (Version: 7 - Gameforge Productions GmbH)
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 130.0.422.000 - Hewlett-Packard) Hidden
UnloadSupport (x32 Version: 11.0.0 - Hewlett-Packard) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{EA54F104-79D2-48CC-9ABC-91A63C43D353}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2880505) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{2720451F-5D04-43EC-AB1F-26D948FD971B}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VIA Plattform-Geräte-Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.39 - VIA Technologies, Inc.)
Vista Game Explorer Editor (HKLM-x32\...\VGEE) (Version: Beta 2.14a - Ryan Richter)
Visual C++ 9.0 CRT (x86) WinSXS MSM (x32 Version: 9.0 - Microsoft Corporation) Hidden
VLC media player 2.1.4 (HKLM\...\VLC media player) (Version: 2.1.4 - VideoLAN)
Warcraft III (HKLM-x32\...\Warcraft III) (Version:  - Blizzard Entertainment)
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
Windows Cleaner (HKLM-x32\...\Vtools_WindowsCleaner_is1) (Version: 1.0.0 - Vtools)
Windows Live Communications Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Family Safety (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
winKeyLock version 1.0.1.3 (HKLM-x32\...\winKeyLock_is1) (Version: 1.0.1 - winKeyLock)
WinRAR 4.00 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.00.0 - win.rar GmbH)
WMV9/VC-1 Video Playback (Version: 1.00.0000 - ATI Technologies Inc.) Hidden
Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.2) (Version: 1.3.2 - Xvid Team)

==================== Restore Points  =========================


==================== Hosts content: ==========================

2009-07-14 04:34 - 2014-05-24 12:48 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {1B2905D8-9584-4CD3-AB59-90BF090161E7} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-16] (Adobe Systems Incorporated)
Task: {24B654B2-B7EA-45CB-9CF7-95ACD67C5C7D} - System32\Tasks\Amazon Music Helper => C:\Users\Lars\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe [2014-05-08] ()
Task: {3370000F-E1FF-4575-A340-672AE206A346} - System32\Tasks\ASUS\ASUS SIX Engine => C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe [2012-01-03] (ASUSTek Computer Inc.)
Task: {3AF57CFF-0CF4-4755-BF98-509EC78AC5C8} - \DigitalSite No Task File <==== ATTENTION
Task: {3FB27DB5-FE54-4244-A9CB-9027EF2FF08C} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2013-11-20] (Apple Inc.)
Task: {54EDCEFE-8B33-42F8-9464-EEAD4AAE47B2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-07] (Google Inc.)
Task: {6E3A13BA-8055-4948-94A4-C385C5873545} - \bench-sys No Task File <==== ATTENTION
Task: {812530AD-22BA-4413-AFF6-517EC59FC1C2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-07] (Google Inc.)
Task: {A1D60D55-A6B8-401B-BC05-2938E02DF2F2} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => d:\program files\windows defender\MpCmdRun.exe
Task: {A3AE5A93-2948-485B-A93D-82B057BF782B} - \BitGuard No Task File <==== ATTENTION
Task: {B29A0C2F-3D50-434C-AC1C-80205D088FD1} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {C4E8B14A-4159-4C58-BDAD-281DBBFC97E8} - System32\Tasks\Microsoft\Windows Defender\MpIdleTask => d:\program files\windows defender\MpCmdRun.exe
Task: {CE2A5F4A-6D53-4AA9-B75E-33053699DC04} - System32\Tasks\Razer_Game_Booster_AutoUpdate => C:\Program Files (x86)\Razer\Razer Game Booster\AutoUpdate.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-02-20 17:46 - 2014-02-20 17:46 - 00045544 _____ () C:\Program Files (x86)\GfK-ProxyService\GfK-ProxyService.exe
2014-02-20 17:46 - 2014-02-20 17:46 - 00026600 _____ () C:\Program Files (x86)\GfK-ProxyService\ProxyUtils.dll
2014-03-03 21:50 - 2014-02-20 18:25 - 03293672 _____ () C:\Program Files (x86)\GfK Internet-Monitor\GfK-Reporting.exe
2014-03-03 21:50 - 2014-02-20 18:25 - 01356264 _____ () C:\Program Files (x86)\GfK Internet-Monitor\GfK-Updater.exe
2013-12-13 10:11 - 2014-05-08 19:26 - 03145536 _____ () C:\Users\Lars\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
2014-02-20 17:46 - 2014-02-20 17:46 - 00021480 _____ () C:\Program Files (x86)\GfK-ProxyService\GfK-ProxyWatchdog.exe
2013-02-07 15:09 - 2011-12-06 03:58 - 00078448 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\QsApoApi64.dll
2013-02-07 15:09 - 2011-12-06 03:58 - 00386160 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\Dts2ApoApi64.dll
2011-01-26 19:00 - 2011-01-26 19:00 - 00079872 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Services.dll
2011-01-26 19:01 - 2011-01-26 19:01 - 00102912 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2011-01-26 18:48 - 2011-01-26 18:48 - 00243712 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-01-20 14:16 - 2014-01-20 14:16 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-03-28 11:32 - 2012-11-08 13:19 - 00474360 _____ () C:\Program Files (x86)\GfK Internet-Monitor\UpdateHelper.dll
2013-02-07 15:10 - 2009-01-15 15:55 - 00565248 _____ () C:\Program Files (x86)\ASUS\EPU-4 Engine\pngio.dll
2013-02-07 15:10 - 2009-03-25 17:53 - 00053248 _____ () C:\Program Files (x86)\ASUS\EPU-4 Engine\AsSpindownTimeout.dll
2013-02-08 01:00 - 2007-05-28 23:13 - 00145920 _____ () C:\Program Files (x86)\Auslogics\Auslogics BoostSpeed\madBasic_.bpl
2013-02-08 01:00 - 2007-05-28 23:13 - 00316928 _____ () C:\Program Files (x86)\Auslogics\Auslogics BoostSpeed\madExcept_.bpl
2013-02-08 01:00 - 2007-05-28 23:13 - 00041984 _____ () C:\Program Files (x86)\Auslogics\Auslogics BoostSpeed\madDisAsm_.bpl
2013-02-08 01:00 - 2008-04-08 05:11 - 00053248 _____ () C:\Program Files (x86)\Auslogics\Auslogics BoostSpeed\armaccess.dll
2013-09-14 01:51 - 2013-09-14 01:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\zlib1.dll
2013-09-14 01:50 - 2013-09-14 01:50 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\libxml2.dll
2014-01-05 21:57 - 2013-11-19 22:34 - 00152576 _____ () C:\Program Files (x86)\Remote Mouse\FileS.dll
2014-05-24 10:21 - 2014-05-14 01:40 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\libglesv2.dll
2014-05-24 10:21 - 2014-05-14 01:40 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\libegl.dll
2014-05-24 10:21 - 2014-05-14 01:40 - 04217672 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\pdf.dll
2014-05-24 10:21 - 2014-05-14 01:40 - 00414536 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ppGoogleNaClPluginChrome.dll
2014-05-24 10:21 - 2014-05-14 01:40 - 01732424 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ffmpegsumo.dll
2014-05-08 09:40 - 2014-02-20 17:32 - 00256512 _____ () C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekfcceehmjiicgpkeblpbcpglgdklklh\13.4.568_0\plugin\npgacela_private.dll
2014-05-08 09:40 - 2014-02-20 17:32 - 00261608 _____ () C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekfcceehmjiicgpkeblpbcpglgdklklh\13.4.568_0\plugin\npgacela.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Windows\system32\Drivers\nglfsegm.sys:changelist
AlternateDataStreams: C:\Windows\system32\Drivers\qqczqvzb.sys:changelist
AlternateDataStreams: C:\Windows\system32\Drivers\xrehzkvs.sys:changelist
AlternateDataStreams: C:\ProgramData\TEMP:373E1720

==================== Safe Mode (whitelisted) ===================


==================== EXE Association (whitelisted) =============


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Logitech GamePanel-Geräte (QVGA)
Description: Logitech GamePanel-Geräte (QVGA)
Class Guid: {997b5d8d-c442-4f2e-baf3-9c8e671e9e21}
Manufacturer: Logitech Inc
Service: WUDFRd
Problem: : Windows cannot initialize the device driver for this hardware. (Code 37)
Resolution: The driver returned failure from its DriverEntry routine. Uninstall the driver, and then click "Scan for hardware changes" to reinstall or upgrade the driver.

Name: Logitech GamePanel-Geräte (Mono)
Description: Logitech GamePanel-Geräte (Mono)
Class Guid: {997b5d8d-c442-4f2e-baf3-9c8e671e9e21}
Manufacturer: Logitech Inc
Service: WUDFRd
Problem: : Windows cannot initialize the device driver for this hardware. (Code 37)
Resolution: The driver returned failure from its DriverEntry routine. Uninstall the driver, and then click "Scan for hardware changes" to reinstall or upgrade the driver.


==================== Event log errors: =========================

Application errors:
==================
Error: (05/26/2014 05:54:16 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/24/2014 11:09:28 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/24/2014 08:35:55 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (05/24/2014 07:17:43 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (05/24/2014 05:23:02 PM) (Source: MsiInstaller) (EventID: 1013) (User: Lars-PC)
Description: Product: DENON DJ ASIO Driver -- Unable to install because a newer version of this product is already installed.

Error: (05/24/2014 04:47:29 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.


System errors:
=============
Error: (05/25/2014 01:00:16 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {3EB3C877-1F16-487C-9050-104DBCD66683}

Error: (05/25/2014 07:47:36 AM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.

Error: (05/24/2014 11:06:46 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {3EB3C877-1F16-487C-9050-104DBCD66683}

Error: (05/24/2014 08:30:44 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR2 gefunden.

Error: (05/24/2014 08:30:40 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR2 gefunden.

Error: (05/24/2014 08:06:29 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.

Error: (05/24/2014 07:56:47 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.

Error: (05/24/2014 07:50:30 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "HP CUE DeviceDiscovery Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (05/24/2014 07:50:30 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "hpqcxs08" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2014-05-24 12:46:33.858
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-05-24 12:46:33.797
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-03-02 17:26:16.370
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\cmudax3.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-03-02 17:26:16.338
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\cmudax3.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info =========================== 

Percentage of memory in use: 23%
Total physical RAM: 16366.12 MB
Available physical RAM: 12530 MB
Total Pagefile: 32730.41 MB
Available Pagefile: 28274.1 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:931.41 GB) (Free:63.81 GB) NTFS
Drive e: () (Fixed) (Total:372.6 GB) (Free:36.99 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: ED9E570F)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 373 GB) (Disk ID: 1E521E51)
Partition 1: (Active) - (Size=373 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         
--- --- ---

Alt 27.05.2014, 16:20   #10
M-K-D-B
/// TB-Ausbilder
 
Unerwünschte, leere Pop-up Fenster erscheinen und Wörter sind unterstrichen und verlinkt - Standard

Unerwünschte, leere Pop-up Fenster erscheinen und Wörter sind unterstrichen und verlinkt



Dir ist klar, dass mit GfK Internet-Monitor dein Surfverhalten überwacht wird, ja?

Dir ist auch klar, dass jeder Computer individuell behandelt werden muss, weil nicht jeder die gleichen Programme verwendet oder die gleiche Malware auf den Rechner hat?






Wir entfernen die letzten Reste und kontrollieren nochmal alles. ESET kann länger (> 3 h) dauern.
Im Anschluss entfernen wir alle verwendeten Tools und ich gebe dir noch ein paar Tipps mit auf den Weg.




Schritt 1
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument


Code:
ATTFilter
start
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: http=127.0.0.1:7777
SearchScopes: HKCU - {758B870D-DF78-4A6A-9955-DEDDCACF94DC} URL = 
FF Extension: Address Bar Search - C:\Users\Lars\AppData\Roaming\Mozilla\Firefox\Profiles\1ipdivd3.default\Extensions\{badea1ae-72ed-4f6a-8c37-4db9a4ac7bc9}.xpi [2013-10-25]
FF Extension: HD Streamer - C:\Users\Lars\AppData\Roaming\Mozilla\Firefox\Profiles\1ipdivd3.default\Extensions\hd_streamer@iMedia [2014-05-24]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
Task: {3AF57CFF-0CF4-4755-BF98-509EC78AC5C8} - \DigitalSite No Task File <==== ATTENTION
Task: {6E3A13BA-8055-4948-94A4-C385C5873545} - \bench-sys No Task File <==== ATTENTION
Task: {A3AE5A93-2948-485B-A93D-82B057BF782B} - \BitGuard No Task File <==== ATTENTION
C:\Program Files (x86)\Vtools
C:\Users\Lars\AppData\Roaming\Apple Computer\MobileSync\Backup\0ab4a4c543c7fae001fed414d82909d2e9baf9d7
C:\Windows\System32\dfrg
C:\Windows\SysWOW64\dfrg
Reboot:
end
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.







Schritt 2
Bitte deaktiviere dein Anti-Viren-Programm, da es das Ergebnis beeinflussen oder ggf. die Bereinigung stören kann.
Bitte lade dir zoek.exe von hier: http://hijackthis.nl/smeenk/ und speichere die Datei auf deinem Desktop.
  • Starte Zoek.exe mit einem Doppelklick.
  • Achtung: Das folgende Skript wurde nur für diesen speziellen Fall geschrieben und könnte andere Computer beschädigen.
  • Kopiere den Text der folgenden Box in das Skriptfenster von zoek:
    Code:
    ATTFilter
    iedefaults;
    resetIEproxy;
    FFdefaults;
    CHRdefaults;
    emptyclsid;
    autoclean;
             
  • Nun klicke auf "Run script" und sei geduldig bis das Skript durchgelaufen ist.
  • Wenn das Tool fertig ist, wird sich Notepad mit der Logdatei öffnen (ggf. erst nach einem Neustart). Das Log befindet sich aber auch noch unter c:\ .
  • Bitte poste mir das ZOEK-Log (möglichst in CODE-Tags - #-Symbol im Antwortfenster klicken).





Schritt 3
Downloade dir die passende Version von HitmanPro auf deinen Desktop: HitmanPro - 32 Bit | HitmanPro - 64 Bit.
  • Starte die HitmanPro.exe
  • Klicke auf
  • Entferne den Haken bei
  • Klicke auf
    und
  • Akzeptiere die Lizenzbedingungen und klicke auf
  • Klicke auf

    und auf
  • Wenn der Scan beendet wurde, nichts löschen lassen etc. sondern wähle unten links auf der Button-Leiste
    und speichere die Logdatei auf Deinem Desktop.
  • Schließe HitmanPro und poste mir das Log.

 







Schritt 4
Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.






Bitte poste mit deiner nächsten Antwort
  • die Logdatei von FRST,
  • die Logdatei von Zoek,
  • die Logdatei von HitmanPro,
  • die Logdatei von SecurityCheck.
__________________
Grüße aus Bayern
M-K-D-B

______________________________________

Das Trojaner-Board unterstützen

Alt 27.05.2014, 17:21   #11
DJSpeedy
 
Unerwünschte, leere Pop-up Fenster erscheinen und Wörter sind unterstrichen und verlinkt - Standard

Unerwünschte, leere Pop-up Fenster erscheinen und Wörter sind unterstrichen und verlinkt



Ok. Werde ich befolgen..
Soll ich nach jedem Schritt einen Post machen oder erst alle durchgehen und im Nachgang alles posten?

Alt 27.05.2014, 19:08   #12
M-K-D-B
/// TB-Ausbilder
 
Unerwünschte, leere Pop-up Fenster erscheinen und Wörter sind unterstrichen und verlinkt - Standard

Unerwünschte, leere Pop-up Fenster erscheinen und Wörter sind unterstrichen und verlinkt



Zitat:
Zitat von DJSpeedy Beitrag anzeigen
Soll ich nach jedem Schritt einen Post machen oder erst alle durchgehen und im Nachgang alles posten?
Alles durchführen, erst dann posten... außer es gäbe Probleme.
__________________
Grüße aus Bayern
M-K-D-B

______________________________________

Das Trojaner-Board unterstützen

Alt 28.05.2014, 19:24   #13
DJSpeedy
 
Unerwünschte, leere Pop-up Fenster erscheinen und Wörter sind unterstrichen und verlinkt - Standard

Unerwünschte, leere Pop-up Fenster erscheinen und Wörter sind unterstrichen und verlinkt



so... chef :-) alles erledigt.

Schritt 1:
Code:
ATTFilter
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 25-05-2014 02
Ran by Lars at 2014-05-28 18:31:04 Run:1
Running from C:\Users\Lars\Desktop\Adware Tools\Schritt 1
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
start
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: http=127.0.0.1:7777
SearchScopes: HKCU - {758B870D-DF78-4A6A-9955-DEDDCACF94DC} URL = 
FF Extension: Address Bar Search - C:\Users\Lars\AppData\Roaming\Mozilla\Firefox\Profiles\1ipdivd3.default\Extensions\{badea1ae-72ed-4f6a-8c37-4db9a4ac7bc9}.xpi [2013-10-25]
FF Extension: HD Streamer - C:\Users\Lars\AppData\Roaming\Mozilla\Firefox\Profiles\1ipdivd3.default\Extensions\hd_streamer@iMedia [2014-05-24]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
Task: {3AF57CFF-0CF4-4755-BF98-509EC78AC5C8} - \DigitalSite No Task File <==== ATTENTION
Task: {6E3A13BA-8055-4948-94A4-C385C5873545} - \bench-sys No Task File <==== ATTENTION
Task: {A3AE5A93-2948-485B-A93D-82B057BF782B} - \BitGuard No Task File <==== ATTENTION
C:\Program Files (x86)\Vtools
C:\Users\Lars\AppData\Roaming\Apple Computer\MobileSync\Backup\0ab4a4c543c7fae001fed414d82909d2e9baf9d7
C:\Windows\System32\dfrg
C:\Windows\SysWOW64\dfrg
Reboot:
end
*****************

C:\Windows\system32\GroupPolicy\Machine => Moved successfully.
C:\Windows\system32\GroupPolicy\GPT.ini => Moved successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{758B870D-DF78-4A6A-9955-DEDDCACF94DC} => Key deleted successfully.
HKCR\CLSID\{758B870D-DF78-4A6A-9955-DEDDCACF94DC} => Key not found.
C:\Users\Lars\AppData\Roaming\Mozilla\Firefox\Profiles\1ipdivd3.default\Extensions\{badea1ae-72ed-4f6a-8c37-4db9a4ac7bc9}.xpi => Moved successfully.
C:\Users\Lars\AppData\Roaming\Mozilla\Firefox\Profiles\1ipdivd3.default\Extensions\hd_streamer@iMedia => Moved successfully.
HKLM\SOFTWARE\Policies\Google => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3AF57CFF-0CF4-4755-BF98-509EC78AC5C8} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3AF57CFF-0CF4-4755-BF98-509EC78AC5C8} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DigitalSite => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6E3A13BA-8055-4948-94A4-C385C5873545} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6E3A13BA-8055-4948-94A4-C385C5873545} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\bench-sys => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A3AE5A93-2948-485B-A93D-82B057BF782B} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A3AE5A93-2948-485B-A93D-82B057BF782B} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BitGuard => Key deleted successfully.
C:\Program Files (x86)\Vtools => Moved successfully.
C:\Users\Lars\AppData\Roaming\Apple Computer\MobileSync\Backup\0ab4a4c543c7fae001fed414d82909d2e9baf9d7 => Moved successfully.
"C:\Windows\System32\dfrg" => File/Directory not found.
C:\Windows\SysWOW64\dfrg => Moved successfully.


The system needed a reboot. 

==== End of Fixlog ====
         
Schritt 2:

Code:
ATTFilter
Zoek.exe v5.0.0.0 Updated 22-05-2014
Tool run by Lars on 28.05.2014 at 18:37:33,26.
Microsoft Windows 7 eXtreme™ Draconis Edition  6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Lars\Desktop\Adware Tools\Schritt 2\zoek.exe [Scan all users] [Script inserted] 

==== System Restore Info ======================

28.05.2014 18:38:43 Zoek.exe System Restore Point Created Succesfully.

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1005217006-152471606-131910131-1000\Software\Microsoft\Internet Explorer\SearchScopes\{41F23684-D0B3-4D6C-AC19-5D82E79E82CD} deleted successfully
HKEY_USERS\S-1-5-21-1005217006-152471606-131910131-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{5BFEFF94-6411-4B74-A947-4969134B24DE} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-1005217006-152471606-131910131-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{4D2D3B0F-69BE-477A-90F5-FDDB05357975} deleted successfully
HKEY_USERS\S-1-5-21-1005217006-152471606-131910131-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{98889811-442D-49DD-99D7-DC866BE87DBC} deleted successfully
HKEY_USERS\S-1-5-21-1005217006-152471606-131910131-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{82E1477C-B154-48D3-9891-33D83C26BCD3} deleted successfully
HKEY_USERS\S-1-5-21-1005217006-152471606-131910131-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{C1AF5FA5-852C-4C90-812E-A7F75E011D87} deleted successfully
HKEY_USERS\S-1-5-21-1005217006-152471606-131910131-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully
HKEY_USERS\S-1-5-21-1005217006-152471606-131910131-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} deleted successfully
HKEY_USERS\S-1-5-21-1005217006-152471606-131910131-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{11111111-1111-1111-1111-110311851132} deleted successfully
HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Approved Extensions\{21EAF666-26B3-4a3c-ABD0-CA2F5A326744} deleted successfully
HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Approved Extensions\{21EAF666-26B3-4a3c-ABD0-CA2F5A326744} deleted successfully
HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Approved Extensions\{21EAF666-26B3-4a3c-ABD0-CA2F5A326744} deleted successfully
HKEY_USERS\S-1-5-21-1005217006-152471606-131910131-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{21EAF666-26B3-4a3c-ABD0-CA2F5A326744} deleted successfully
HKEY_USERS\S-1-5-21-1005217006-152471606-131910131-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{93DBF2BB-A2B3-4683-A92E-57E60751F346} deleted successfully
HKEY_USERS\S-1-5-21-1005217006-152471606-131910131-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{5BFEFF94-6411-4B74-A947-4969134B24DE} deleted successfully

==== Deleting Services ======================


==== FireFox Fix ======================

Deleted from C:\Users\Lars\AppData\Roaming\Mozilla\Firefox\Profiles\1ipdivd3.default\prefs.js:

Added to C:\Users\Lars\AppData\Roaming\Mozilla\Firefox\Profiles\1ipdivd3.default\prefs.js:
user_pref("browser.startup.homepage", "hxxp://www.google.com");
user_pref("browser.search.defaulturl", "hxxp://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "hxxp://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "hxxp://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

ProfilePath: C:\Users\Lars\AppData\Roaming\Mozilla\Firefox\Profiles\1ipdivd3.default

user.js not found
---- Lines valueApps removed from prefs.js ----
user_pref("valueApps.autoDisableScopes", 0);
---- Lines mybrowserbar removed from prefs.js ----
user_pref("extensions.vtools@mybrowserbar.com.install-event-fired", true);
---- Lines browser.startup.page removed from prefs.js ----
user_pref("browser.startup.page", 3);
---- Lines a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532 removed from prefs.js ----
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.active", true);
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.addressbar", "NA");
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.addressbarenhanced", "");
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.asyncdb_dbWasSet", true);
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.asyncdb_dbWasSet_FF25_FIX", true);
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.asyncinternaldb_dbWasSet", true);
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.asyncinternaldb_dbWasSet_FF25_FIX", true);
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.backgroundver", 1);
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.certdomaininstaller", "");
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.changeprevious", false);
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.cookie._GPL_aoi.expiration", "Fri Feb 01 2030 00
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.cookie._GPL_aoi.value", "%221386793968%22");
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.cookie._GPL_parent_zoneid.expiration", "Fri Feb 
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.cookie._GPL_parent_zoneid.value", "%22345637%22"
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.cookie._GPL_zoneid.expiration", "Fri Feb 01 2030
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.cookie._GPL_zoneid.value", "%22456211%22");
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.cookie.geo.expiration", "Wed Dec 18 2013 21:32:4
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.cookie.geo.value", "%22DE%22");
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.cookie.InstallationTime.expiration", "Fri Feb 01
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.cookie.InstallationTime.value", "%221386793458%2
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.cookie.InstallerParams.expiration", "Fri Feb 01 
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.cookie.InstallerParams.value", "%7B%22source_id%
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.description", "Feven Shopping Companion");
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.domain", "");
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.enablesearch", false);
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.homepage", "");
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.iframe", false);
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.InstallationThankYouPage", true);
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.InstallationTime", 1386793458);
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.internaldb._country_code_.expiration", "Fri Feb 
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.internaldb._country_code_.value", "%22DE%22");
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.internaldb.installer.expiration", "Fri Feb 01 20
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.internaldb.installer.value", "%7B%22InstallerIde
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.internaldb.InstallerIdentifiers.expiration", "Fr
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.internaldb.InstallerIdentifiers.value", "%7B%22i
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.internaldb.InstallerParams.expiration", "Fri Feb
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.internaldb.InstallerParams.value", "%7B%22source
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.internaldb.InstallerParamsCache.expiration", "Fr
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.internaldb.InstallerParamsCache.value", "%7B%22s
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.internaldb.InstallerUserIdentifiersCache.expirat
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.internaldb.InstallerUserIdentifiersCache.value",
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.internaldb.monetization_plugin_last_executable_r
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.internaldb.monetization_plugin_last_executable_r
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.internaldb.Resources_appVer.expiration", "Fri Fe
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.internaldb.Resources_appVer.value", "70");
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.internaldb.Resources_lastVersion.expiration", "F
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.internaldb.Resources_lastVersion.value", "1");
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.internaldb.Resources_meta.expiration", "Fri Feb 
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.internaldb.Resources_meta.value", "%7B%7D");
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.internaldb.Resources_nextCheck.expiration", "Fri
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.internaldb.Resources_nextCheck.value", "true");
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.internaldb.Resources_queue.expiration", "Fri Feb
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.internaldb.Resources_queue.value", "%7B%7D");
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.internaldb.Resources_remote_resources.expiration
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.internaldb.Resources_remote_resources.value", "%
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.lastDailyReport", "1386917723748");
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.lastUpdate", "1386917726442");
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.manifesturl", "");
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.name", "Feven 1.5");
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.newtab", "");
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.opensearch", "");
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.pluginsurl", "https://w9u6a2p6.ssl.hwcdn.net/plu
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.pluginsversion", 67);
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.publisher", "Feven");
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.searchstatus", 0);
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.setnewtab", false);
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.thankyou", "");
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.updateinterval", 360);
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.ver", 70);
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.apps", "38532");
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.bic", "13f624d4447e0b1cdd658fca7c4587f0");
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.cid", 38532);
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.firstrun", false);
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.hadappinstalled", true);
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.installationdate", 1386793544);
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.modetype", "production");
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.reportInstall", true);
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.statsDailyCounter", 3);
---- Lines extensions.LOHi64S1y removed from prefs.js ----
user_pref("extensions.LOHi64S1y.epoch", "1401005967");
user_pref("extensions.LOHi64S1y.url", "hxxp://centergoodfind.info/sync2/?q=hfZ9ofDSBShEAen0rHC6tMqLDe49CNU0mwkMCMlNhd9FrHwGrTkGrTn9rHCMBzqUojw9rdkGqda
---- Lines extensions.N6yO5tA removed from prefs.js ----
user_pref("extensions.N6yO5tA.epoch", "1401005967");
user_pref("extensions.N6yO5tA.url", "hxxp://safefacile.net/sync2/?q=hfZ9oeDGDzrMCyVUojr6qGhTB6lKDzt4okmxtNtVh7n0rjrFrTs8rTs9rTnEtMFHhd9Fqda8rTnEpdsFrT
---- Lines extensions.tQmox removed from prefs.js ----
user_pref("extensions.tQmox.epoch", "1401005967");
---- FireFox user.js and prefs.js backups ---- 

prefs__1847_.backup

==== Deleting Files \ Folders ======================

C:\Users\Lars\AppData\LocalLow\{65B31E28-C534-5B46-55EB-9AAB46858685} deleted
C:\Users\Lars\AppData\Local\Packages\windows_ie_ac_001\AC\{65B31E28-C534-5B46-55EB-9AAB46858685} deleted
C:\PROGRA~3\DDJ_ASIO_Driver deleted
C:\Users\Lars\.android deleted
C:\PROGRA~3\InstallMate deleted
C:\Users\Lars\AppData\Local\cache deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\Application Updater deleted
C:\Windows\Syswow64\InstallUtil.InstallLog deleted
C:\Windows\SysWow64\searchplugins deleted
C:\Windows\SysWow64\Extensions deleted
"C:\PROGRA~3\9868df398bf17eec\{4820778D-AB0D-6D18-C316-52A6A0E1D507}" deleted
"C:\PROGRA~3\9868df398bf17eec\{A35CA8FF-CB7D-8361-1CB9-83219CD11C78}" deleted
"C:\PROGRA~3\9868df398bf17eec\{A35CA8FF-CB7D-8361-1CB9-83219CD11C78}.old" deleted
"C:\PROGRA~3\9868df398bf17eec\{AD11DADE-C597-45D9-D8C5-1D2EB0B89613}" deleted
"C:\PROGRA~3\9868df398bf17eec\{C670DCAE-E392-AA32-6F42-143C7FC4BDFD}" deleted
"C:\PROGRA~3\9868df398bf17eec\{C670DCAE-E392-AA32-6F42-143C7FC4BDFD}.old" deleted
"C:\PROGRA~3\9868df398bf17eec\{CA41BB14-E67B-1653-C57B-5CA99418A866}" deleted
"C:\PROGRA~3\9868df398bf17eec\{E32743D3-5789-6E4F-3998-06FB87C9214B}" deleted
"C:\PROGRA~3\9868df398bf17eec" deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"gacela2@nurago.com"="C:\Program Files (x86)\GfK Internet-Monitor" [28.05.2014 18:34]
[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
"smartwebprinting@hp.com"="C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3" [25.02.2013 19:27]

==== Firefox Extensions ======================

ProfilePath: C:\Users\Lars\AppData\Roaming\Mozilla\Firefox\Profiles\1ipdivd3.default
- GfK Internet-Monitor - C:\Program Files (x86)\GfK Internet-Monitor
- LastPass - %ProfilePath%\extensions\support@lastpass.com
- Flashblock - %ProfilePath%\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a}
- Personas Plus - %ProfilePath%\extensions\personas@christopher.beard.xpi
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
- Download Statusbar - %ProfilePath%\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}.xpi
- Tab Mix Plus - %ProfilePath%\extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Lars\AppData\Roaming\Mozilla\Firefox\Profiles\1ipdivd3.default
A58DE0A570148AF5FF3512B2A340D09F	- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll -	Shockwave Flash
855B79451ECF62602F20EB4D5C71F99B	- C:\Windows\SysWoW64\Adobe\Director\np32dsw.dll -	Shockwave for Director / Shockwave for Director


==== Chrome Look ======================

GfK Internet-Monitor - Lars\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekfcceehmjiicgpkeblpbcpglgdklklh
AdBlock - Lars\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom

==== Chrome Fix ======================

C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_websearch.searchsunmy.info_0.localstorage deleted successfully
C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_websearch.searchsunmy.info_0.localstorage-journal deleted successfully
C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_service.pricegong.com_0.localstorage-journal deleted successfully
C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_govome.inspsearch.com_0.localstorage-journal deleted successfully
C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_continuetosave.info_0.localstorage-journal deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="hxxp://www.google.com"
"Use Search Asst"="yes"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="hxxp://www.google.com"
"Default_Page_URL"="hxxp://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Start Page"="hxxp://www.google.com"
"Default_Page_URL"="hxxp://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl]
"Default"="hxxp://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchUrl]
"Default"="hxxp://www.google.com"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"Default"="hxxp://www.google.com"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="hxxp://www.google.com"
"SearchAssistant"="hxxp://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="hxxp://www.google.com"
"Use Search Asst"="no"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="hxxp://go.microsoft.com/fwlink/?LinkId=69157"
"Default_Page_URL"="hxxp://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Start Page"="hxxp://go.microsoft.com/fwlink/?LinkId=69157"
"Default_Page_URL"="hxxp://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="hxxp://search.msn.com/results.asp?q=%s"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="hxxp://search.msn.com/results.asp?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="hxxp://search.msn.com/results.asp?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="hxxp://go.microsoft.com/fwlink/?LinkId=54896"
"SearchAssistant"="hxxp://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google  Url="hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== Reset Google Chrome ======================

C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Reset IE Proxy ======================

Value(s) before fix:
"ProxyServer"="http=127.0.0.1:7777"
"ProxyOverride"="*.local"
"ProxyEnable"=dword:00000001

Value(s) after fix:
"ProxyEnable"=dword:00000000

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2C86C44B-F929-3FEC-2B35-93EA97C0F10D} deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Lars\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\Lars\AppData\Local\Mozilla\Firefox\Profiles\1ipdivd3.default\Cache will be emptied at reboot
C:\Users\Lars\AppData\Roaming\Mozilla\Firefox\Profiles\1ipdivd3.default\personas\cache emptied successfully

==== Empty Chrome Cache ======================

C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=154 folders=32 5620989 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\temp emptied successfully
C:\Users\Lars\AppData\Local\Temp will be emptied at reboot
C:\Users\Public\AppData\Local\temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Lars\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on 28.05.2014 at 18:52:34,83 ======================
         
Schritt 3:

Code:
ATTFilter
Code:
ATTFilter
HitmanPro 3.7.9.216
www.hitmanpro.com

   Computer name . . . . : LARS-PC
   Windows . . . . . . . : 6.1.1.7601.X64/4
   User name . . . . . . : Lars-PC\Lars
   UAC . . . . . . . . . : Disabled
   License . . . . . . . : Trial (30 days left)

   Scan date . . . . . . : 2014-05-28 19:01:29
   Scan mode . . . . . . : Normal
   Scan duration . . . . : 5m 56s
   Disk access mode  . . : Direct disk access (SRB)
   Cloud . . . . . . . . : Internet
   Reboot  . . . . . . . : Yes

   Threats . . . . . . . : 0
   Traces  . . . . . . . : 75

   Objects scanned . . . : 1.940.503
   Files scanned . . . . : 56.691
   Remnants scanned  . . : 403.112 files / 1.480.700 keys

Suspicious files ____________________________________________________________

   C:\Program Files (x86)\Stardock\Fences\DesktopDock.dll
      Size . . . . . . . : 803.544 bytes
      Age  . . . . . . . : 178.3 days (2013-12-01 11:35:45)
      Entropy  . . . . . : 6.7
      SHA-256  . . . . . : FA977C23B9FD2B429FB52145AB9558CE4087674C70ECC8998DC74D8EBBDF89A8
      Publisher  . . . . : Stardock
      Description  . . . : Stardock Fences
      Version  . . . . . : 2.0.1.0
      Copyright  . . . . : Copyright (C) 2008-2012 Stardock Corporation
      RSA Key Size . . . : 2048
      Authenticode . . . : Invalid
      Fuzzy  . . . . . . : 26.0
         Program is altered or corrupted since it was code signed by its author. This is typical for malware and pirated software.
         File belongs to an identified security risk.

   C:\Program Files (x86)\Stardock\Fences\DesktopDock64.dll
      Size . . . . . . . : 952.024 bytes
      Age  . . . . . . . : 178.3 days (2013-12-01 11:35:45)
      Entropy  . . . . . : 6.4
      SHA-256  . . . . . : EFC38340D0F1574D8DC208D22E5615C451A51EA55F6A610099D7F8E998DF0A77
      Publisher  . . . . : Stardock
      Description  . . . : Stardock Fences
      Version  . . . . . : 2.0.1.0
      Copyright  . . . . : Copyright (C) 2008-2012 Stardock Corporation
      RSA Key Size . . . : 2048
      Authenticode . . . : Invalid
      Fuzzy  . . . . . . : 28.0
         Program is altered or corrupted since it was code signed by its author. This is typical for malware and pirated software.
         File belongs to an identified security risk.
         The file is in use by one or more active processes.

   C:\Program Files (x86)\Stardock\Fences\Fences.exe
      Size . . . . . . . : 4.017.368 bytes
      Age  . . . . . . . : 178.3 days (2013-12-01 11:35:45)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : CD806CDABD6896D993D2A682FA5C92CD0467DD9403F201F835F8B0B59C2D5E2B
      Product  . . . . . : Fences
      Publisher  . . . . : Stardock Corporation
      Description  . . . : Fences Settings
      Version  . . . . . : 2.0.1.484
      Copyright  . . . . : Copyright © 2008-2012 Stardock Corporation
      RSA Key Size . . . : 2048
      Gossip . . . . . . : Fences
      Authenticode . . . : Invalid
      Fuzzy  . . . . . . : 37.0
         Program is altered or corrupted since it was code signed by its author. This is typical for malware and pirated software.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Uses the Startup folder in the Start Menu to run each time the user logs on.
         Uses the Windows Registry to run each time the user logs on.
         Program starts automatically without user intervention.
      Startup
         C:\Users\Lars\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Fences.lnk
         HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Fences
      References
         C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stardock\Fences.lnk
         C:\Users\Lars\Desktop\Customize Fences.lnk
         C:\Users\Lars\Desktop\Purchase Fences.lnk
         HKU\S-1-5-21-1005217006-152471606-131910131-1000\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\C:\Program Files (x86)\Stardock\Fences\Fences.exe

   C:\Program Files (x86)\Stardock\Fences\SDActivate.exe
      Size . . . . . . . : 1.008.304 bytes
      Age  . . . . . . . : 178.3 days (2013-12-01 11:35:45)
      Entropy  . . . . . : 6.1
      SHA-256  . . . . . : 9616ED807AAC0F3D9E7FF8D72CD1ABD6918F55F0A285B6DB09C7182F4AF160EB
      Product  . . . . . : Activate
      Publisher  . . . . : Stardock Corporation
      Description  . . . : Product Activation
      Version  . . . . . : 1.2.3.2
      Copyright  . . . . : Copyright (C) 2005-2011 Stardock Corporation
      RSA Key Size . . . : 2048
      Authenticode . . . : Invalid
      Fuzzy  . . . . . . : 26.0
         Program is altered or corrupted since it was code signed by its author. This is typical for malware and pirated software.
         File belongs to an identified security risk.

   C:\Program Files (x86)\Stardock\Fences\sddlc.dll
      Size . . . . . . . : 730.288 bytes
      Age  . . . . . . . : 178.3 days (2013-12-01 11:35:46)
      Entropy  . . . . . : 6.5
      SHA-256  . . . . . : A2A0327CBF26AA391DC1FB551B7048663BB6E73896A02FFAC50EF0E0AD4F27B3
      RSA Key Size . . . : 2048
      Authenticode . . . : Invalid
      Fuzzy  . . . . . . : 32.0
         Program is altered or corrupted since it was code signed by its author. This is typical for malware and pirated software.
         File belongs to an identified security risk.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.

   C:\Program Files (x86)\Stardock\Fences\sddlc64.dll
      Size . . . . . . . : 840.368 bytes
      Age  . . . . . . . : 178.3 days (2013-12-01 11:35:46)
      Entropy  . . . . . : 6.2
      SHA-256  . . . . . : D9C45978637E1478888F7C6E165A2C150AD71A5FD88E8A1623E03F8C25614586
      RSA Key Size . . . : 2048
      Authenticode . . . : Invalid
      Fuzzy  . . . . . . : 32.0
         Program is altered or corrupted since it was code signed by its author. This is typical for malware and pirated software.
         File belongs to an identified security risk.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.

   C:\Users\Lars\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
      Size . . . . . . . : 3.145.536 bytes
      Age  . . . . . . . : 166.4 days (2013-12-13 10:11:22)
      Entropy  . . . . . : 6.6
      SHA-256  . . . . . : DA2E76AFB6C0F0111CC5B3A83B331D2BCA54CC78C56128D2B90B86FC89E7EAA7
      RSA Key Size . . . : 2048
      Parent Name  . . . : C:\Windows\system32\taskeng.exe
      Authenticode . . . : Self-signed
      Running processes  : 1628
      Fuzzy  . . . . . . : 24.0
         Program is code self-signed.
         This program is actively listening for inbound network connections.
         Uses the Windows Registry to run each time the user logs on.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Program starts automatically without user intervention.
         The file is in use by one or more active processes.
      Startup
         HKU\S-1-5-21-1005217006-152471606-131910131-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Amazon Cloud Player
      Network Ports
         127.0.0.1:4750	


Potential Unwanted Programs _________________________________________________

   HKLM\SOFTWARE\Classes\Record\{2009AF2F-5786-3067-8799-B97F7832FDD6}\ (FLV Player) -> Deleted
   HKLM\SOFTWARE\Classes\Record\{425E7597-03A2-338D-B72A-0E51FFE77A7E}\ (FLV Player) -> Deleted
   HKLM\SOFTWARE\Classes\Record\{915BB7D5-082E-3B91-B1E0-45B5FDE01F24}\ (FLV Player) -> Deleted
   HKLM\SOFTWARE\Classes\Record\{FB2E65F4-5687-33EF-9BBF-4E3C9C98D3B9}\ (FLV Player) -> Deleted
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964\ (FLV Player) -> Deleted
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467\ (FLV Player) -> Deleted
   HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{58124A0B-DC32-4180-9BFF-E0E21AE34026} (Iminent) -> Deleted
   HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{977AE9CC-AF83-45E8-9E03-E2798216E2D5} (Iminent) -> Deleted
   HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A} (Iminent) -> Deleted
   HKLM\SYSTEM\ControlSet001\services\eventlog\Application\IePluginService\ (FTDownloader) -> Deleted
   HKLM\SYSTEM\ControlSet001\services\eventlog\Application\Wpm\ (FTDownloader) -> Deleted
   HKLM\SYSTEM\ControlSet002\services\eventlog\Application\IePluginService\ (FTDownloader) -> Deleted
   HKLM\SYSTEM\ControlSet002\services\eventlog\Application\Wpm\ (FTDownloader) -> Deleted
   HKLM\SYSTEM\CurrentControlSet\services\eventlog\Application\IePluginService\ (FTDownloader) -> PendingDelete
   HKLM\SYSTEM\CurrentControlSet\services\eventlog\Application\Wpm\ (FTDownloader) -> PendingDelete
   HKU\S-1-5-21-1005217006-152471606-131910131-1000\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION\SnapDo.exe (FLV Player) -> Deleted
   HKU\S-1-5-21-1005217006-152471606-131910131-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\bProtectNewTabPageShow (22Find) -> Deleted
   HKU\S-1-5-21-1005217006-152471606-131910131-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\bProtectShowTabsWelcome (22Find) -> Deleted

Repairs _____________________________________________________________________

   Proxyserver auf diesem Computer (Benutzer)
   127.0.0.1:7777


Cookies _____________________________________________________________________

   C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\Cookies:112.2o7.net
   C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\Cookies:2o7.net
   C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.360yield.com
   C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.ad-srv.net
   C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.dyntracker.de
   C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.zanox.com
   C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.adk2.com
   C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.pubmatic.com
   C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.yahoo.com
   C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\Cookies:adtech.de
   C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\Cookies:adtechus.com
   C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\Cookies:advertising.com
   C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\Cookies:apmebf.com
   C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\Cookies:atdmt.com
   C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\Cookies:burstnet.com
   C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\Cookies:casalemedia.com
   C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\Cookies:deutschepostag.112.2o7.net
   C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\Cookies:doubleclick.net
   C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\Cookies:emjcd.com
   C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\Cookies:keygens.nl
   C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\Cookies:media6degrees.com
   C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\Cookies:mediaplex.com
   C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\Cookies:revsci.net
   C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\Cookies:ru4.com
   C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\Cookies:serving-sys.com
   C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\Cookies:smartadserver.com
   C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\Cookies:statcounter.com
   C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\Cookies:stats.paypal.com
   C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\Cookies:statse.webtrendslive.com
   C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\Cookies:survey.g.doubleclick.net
   C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\Cookies:track.12trackway.com
   C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\Cookies:track.360cpl.nl
   C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\Cookies:track.adform.net
   C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\Cookies:track.effiliation.com
   C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\Cookies:tradedoubler.com
   C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\Cookies:www.etracker.de
   C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\Cookies:xiti.com
   C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\Cookies:yadro.ru
   C:\Users\Lars\AppData\Roaming\Mozilla\Firefox\Profiles\1ipdivd3.default\cookies.sqlite:doubleclick.net
         
Schritt 4:

Code:
ATTFilter
 Results of screen317's Security Check version 0.99.83  
 Windows 7 Service Pack 1 x64 (UAC is disabled!)  
 Internet Explorer 10 Out of date! 
``````````````Antivirus/Firewall Check:`````````````` 
 Windows Security Center service is not running! This report may not be accurate! 
Microsoft Security Essentials   
  (On Access scanning disabled!) 
`````````Anti-malware/Other Utilities Check:````````` 
 Windows Cleaner    
 Java(TM) 6 Update 24  
 Java version out of Date! 
 Adobe Flash Player 13.0.0.214  
 Adobe Reader 10.1.10 Adobe Reader out of Date!  
 Mozilla Firefox 25.0.1 Firefox out of Date!  
 Google Chrome 35.0.1916.114  
````````Process Check: objlist.exe by Laurent````````  
 Microsoft Security Essentials MSMpEng.exe 
 Microsoft Security Essentials msseces.exe 
 Malwarebytes Anti-Malware mbamservice.exe  
 Malwarebytes Anti-Malware mbam.exe  
 Malwarebytes Anti-Malware mbamscheduler.exe   
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````
         

Alt 28.05.2014, 21:04   #14
M-K-D-B
/// TB-Ausbilder
 
Unerwünschte, leere Pop-up Fenster erscheinen und Wörter sind unterstrichen und verlinkt - Standard

Unerwünschte, leere Pop-up Fenster erscheinen und Wörter sind unterstrichen und verlinkt



Servus,



dein Windows-Sicherheitscenter läuft nicht, das will ich mir noch ansehen:




Downloade dir bitte Farbar Service Scanner Farbar Service Scanner
  • Starte das Tool mit Doppelklick auf die FSS.exe
  • Gehe sicher, dass folgende Optionen angehakt sind.
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Klicke auf Scan.
  • Wenn das Tool fertig ist, wird es eine FSS.txt in dem Verzeichnis erstellen, wo das Tool gelaufen ist.

Poste bitte den Inhalt hier.









Dann noch folgendes nochmal bitte:

  • Starte die FRST.exe erneut. Setze einen Haken vor Addition und drücke auf Scan.
  • FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
  • Poste mir beide Logdateien mit deiner nächsten Antwort.
__________________
Grüße aus Bayern
M-K-D-B

______________________________________

Das Trojaner-Board unterstützen

Alt 28.05.2014, 21:11   #15
DJSpeedy
 
Unerwünschte, leere Pop-up Fenster erscheinen und Wörter sind unterstrichen und verlinkt - Standard

Unerwünschte, leere Pop-up Fenster erscheinen und Wörter sind unterstrichen und verlinkt



bitte schön :-)

Code:
ATTFilter
Farbar Service Scanner Version: 21-05-2014
Ran by Lars (administrator) on 28-05-2014 at 21:04:12
Running from "C:\Users\Lars\Desktop\Adware Tools\NEXT"
Microsoft Windows 7 eXtreme™ Draconis Edition  Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.
IE proxy is enabled.
ProxyServer: http=127.0.0.1:7777


Windows Firewall:
=============

Firewall Disabled Policy: 
==================


System Restore:
============

System Restore Disabled Policy: 
========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=DWORD:1


Action Center:
============


Windows Update:
============

Windows Autoupdate Disabled Policy: 
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy: 
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\iphlpsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****
         
FRST Additions Logfile:
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-05-2014 02
Ran by Lars at 2014-05-28 21:06:37
Running from C:\Users\Lars\Desktop\Adware Tools\NEXT
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

==================== Installed Programs ======================

3DMark06 (HKLM-x32\...\{7F3AD00A-1819-4B15-BB7D-08B3586336D7}) (Version: 1.2.1 - Futuremark Corporation)
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.7.0.1530 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.7.0.1530 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Reader X (10.1.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.10 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.5 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.5.9.620 - Adobe Systems, Inc.)
AIO_CDB_ProductContext (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
AIO_CDB_Software (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
AIO_Scan (x32 Version: 130.0.421.000 - Hewlett-Packard) Hidden
Amazon Cloud Player (HKCU\...\Amazon Amazon Cloud Player) (Version: 2.4.0.33 - Amazon Services LLC)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - ATI Technologies Inc.) Hidden
AMD Fuel (Version: 2011.0126.1749.31909 - Ihr Firmenname) Hidden
Apple Application Support (HKLM-x32\...\{D9DAD0FF-495A-472B-9F10-BAE430A26682}) (Version: 3.0.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.14.3.0 - Asmedia Technology)
ATI AVIVO64 Codecs (Version: 11.6.0.10126 - ATI Technologies Inc.) Hidden
ATI Catalyst Install Manager (HKLM\...\{7DE8BAC9-CAF4-FFAD-081A-6D74412E28A6}) (Version: 3.0.812.0 - ATI Technologies, Inc.)
Audio Recorder for Free (HKLM-x32\...\Audio Recorder for Free) (Version:  - Audio-Tool.net)
Aureon 5.1 PCI (HKLM\...\C-Media PCI Audio Driver) (Version:  - )
Auslogics BoostSpeed (HKLM-x32\...\{7216871F-869E-437C-B9BF-2A13F2DCE63F}_is1) (Version: version 4.4 - Auslogics Software Pty Ltd)
Biet-O-Matic v2.14.12 (HKLM-x32\...\Biet-O-Matic v2.14.12) (Version: 2.14.12 - BOM Development Team)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2011.0126.1749.31909 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2011.0126.1749.31909 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2011.0126.1749.31909 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2011.0126.1748.31909 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2011.0126.1748.31909 - ATI) Hidden
CCC Help Czech (x32 Version: 2011.0126.1748.31909 - ATI) Hidden
CCC Help Danish (x32 Version: 2011.0126.1748.31909 - ATI) Hidden
CCC Help Dutch (x32 Version: 2011.0126.1748.31909 - ATI) Hidden
CCC Help English (x32 Version: 2011.0126.1748.31909 - ATI) Hidden
CCC Help Finnish (x32 Version: 2011.0126.1748.31909 - ATI) Hidden
CCC Help French (x32 Version: 2011.0126.1748.31909 - ATI) Hidden
CCC Help German (x32 Version: 2011.0126.1748.31909 - ATI) Hidden
CCC Help Greek (x32 Version: 2011.0126.1748.31909 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2011.0126.1748.31909 - ATI) Hidden
CCC Help Italian (x32 Version: 2011.0126.1748.31909 - ATI) Hidden
CCC Help Japanese (x32 Version: 2011.0126.1748.31909 - ATI) Hidden
CCC Help Korean (x32 Version: 2011.0126.1748.31909 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2011.0126.1748.31909 - ATI) Hidden
CCC Help Polish (x32 Version: 2011.0126.1748.31909 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2011.0126.1748.31909 - ATI) Hidden
CCC Help Russian (x32 Version: 2011.0126.1748.31909 - ATI) Hidden
CCC Help Spanish (x32 Version: 2011.0126.1748.31909 - ATI) Hidden
CCC Help Swedish (x32 Version: 2011.0126.1748.31909 - ATI) Hidden
CCC Help Thai (x32 Version: 2011.0126.1748.31909 - ATI) Hidden
CCC Help Turkish (x32 Version: 2011.0126.1748.31909 - ATI) Hidden
ccc-core-static (x32 Version: 2011.0126.1749.31909 - Ihr Firmenname) Hidden
ccc-utility64 (Version: 2011.0126.1749.31909 - ATI) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 3.04 - Piriform)
Copy (x32 Version: 130.0.428.000 - Hewlett-Packard) Hidden
CPUID CPU-Z 1.61.3 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DC-Bass Source 1.3.0 (HKLM-x32\...\DC-Bass Source) (Version:  - )
DENON DJ ASIO Driver (HKLM-x32\...\{E4EC27CD-229E-481E-84F1-7AB83AC479BE}) (Version: 2.2.2 - DENON_DJ)
Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 130.0.465.000 - Hewlett-Packard) Hidden
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.8 - DivX, LLC)
DocProc (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
eMule (HKLM-x32\...\eMule) (Version:  - )
EPSON AL-C1600 (HKLM\...\EPSON AL-C1600) (Version:  - )
EPU-4 Engine (HKLM-x32\...\{8F66047B-1AF3-40D9-80D7-106E2EDC2C2A}) (Version: 1.03.03 - )
F300 (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
F300_Help (x32 Version: 82.0.242.000 - Hewlett-Packard) Hidden
F300Trb (x32 Version: 82.0.242.000 - Hewlett-Packard) Hidden
Fax (x32 Version: 130.0.418.000 - Hewlett-Packard) Hidden
Fences 2 (HKLM-x32\...\Fences 22.01) (Version: 2.01 - Stardock Corporation)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
GfK Internet-Monitor (HKLM-x32\...\39992AD7-103F-4308-8BB7-3F65F543604D) (Version: 12.6.186 - GfK)
GfK Proxy Service (HKLM-x32\...\NuragoProxyService) (Version:  - )
GIMP 2.6.11 (HKLM-x32\...\WinGimp-2.0_is1) (Version: 2.6.11 - The GIMP Team)
GMX ProfiFax (HKLM-x32\...\GMX ProfiFax) (Version: 2.00.236 - 1&1 Mail & Media GmbH)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.114 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HashCheck Shell Extension (x86-32) (HKLM-x32\...\HashCheck Shell Extension) (Version: 2.1.11.1 - Kai Liu)
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP)
HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. B (HKLM\...\{B61ED343-0B14-4241-999C-490CB1A20DA4}) (Version: 13.0 - HP)
HP Smart Web Printing 4.51 (HKLM\...\HP Smart Web Printing) (Version: 4.51 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Update (HKLM-x32\...\{7059BDA7-E1DB-442C-B7A1-6144596720A4}) (Version: 4.000.011.006 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
HPPhotoGadget (x32 Version: 130.0.282.000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabelContent1 (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPPhotosmartEssential (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HydraVision (x32 Version: 4.2.184.0 - ATI Technologies Inc.) Hidden
iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)
iTunes (HKLM\...\{9D20916D-C1E9-4E39-9723-13D200D87C40}) (Version: 11.2.0.114 - Apple Inc.)
Java 7 Update 13 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417013FF}) (Version: 7.0.130 - Oracle)
Java(TM) 6 Update 24 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216024FF}) (Version: 6.0.240 - Oracle)
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
K-Lite Codec Pack (64-bit) v4.5.0 (HKLM\...\KLiteCodecPack64_is1) (Version: 4.5.0 - )
K-Lite Codec Pack 7.0.0 (Full) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 7.0.0 - )
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
League of Legends (HKLM-x32\...\{92606477-9366-4D3B-8AE3-6BE4B29727AB}) (Version: 1.3 - Riot Games)
Logitech GamePanel Software 3.03.133 (HKLM\...\{6CC95B76-D380-46B2-9022-9353938E48BA}) (Version: 3.03.133 - Logitech Inc.)
Logitech GamePanel Software 3.06.109 (HKLM\...\{A1E85B9A-AFAD-4D38-AF01-6B020DD5213A}) (Version: 3.06.109 - Logitech Inc.)
Lumac (HKLM-x32\...\InstallShield_{5DE11949-2B11-4F13-BAD5-1C237122CFDB}) (Version: 1.1.92.0 - Firstload)
Lumac (x32 Version: 1.1.92.0 - Firstload) Hidden
MAGIX Media Manager 2004 silver (HKLM-x32\...\MAGIX Media Manager 2004 silver) (Version: 2.0.7.0 - MAGIX AG)
MAGIX Online Druck Service (HKLM-x32\...\MAGIX Online Druck Service) (Version:  - Silverwire Software GmbH)
MAGIX ringtone maker (HKLM-x32\...\MAGIX ringtone maker) (Version: 1.0.0.4 - MAGIX AG)
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0407-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.0.4035.0328 - Microsoft Corporation)
Microsoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft XML Parser (x32 Version: 8.0.7820.0 - Microsoft Corporation) Hidden
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 25.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 25.0.1 (x86 de)) (Version: 25.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 25.0.1 - Mozilla)
Mp3tag v2.59a (HKLM-x32\...\Mp3tag) (Version: v2.59a - Florian Heidenreich)
MSI Afterburner 2.1.0 (HKLM-x32\...\Afterburner) (Version: 2.1.0 - MSI Co., LTD)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Native Instruments Audio 2 DJ (HKLM-x32\...\Native Instruments Audio 2 DJ) (Version:  - Native Instruments)
Native Instruments Audio 2 DJ Driver (HKLM-x32\...\Native Instruments Audio 2 DJ Driver) (Version:  - Native Instruments)
Native Instruments Audio 2 DJ Driver (Version: 3.1.0.761 - Native Instruments) Hidden
Native Instruments Audio 4 DJ (HKLM-x32\...\Native Instruments Audio 4 DJ) (Version:  - Native Instruments)
Native Instruments Audio 4 DJ Driver (HKLM-x32\...\Native Instruments Audio 4 DJ Driver) (Version:  - Native Instruments)
Native Instruments Audio 4 DJ Driver (Version: 3.1.0.761 - Native Instruments) Hidden
Native Instruments Audio 8 DJ (HKLM-x32\...\Native Instruments Audio 8 DJ) (Version:  - Native Instruments)
Native Instruments Audio 8 DJ Driver (HKLM-x32\...\Native Instruments Audio 8 DJ Driver) (Version:  - Native Instruments)
Native Instruments Audio 8 DJ Driver (Version: 3.1.0.761 - Native Instruments) Hidden
Native Instruments Controller Editor (HKLM-x32\...\Native Instruments Controller Editor) (Version: 1.6.3.46 - Native Instruments)
Native Instruments Controller Editor (Version: 1.6.3.46 - Native Instruments) Hidden
Native Instruments Maschine Controller (HKLM-x32\...\Native Instruments Maschine Controller) (Version:  - Native Instruments)
Native Instruments Maschine Controller (Version: 3.0.1.648 - Native Instruments) Hidden
Native Instruments Service Center (HKLM-x32\...\Native Instruments Service Center) (Version:  - Native Instruments)
Native Instruments Service Center (Version: 2.2.6.676 - Native Instruments) Hidden
Native Instruments Traktor 2 (HKLM-x32\...\Native Instruments Traktor 2) (Version: 2.6.8.382 - Native Instruments)
Native Instruments Traktor 2 (Version: 2.6.8.382 - Native Instruments) Hidden
Native Instruments Traktor Audio 10 (HKLM-x32\...\Native Instruments Traktor Audio 10) (Version:  - Native Instruments)
Native Instruments Traktor Audio 10 Driver (HKLM-x32\...\Native Instruments Traktor Audio 10 Driver) (Version:  - Native Instruments)
Native Instruments Traktor Audio 10 Driver (Version: 3.1.0.761 - Native Instruments) Hidden
Native Instruments Traktor Audio 2 (HKLM-x32\...\Native Instruments Traktor Audio 2) (Version:  - Native Instruments)
Native Instruments Traktor Audio 2 Driver (HKLM-x32\...\Native Instruments Traktor Audio 2 Driver) (Version:  - Native Instruments)
Native Instruments Traktor Audio 2 Driver (Version: 3.1.0.761 - Native Instruments) Hidden
Native Instruments Traktor Audio 2 MK2 Driver (HKLM-x32\...\Native Instruments Traktor Audio 2 MK2 Driver) (Version:  - Native Instruments)
Native Instruments Traktor Audio 2 MK2 Driver (Version: 3.1.3.804 - Native Instruments) Hidden
Native Instruments Traktor Audio 6 (HKLM-x32\...\Native Instruments Traktor Audio 6) (Version:  - Native Instruments)
Native Instruments Traktor Audio 6 Driver (HKLM-x32\...\Native Instruments Traktor Audio 6 Driver) (Version:  - Native Instruments)
Native Instruments Traktor Audio 6 Driver (Version: 3.1.0.761 - Native Instruments) Hidden
Native Instruments Traktor Kontrol F1 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol F1 Driver) (Version:  - Native Instruments)
Native Instruments Traktor Kontrol F1 Driver (Version: 3.0.2.664 - Native Instruments) Hidden
Native Instruments Traktor Kontrol S2 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol S2 Driver) (Version:  - Native Instruments)
Native Instruments Traktor Kontrol S2 Driver (Version: 3.1.0.761 - Native Instruments) Hidden
Native Instruments Traktor Kontrol S2 MK2 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol S2 MK2 Driver) (Version:  - Native Instruments)
Native Instruments Traktor Kontrol S2 MK2 Driver (Version: 3.1.2.795 - Native Instruments) Hidden
Native Instruments Traktor Kontrol S4 (HKLM-x32\...\Native Instruments Traktor Kontrol S4) (Version:  - Native Instruments)
Native Instruments Traktor Kontrol S4 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol S4 Driver) (Version:  - Native Instruments)
Native Instruments Traktor Kontrol S4 Driver (Version: 3.1.0.761 - Native Instruments) Hidden
Native Instruments Traktor Kontrol S4 MK2 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol S4 MK2 Driver) (Version:  - Native Instruments)
Native Instruments Traktor Kontrol S4 MK2 Driver (Version: 3.1.2.795 - Native Instruments) Hidden
Native Instruments Traktor Kontrol X1 (HKLM-x32\...\Native Instruments Traktor Kontrol X1) (Version:  - Native Instruments)
Native Instruments Traktor Kontrol X1 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol X1 Driver) (Version:  - Native Instruments)
Native Instruments Traktor Kontrol X1 Driver (Version: 3.0.1.648 - Native Instruments) Hidden
Native Instruments Traktor Kontrol X1 MK2 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol X1 MK2 Driver) (Version:  - Native Instruments)
Native Instruments Traktor Kontrol X1 MK2 Driver (Version: 3.1.1.780 - Native Instruments) Hidden
Native Instruments Traktor Kontrol Z1 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol Z1 Driver) (Version:  - Native Instruments)
Native Instruments Traktor Kontrol Z1 Driver (Version: 3.1.1.780 - Native Instruments) Hidden
Native Instruments Traktor Kontrol Z2 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol Z2 Driver) (Version:  - Native Instruments)
Native Instruments Traktor Kontrol Z2 Driver (Version: 3.1.0.761 - Native Instruments) Hidden
Nero 8 (HKLM-x32\...\{9EDBB857-8028-49CD-B9C9-0B4D10CD1031}) (Version: 8.10.290 - Nero AG)
neroxml (x32 Version: 1.0.0 - Nero AG) Hidden
Network64 (Version: 130.0.572.000 - Hewlett-Packard) Hidden
Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden
Notepad++ (HKLM-x32\...\Notepad++) (Version: 5.6.8 - )
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
OpenSource Flash Video Splitter 1.0.0.5 (HKLM-x32\...\OpenSource Flash Video Splitter) (Version: 1.0.0.5 - )
Opticon USB Drivers Installer (HKLM-x32\...\Opticon USB Installer) (Version:  - )
Panel Client 3.2 (HKLM-x32\...\Panel Client_is1) (Version:  - GfK Panel Services Deutschland GmbH)
Photo Gallery (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Pidgin (HKLM-x32\...\Pidgin) (Version: 2.10.9 - )
Platform (x32 Version: 1.39 - VIA Technologies, Inc.) Hidden
PowerISO (HKLM-x32\...\PowerISO) (Version:  - )
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Razer Game Booster (HKLM-x32\...\Razer Game Booster_is1) (Version: 4.2.45.0 - Razer Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.52.203.2012 - Realtek)
Remote Mouse version 2.54 (HKLM-x32\...\{01E4BC6D-3ACC-45E1-8928-C2FF626F63F3}_is1) (Version: 2.54 - Remote Mouse)
Remote Panel Program (HKLM-x32\...\{13AA13C1-E4B9-4048-B4A6-9C9B86D44F57}) (Version:  - )
RocketDock 1.3.5 (HKLM-x32\...\RocketDock_is1) (Version:  - Punk Software)
Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
SmartWebPrinting (x32 Version: 130.0.457.000 - Hewlett-Packard) Hidden
SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
SpeedCommander 13 (x64) (HKLM\...\SpeedCommander 13 (x64)) (Version: 13.40.6300 - SWE Sven Ritter)
Status (x32 Version: 130.0.469.000 - Hewlett-Packard) Hidden
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.27614 - TeamViewer)
TECHNO4EVER Player 1.1.3 (HKLM-x32\...\{9AF19FCD-2362-493D-A127-C47BB284A636}) (Version: 1.1.3 - TECHNO4EVER Radio- und Mediengesellschaft mbH)
TERA (HKLM-x32\...\{A2F166A0-F031-4E27-A057-C69733219434}_is1) (Version: 7 - Gameforge Productions GmbH)
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 130.0.422.000 - Hewlett-Packard) Hidden
UnloadSupport (x32 Version: 11.0.0 - Hewlett-Packard) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{EA54F104-79D2-48CC-9ABC-91A63C43D353}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2880505) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{2720451F-5D04-43EC-AB1F-26D948FD971B}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VIA Plattform-Geräte-Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.39 - VIA Technologies, Inc.)
Vista Game Explorer Editor (HKLM-x32\...\VGEE) (Version: Beta 2.14a - Ryan Richter)
Visual C++ 9.0 CRT (x86) WinSXS MSM (x32 Version: 9.0 - Microsoft Corporation) Hidden
VLC media player 2.1.4 (HKLM\...\VLC media player) (Version: 2.1.4 - VideoLAN)
Warcraft III (HKLM-x32\...\Warcraft III) (Version:  - Blizzard Entertainment)
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
Windows Cleaner (HKLM-x32\...\Vtools_WindowsCleaner_is1) (Version: 1.0.0 - Vtools)
Windows Live Communications Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Family Safety (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
winKeyLock version 1.0.1.3 (HKLM-x32\...\winKeyLock_is1) (Version: 1.0.1 - winKeyLock)
WinRAR 4.00 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.00.0 - win.rar GmbH)
WMV9/VC-1 Video Playback (Version: 1.00.0000 - ATI Technologies Inc.) Hidden
Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.2) (Version: 1.3.2 - Xvid Team)

==================== Restore Points  =========================

26-05-2014 19:59:59 Gerätetreiber-Paketinstallation: TerraTec Electronic GmbH Audio-, Video- und Gamecontroller
26-05-2014 20:26:31 Gerätetreiber-Paketinstallation: TerraTec Electronic GmbH Audio-, Video- und Gamecontroller
28-05-2014 16:38:29 zoek.exe restore point
28-05-2014 16:45:15 Windows Update

==================== Hosts content: ==========================

2009-07-14 04:34 - 2014-05-24 12:48 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {1B2905D8-9584-4CD3-AB59-90BF090161E7} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-16] (Adobe Systems Incorporated)
Task: {24B654B2-B7EA-45CB-9CF7-95ACD67C5C7D} - System32\Tasks\Amazon Music Helper => C:\Users\Lars\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe [2014-05-08] ()
Task: {3370000F-E1FF-4575-A340-672AE206A346} - System32\Tasks\ASUS\ASUS SIX Engine => C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe [2012-01-03] (ASUSTek Computer Inc.)
Task: {3FB27DB5-FE54-4244-A9CB-9027EF2FF08C} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2013-11-20] (Apple Inc.)
Task: {54EDCEFE-8B33-42F8-9464-EEAD4AAE47B2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-07] (Google Inc.)
Task: {812530AD-22BA-4413-AFF6-517EC59FC1C2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-07] (Google Inc.)
Task: {A1D60D55-A6B8-401B-BC05-2938E02DF2F2} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => d:\program files\windows defender\MpCmdRun.exe
Task: {B29A0C2F-3D50-434C-AC1C-80205D088FD1} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {C4E8B14A-4159-4C58-BDAD-281DBBFC97E8} - System32\Tasks\Microsoft\Windows Defender\MpIdleTask => d:\program files\windows defender\MpCmdRun.exe
Task: {CE2A5F4A-6D53-4AA9-B75E-33053699DC04} - System32\Tasks\Razer_Game_Booster_AutoUpdate => C:\Program Files (x86)\Razer\Razer Game Booster\AutoUpdate.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-02-07 14:55 - 2011-03-02 13:40 - 00164864 _____ () C:\Program Files\WinRAR\rarext.dll
2013-12-13 10:11 - 2014-05-08 19:26 - 03145536 _____ () C:\Users\Lars\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
2014-02-20 17:46 - 2014-02-20 17:46 - 00021480 _____ () C:\Program Files (x86)\GfK-ProxyService\GfK-ProxyWatchdog.exe
2014-02-20 17:46 - 2014-02-20 17:46 - 00026600 _____ () C:\Program Files (x86)\GfK-ProxyService\ProxyUtils.dll
2013-02-07 15:09 - 2011-12-06 03:58 - 00078448 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\QsApoApi64.dll
2013-02-07 15:09 - 2011-12-06 03:58 - 00386160 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\Dts2ApoApi64.dll
2014-03-03 21:50 - 2014-02-20 18:25 - 03293672 _____ () C:\Program Files (x86)\GfK Internet-Monitor\GfK-Reporting.exe
2014-03-03 21:50 - 2014-02-20 18:25 - 01356264 _____ () C:\Program Files (x86)\GfK Internet-Monitor\GfK-Updater.exe
2011-01-26 19:00 - 2011-01-26 19:00 - 00079872 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Services.dll
2014-02-20 17:46 - 2014-02-20 17:46 - 00045544 _____ () C:\Program Files (x86)\GfK-ProxyService\GfK-ProxyService.exe
2013-02-07 15:10 - 2009-01-15 15:55 - 00565248 _____ () C:\Program Files (x86)\ASUS\EPU-4 Engine\pngio.dll
2013-02-07 15:10 - 2009-03-25 17:53 - 00053248 _____ () C:\Program Files (x86)\ASUS\EPU-4 Engine\AsSpindownTimeout.dll
2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-01-20 14:16 - 2014-01-20 14:16 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-02-08 01:00 - 2007-05-28 23:13 - 00145920 _____ () C:\Program Files (x86)\Auslogics\Auslogics BoostSpeed\madBasic_.bpl
2013-02-08 01:00 - 2007-05-28 23:13 - 00316928 _____ () C:\Program Files (x86)\Auslogics\Auslogics BoostSpeed\madExcept_.bpl
2013-02-08 01:00 - 2007-05-28 23:13 - 00041984 _____ () C:\Program Files (x86)\Auslogics\Auslogics BoostSpeed\madDisAsm_.bpl
2013-02-08 01:00 - 2008-04-08 05:11 - 00053248 _____ () C:\Program Files (x86)\Auslogics\Auslogics BoostSpeed\armaccess.dll
2013-09-14 01:51 - 2013-09-14 01:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\zlib1.dll
2013-09-14 01:50 - 2013-09-14 01:50 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\libxml2.dll
2014-01-05 21:57 - 2013-11-19 22:34 - 00152576 _____ () C:\Program Files (x86)\Remote Mouse\FileS.dll
2013-03-28 11:32 - 2012-11-08 13:19 - 00474360 _____ () C:\Program Files (x86)\GfK Internet-Monitor\UpdateHelper.dll
2014-05-24 10:21 - 2014-05-14 01:40 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\libglesv2.dll
2014-05-24 10:21 - 2014-05-14 01:40 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\libegl.dll
2014-05-24 10:21 - 2014-05-14 01:40 - 04217672 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\pdf.dll
2014-05-24 10:21 - 2014-05-14 01:40 - 00414536 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ppGoogleNaClPluginChrome.dll
2014-05-24 10:21 - 2014-05-14 01:40 - 01732424 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ffmpegsumo.dll
2014-05-24 10:21 - 2014-05-14 01:40 - 13695816 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\PepperFlash\pepflashplayer.dll
2014-05-28 20:14 - 2014-02-20 17:32 - 00256512 _____ () C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekfcceehmjiicgpkeblpbcpglgdklklh\13.4.568_0\plugin\npgacela_private.dll
2014-05-28 20:14 - 2014-02-20 17:32 - 00261608 _____ () C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekfcceehmjiicgpkeblpbcpglgdklklh\13.4.568_0\plugin\npgacela.dll
2014-03-31 21:35 - 2014-03-31 21:35 - 00282304 _____ () C:\Program Files (x86)\Windows Live\Writer\de\WindowsLive.Writer.Localization.resources.dll
2014-01-20 14:16 - 2014-01-20 14:16 - 00237384 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Windows\system32\Drivers\nglfsegm.sys:changelist
AlternateDataStreams: C:\Windows\system32\Drivers\qqczqvzb.sys:changelist
AlternateDataStreams: C:\Windows\system32\Drivers\xrehzkvs.sys:changelist
AlternateDataStreams: C:\ProgramData\TEMP:373E1720

==================== Safe Mode (whitelisted) ===================


==================== EXE Association (whitelisted) =============


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============

Name: Microsoft-Teredo-Tunneling-Adapter
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (05/28/2014 07:15:47 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/28/2014 06:53:57 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/28/2014 06:35:18 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/28/2014 06:26:09 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/26/2014 10:29:52 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/26/2014 10:23:05 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/26/2014 10:18:51 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/26/2014 10:15:32 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/26/2014 09:57:49 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/26/2014 09:31:42 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (05/28/2014 07:14:37 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "GfK-Proxy-Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (05/28/2014 07:14:37 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst GfK-Proxy-Service erreicht.

Error: (05/28/2014 07:13:44 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Der Dienst "HitmanPro 3.7 Crusader (Boot)" wurde mit folgendem dienstspezifischem Fehler beendet: %%0.

Error: (05/28/2014 07:12:20 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {3EB3C877-1F16-487C-9050-104DBCD66683}

Error: (05/28/2014 06:51:19 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {3EB3C877-1F16-487C-9050-104DBCD66683}

Error: (05/28/2014 06:47:51 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.

Error: (05/28/2014 06:47:51 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.

Error: (05/28/2014 06:47:50 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.

Error: (05/28/2014 06:47:50 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.

Error: (05/28/2014 06:47:49 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2014-05-26 22:21:43.581
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\cmudax3.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-05-26 22:21:43.503
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\cmudax3.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-05-26 22:20:12.660
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\cmudax3.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-05-26 22:20:12.584
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\cmudax3.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-05-26 22:19:12.490
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\cmudax3.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-05-26 22:19:12.430
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\cmudax3.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-05-26 21:56:17.001
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\cmudax3.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-05-26 21:56:16.907
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\cmudax3.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-05-26 21:55:02.316
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\cmudax3.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-05-26 21:55:02.246
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\cmudax3.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info =========================== 

Percentage of memory in use: 23%
Total physical RAM: 16366.12 MB
Available physical RAM: 12596.19 MB
Total Pagefile: 32730.41 MB
Available Pagefile: 28313.02 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:931.41 GB) (Free:61.82 GB) NTFS
Drive e: () (Fixed) (Total:372.6 GB) (Free:36.99 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: ED9E570F)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 373 GB) (Disk ID: 1E521E51)
Partition 1: (Active) - (Size=373 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         
--- --- ---



FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-05-2014 02
Ran by Lars (administrator) on LARS-PC on 28-05-2014 21:06:06
Running from C:\Users\Lars\Desktop\Adware Tools\NEXT
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe
() C:\Users\Lars\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
(Advanced Micro Devices) C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Logitech Inc.) C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe
(Logitech Inc.) C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe
(Auslogics) C:\Program Files (x86)\Auslogics\Auslogics BoostSpeed\BoostSpeed.exe
(Nero AG) C:\Program Files (x86)\Common Files\Nero\Lib\NMBgMonitor.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(RemoteMouse.net) C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
() C:\Program Files (x86)\GfK-ProxyService\GfK-ProxyWatchdog.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
(PowerISO Computing, Inc.) C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
() C:\Program Files (x86)\GfK Internet-Monitor\GfK-Reporting.exe
() C:\Program Files (x86)\GfK Internet-Monitor\GfK-Updater.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Nero AG) C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Nero AG) C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Nero AG) C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
() C:\Program Files (x86)\GfK-ProxyService\GfK-ProxyService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(GfK) C:\Program Files (x86)\GfK Internet-Monitor\Chrome Extension\GfK-Chrome-Helper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Mail\wlmail.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunes.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\ATH.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation)
HKLM\...\Run: [Launch LgDeviceAgent] => C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe [415816 2010-08-03] (Logitech Inc.)
HKLM\...\Run: [Launch LCDMon] => C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe [2412616 2010-08-03] (Logitech Inc.)
HKLM\...\Run: [Launch LGDCore] => C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe [4725320 2010-08-03] (Logitech Inc.)
HKLM\...\Run: [Fences] => C:\Program Files (x86)\Stardock\Fences\Fences.exe [4017368 2012-10-29] (Stardock Corporation)
HKLM\...\Run: [CmPCIaudio] => C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\cmicnfg3.cpl,CMICtrlWnd
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5015040 2012-02-09] (VIA)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-01-26] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54840 2007-05-08] (Hewlett-Packard)
HKLM-x32\...\Run: [hpqSRMon] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard)
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [180224 2009-03-15] (PowerISO Computing, Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-05-14] (Apple Inc.)
HKU\.DEFAULT\...\Run: [GfK-Proxy-Service] => C:\Program Files (x86)\GfK-ProxyService\GfK-ProxyWatchdog.exe [21480 2014-02-20] ()
HKU\.DEFAULT\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\.DEFAULT\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1
HKU\.DEFAULT\...\Policies\Explorer: [NoResolveSearch] 1
HKU\.DEFAULT\...\Policies\Explorer: [NoInternetOpenWith] 1
HKU\S-1-5-21-1005217006-152471606-131910131-1000\...\Run: [Auslogics BoostSpeed 4] => C:\Program Files (x86)\Auslogics\Auslogics BoostSpeed\boostspeed.exe [362096 2009-03-16] (Auslogics)
HKU\S-1-5-21-1005217006-152471606-131910131-1000\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files (x86)\Common Files\Nero\Lib\NMBgMonitor.exe [202024 2007-10-23] (Nero AG)
HKU\S-1-5-21-1005217006-152471606-131910131-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-1005217006-152471606-131910131-1000\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-1005217006-152471606-131910131-1000\...\Run: [Amazon Cloud Player] => C:\Users\Lars\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe [3145536 2014-05-08] ()
HKU\S-1-5-21-1005217006-152471606-131910131-1000\...\Run: [Remote Mouse] => C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe [1200640 2014-03-30] (RemoteMouse.net)
HKU\S-1-5-21-1005217006-152471606-131910131-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20922016 2014-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-1005217006-152471606-131910131-1000\...\Run: [GfK-Proxy-Service] => C:\Program Files (x86)\GfK-ProxyService\GfK-ProxyWatchdog.exe [21480 2014-02-20] ()
HKU\S-1-5-21-1005217006-152471606-131910131-1000\...\Policies\Explorer: [NoInternetOpenWith] 1
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\Users\Lars\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Fences.lnk
ShortcutTarget: Fences.lnk -> C:\Program Files (x86)\Stardock\Fences\Fences.exe (Stardock Corporation)

==================== Internet (Whitelisted) ====================

ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: http=127.0.0.1:7777
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - {758B870D-DF78-4A6A-9955-DEDDCACF94DC} URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
BHO: GfK Internet-Monitor - {4BEEA052-726D-4A6E-B65D-A6BD07C263F3} - C:\Program Files (x86)\GfK Internet-Monitor\x64\Gacela2.dll (GfK)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: GfK Internet-Monitor - {4BEEA052-726D-4A6E-B65D-A6BD07C263F3} - C:\Program Files (x86)\GfK Internet-Monitor\Gacela2.dll (GfK)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Lars\AppData\Roaming\Mozilla\Firefox\Profiles\1ipdivd3.default
FF NewTab: hxxp://www.google.com/
FF DefaultSearchEngine: Google
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.com
FF Keyword.URL: hxxp://www.google.com/search?btnG=Google+Search&q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @java.com/DTPlugin,version=10.13.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.13.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.1 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.4 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll No File
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @phonostar.de/phonostar-Player - C:\Program Files (x86)\phonostar-Player\npphonostarDetectNP.dll No File
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: LastPass - C:\Users\Lars\AppData\Roaming\Mozilla\Firefox\Profiles\1ipdivd3.default\Extensions\support@lastpass.com [2013-04-26]
FF Extension: Flashblock - C:\Users\Lars\AppData\Roaming\Mozilla\Firefox\Profiles\1ipdivd3.default\Extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a} [2013-11-16]
FF Extension: Personas Plus - C:\Users\Lars\AppData\Roaming\Mozilla\Firefox\Profiles\1ipdivd3.default\Extensions\personas@christopher.beard.xpi [2013-02-08]
FF Extension: Adblock Plus - C:\Users\Lars\AppData\Roaming\Mozilla\Firefox\Profiles\1ipdivd3.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-10-26]
FF Extension: Download Statusbar - C:\Users\Lars\AppData\Roaming\Mozilla\Firefox\Profiles\1ipdivd3.default\Extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}.xpi [2013-02-08]
FF Extension: Tab Mix Plus - C:\Users\Lars\AppData\Roaming\Mozilla\Firefox\Profiles\1ipdivd3.default\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2013-09-21]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013-02-25]
FF HKLM-x32\...\Firefox\Extensions: [gacela2@nurago.com] - C:\Program Files (x86)\GfK Internet-Monitor
FF Extension: GfK Internet-Monitor - C:\Program Files (x86)\GfK Internet-Monitor [2013-03-28]
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013-02-25]

Chrome: 
=======
CHR Extension: (Google Docs) - C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-28]
CHR Extension: (Google Drive) - C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-28]
CHR Extension: (YouTube) - C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-28]
CHR Extension: (Google-Suche) - C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-28]
CHR Extension: (GfK Internet-Monitor) - C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekfcceehmjiicgpkeblpbcpglgdklklh [2014-05-28]
CHR Extension: (Google Wallet) - C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-02]
CHR Extension: (Google Mail) - C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-28]

==================== Services (Whitelisted) =================

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [354304 2011-01-26] (Advanced Micro Devices, Inc.)
R2 AMD Reservation Manager; C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe [194496 2010-06-17] (Advanced Micro Devices)
R2 GfK-Proxy-Service; C:\Program Files (x86)\GfK-ProxyService\GfK-ProxyService.exe [45544 2014-02-20] ()
R2 GfK-Reporting-Service; C:\Program Files (x86)\GfK Internet-Monitor\GfK-Reporting.exe [3293672 2014-02-20] ()
R2 GfK-Update-Service; C:\Program Files (x86)\GfK Internet-Monitor\GfK-Updater.exe [1356264 2014-02-20] ()
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation)
R2 Nero BackItUp Scheduler 3; C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe [853288 2007-09-20] (Nero AG)
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation)
R3 NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [382248 2007-10-23] (Nero AG)
R2 RzKLService; C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe [105448 2014-02-25] (Razer Inc.)
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27760 2011-11-11] (VIA Technologies, Inc.)

==================== Drivers (Whitelisted) ====================

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-23] ()
S3 CM1063264; C:\Windows\System32\drivers\CM10664.sys [984064 2007-04-13] (C-Media Inc)
R3 cmuda3; C:\Windows\System32\drivers\cmudax3.sys [828416 2007-04-12] (C-Media Inc)
R3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [32512 2014-05-28] ()
R3 LGPBTDD; C:\Windows\System32\Drivers\LGPBTDD.sys [30728 2009-07-01] (Logitech Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-05-28] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-17] ()
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)
R1 wStLib64; C:\Windows\System32\drivers\wStLib64.sys [61112 2014-03-20] (StdLib)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [X]
S3 MSICDSetup; \??\D:\CDriver64.sys [X]
U4 SR; 
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 WinRing0_1_2_0; \??\C:\Program Files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-28 19:13 - 2014-05-28 19:13 - 00032512 _____ () C:\Windows\system32\Drivers\hitmanpro37.sys
2014-05-28 19:10 - 2014-05-28 19:10 - 00004120 _____ () C:\Windows\system32\.crusader
2014-05-28 19:00 - 2014-05-28 19:12 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-05-28 18:50 - 2014-05-28 18:50 - 00000081 _____ () C:\folders.txt
2014-05-28 18:50 - 2014-05-28 18:37 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-05-28 18:38 - 2014-05-28 18:52 - 00026137 _____ () C:\zoek-results.log
2014-05-28 18:37 - 2014-05-28 18:49 - 00000000 ____D () C:\zoek_backup
2014-05-26 22:26 - 2014-05-26 22:26 - 00000501 _____ () C:\Windows\Cmicnfg3.ini.imi
2014-05-26 22:26 - 2007-04-12 17:56 - 06098944 _____ (C-Media Corporation) C:\Windows\system\cmicnfg3.cpl
2014-05-26 22:26 - 2007-04-12 16:29 - 00828416 _____ (C-Media Inc) C:\Windows\system32\Drivers\cmudax3.sys
2014-05-26 22:26 - 2007-03-26 19:39 - 00065536 ____R () C:\Windows\system32\CmiInstallResAll.dll
2014-05-26 22:13 - 2014-05-26 22:13 - 00262144 ____N () C:\Windows\Minidump\052614-22198-01.dmp
2014-05-26 22:13 - 2014-05-26 22:13 - 00000000 ____D () C:\Windows\Minidump
2014-05-25 03:58 - 2014-05-25 03:58 - 163006996 _____ () C:\Users\Lars\Downloads\INTP2268w.rar
2014-05-24 23:41 - 2014-05-24 23:41 - 00349160 _____ () C:\Users\Lars\Downloads\MediaPlayerClassic.exe
2014-05-24 19:16 - 2014-05-28 21:03 - 00000000 ____D () C:\Users\Lars\Desktop\Adware Tools
2014-05-24 16:12 - 2014-05-24 16:12 - 00000000 ____D () C:\Windows\ERUNT
2014-05-24 16:04 - 2014-05-24 16:04 - 00001094 _____ () C:\Users\Public\Desktop\Controller Editor.lnk
2014-05-24 16:04 - 2014-05-24 16:04 - 00000000 __HDC () C:\ProgramData\{FA277A43-401F-4EAE-9068-FCDF88DB3EA9}
2014-05-24 15:58 - 2014-05-24 15:58 - 00001002 _____ () C:\Users\Public\Desktop\Traktor 2.lnk
2014-05-24 15:58 - 2014-05-24 15:58 - 00000000 __HDC () C:\ProgramData\{0495C70B-87F4-4A64-87B3-4FB0BA1F60D2}
2014-05-24 15:52 - 2014-05-24 17:23 - 00133962 _____ () C:\Windows\DPINST.LOG
2014-05-24 15:42 - 2014-05-28 19:16 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-24 15:42 - 2014-05-24 15:42 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-05-24 15:42 - 2014-05-24 15:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-05-24 15:42 - 2014-05-24 15:42 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-24 15:42 - 2014-05-24 15:42 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-05-24 15:42 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-24 15:42 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-24 15:42 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-24 11:54 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-05-24 11:54 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-05-24 11:54 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-05-24 11:54 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-05-24 11:54 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-05-24 11:54 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-05-24 11:54 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-05-24 11:54 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-05-24 11:51 - 2014-05-24 20:30 - 00000000 ____D () C:\Qoobox
2014-05-24 11:51 - 2014-05-24 12:52 - 00000000 ____D () C:\Windows\erdnt
2014-05-24 11:17 - 2014-05-24 11:47 - 00000000 ____D () C:\Program Files (x86)\GfK-ProxyService
2014-05-24 11:15 - 2014-05-28 21:06 - 00000000 ____D () C:\FRST
2014-05-24 10:21 - 2014-05-24 10:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-05-24 10:15 - 2014-05-28 18:52 - 00008084 _____ () C:\Windows\PFRO.log
2014-05-24 09:57 - 2014-05-28 20:56 - 00003936 _____ () C:\Windows\setupact.log
2014-05-24 09:57 - 2014-05-24 09:57 - 00000000 _____ () C:\Windows\setuperr.log
2014-05-20 17:59 - 2014-05-20 18:00 - 00000000 ____D () C:\Program Files (x86)\winKeyLock
2014-05-20 17:59 - 2014-05-20 17:59 - 00000963 _____ () C:\Users\Lars\Desktop\winKeyLock.lnk
2014-05-20 17:59 - 2014-05-20 17:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\winKeyLock
2014-05-20 17:58 - 2014-05-20 17:58 - 00645904 _____ (winKeyLock ) C:\Users\Lars\Downloads\InstallWinKeyLock1.0.1.exe
2014-05-20 10:57 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-05-20 10:56 - 2014-05-24 19:48 - 00000000 ____D () C:\AdwCleaner
2014-05-20 10:52 - 2014-05-20 10:52 - 00961360 _____ (Chip Digital GmbH) C:\Users\Lars\Desktop\AdwCleaner.exe
2014-05-20 09:02 - 2014-05-20 09:04 - 00000000 ____D () C:\Users\Lars\Desktop\Vertrag VF Oli Kamera
2014-05-20 08:48 - 2014-05-24 09:56 - 00000668 _____ () C:\aaw7boot.log
2014-05-16 08:13 - 2014-05-16 08:13 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-16 08:12 - 2014-05-16 08:12 - 00001783 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-05-16 08:12 - 2014-05-16 08:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-05-16 08:11 - 2014-05-16 08:12 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-05-16 08:11 - 2014-05-16 08:12 - 00000000 ____D () C:\Program Files\iTunes
2014-05-16 08:11 - 2014-05-16 08:12 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-05-16 08:11 - 2014-05-16 08:11 - 00000000 ____D () C:\Program Files\iPod
2014-05-16 07:51 - 2014-05-06 07:14 - 19274752 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-16 07:51 - 2014-05-06 07:14 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-16 07:51 - 2014-05-06 05:48 - 14367232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-16 07:51 - 2014-05-06 05:48 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-16 07:51 - 2014-05-06 05:37 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-16 07:51 - 2014-05-06 05:26 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-16 07:46 - 2014-05-09 08:14 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-16 07:46 - 2014-05-09 08:11 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-16 07:46 - 2014-03-25 04:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-16 07:46 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-05-16 07:45 - 2014-04-12 04:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-05-16 07:45 - 2014-04-12 04:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-05-16 07:45 - 2014-04-12 04:19 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-05-16 07:45 - 2014-04-12 04:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-05-16 07:45 - 2014-04-12 04:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-05-16 07:45 - 2014-04-12 04:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-05-16 07:45 - 2014-04-12 04:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-05-16 07:45 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-05-16 07:45 - 2014-04-12 04:10 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-05-16 07:45 - 2014-03-04 11:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-05-16 07:45 - 2014-03-04 11:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-05-16 07:45 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-05-16 07:45 - 2014-03-04 11:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-05-16 07:45 - 2014-03-04 11:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-05-16 07:45 - 2014-03-04 11:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-05-16 07:45 - 2014-03-04 11:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-05-16 07:45 - 2014-03-04 11:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-05-16 07:45 - 2014-03-04 11:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-05-16 07:45 - 2014-03-04 11:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-05-16 07:45 - 2014-03-04 11:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-05-16 07:45 - 2014-03-04 11:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-05-16 07:45 - 2014-03-04 11:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-05-16 07:45 - 2014-03-04 11:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-05-16 07:45 - 2014-03-04 11:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-05-16 07:45 - 2014-03-04 11:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-05-16 07:45 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-05-16 07:45 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-05-16 07:45 - 2014-03-04 11:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-05-16 07:45 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-05-16 07:45 - 2014-03-04 11:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-05-16 07:45 - 2014-03-04 11:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-05-16 07:45 - 2014-03-04 11:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-05-16 07:45 - 2014-03-04 11:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-05-16 07:45 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-05-16 07:45 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-05-16 07:45 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-05-16 07:45 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-05-16 07:45 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-05-16 07:45 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-05-16 07:45 - 2014-03-04 11:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-05-16 07:45 - 2014-03-04 11:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-05-09 22:54 - 2014-05-24 10:02 - 00000000 ____D () C:\ProgramData\Lavasoft
2014-05-09 22:54 - 2014-05-24 10:02 - 00000000 ____D () C:\Program Files (x86)\Lavasoft
2014-05-09 12:30 - 2014-05-09 12:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mp3tag
2014-05-09 12:21 - 2014-05-09 12:21 - 00001026 _____ () C:\Users\Lars\Desktop\MP3Gain.lnk
2014-05-09 11:49 - 2014-05-09 11:49 - 00000000 __HDC () C:\ProgramData\{4682E4CB-7209-4099-8AA1-580ABCCCE731}
2014-05-09 11:49 - 2014-05-09 11:49 - 00000000 __HDC () C:\ProgramData\{033B4844-E9C3-45D2-88D9-34DDF3F91100}
2014-05-09 11:48 - 2014-05-09 11:48 - 00000000 __HDC () C:\ProgramData\{D2030082-F62A-402A-9456-8009276FD896}
2014-05-09 11:48 - 2014-05-09 11:48 - 00000000 __HDC () C:\ProgramData\{B3478C15-588A-4968-AD66-76AA98803A28}
2014-05-09 11:48 - 2014-05-09 11:48 - 00000000 __HDC () C:\ProgramData\{0CC85DFF-E70A-4AB0-968A-F1F98F4D0C67}
2014-05-09 11:47 - 2014-05-09 11:47 - 00000000 __HDC () C:\ProgramData\{662EAAEC-9E9A-4C69-A658-884E51E909BB}
2014-05-09 11:47 - 2014-05-09 11:47 - 00000000 __HDC () C:\ProgramData\{5EE4F9B1-7274-48A2-9C25-C287604C3058}
2014-05-09 11:46 - 2014-05-09 11:46 - 00000000 __HDC () C:\ProgramData\{EB21323D-3F46-4EF0-B849-B096B7705C69}
2014-05-09 11:46 - 2014-05-09 11:46 - 00000000 __HDC () C:\ProgramData\{9B09061B-0A4F-42DA-9987-7D3F452DCB09}
2014-05-09 11:46 - 2014-05-09 11:46 - 00000000 __HDC () C:\ProgramData\{9597097D-B8DC-4754-AF2D-CB61CCFC861A}
2014-05-09 11:46 - 2014-05-09 11:46 - 00000000 __HDC () C:\ProgramData\{219191E6-6846-4329-889D-7956C487D9A6}
2014-05-09 11:45 - 2014-05-09 11:45 - 00000000 __HDC () C:\ProgramData\{B7C85E99-2AC6-455D-B4D1-752A56403757}
2014-05-09 11:45 - 2014-05-09 11:45 - 00000000 __HDC () C:\ProgramData\{AF79C86B-2321-4D47-A168-2A24BA2B6A73}
2014-05-09 11:45 - 2014-05-09 11:45 - 00000000 __HDC () C:\ProgramData\{9F570B21-E27A-40BE-A508-292899A7D042}
2014-05-09 11:44 - 2014-05-09 11:44 - 00000000 __HDC () C:\ProgramData\{57B31BE2-3175-4425-9722-D2AC5F68C7BD}
2014-05-09 11:11 - 2014-05-24 17:23 - 00001069 _____ () C:\Users\Lars\Desktop\DENON DJ ASIO Driver.lnk
2014-05-09 11:11 - 2014-05-09 11:11 - 00000000 ____D () C:\Users\Lars\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DENON_DJ
2014-05-09 11:11 - 2014-05-09 11:11 - 00000000 ____D () C:\Program Files (x86)\DENON_DJ

==================== One Month Modified Files and Folders =======

2014-05-28 21:06 - 2014-05-24 11:15 - 00000000 ____D () C:\FRST
2014-05-28 21:03 - 2014-05-24 19:16 - 00000000 ____D () C:\Users\Lars\Desktop\Adware Tools
2014-05-28 20:58 - 2013-02-07 13:57 - 01170643 _____ () C:\Windows\WindowsUpdate.log
2014-05-28 20:56 - 2014-05-24 09:57 - 00003936 _____ () C:\Windows\setupact.log
2014-05-28 20:45 - 2013-03-28 11:32 - 00000000 ____D () C:\Program Files (x86)\GfK Internet-Monitor
2014-05-28 20:44 - 2013-02-09 01:54 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-28 20:29 - 2013-07-15 00:05 - 00000000 ____D () C:\Users\Lars\AppData\Local\769EDE57-05AC-4121-A320-64C10E4C3E4B.aplzod
2014-05-28 20:26 - 2013-02-07 15:07 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-28 20:16 - 2013-02-25 16:39 - 00000000 ____D () C:\Users\Lars\AppData\Roaming\Skype
2014-05-28 20:00 - 2013-05-02 18:33 - 00000000 ____D () C:\Users\Lars\Desktop\iPod Photo Cache
2014-05-28 19:50 - 2013-02-15 21:06 - 00000000 ____D () C:\Users\Lars\AppData\Local\Apple Computer
2014-05-28 19:22 - 2009-07-14 06:45 - 00021248 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-28 19:22 - 2009-07-14 06:45 - 00021248 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-28 19:16 - 2014-05-24 15:42 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-28 19:14 - 2013-02-07 15:07 - 00001102 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-28 19:13 - 2014-05-28 19:13 - 00032512 _____ () C:\Windows\system32\Drivers\hitmanpro37.sys
2014-05-28 19:13 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-28 19:12 - 2014-05-28 19:00 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-05-28 19:10 - 2014-05-28 19:10 - 00004120 _____ () C:\Windows\system32\.crusader
2014-05-28 18:52 - 2014-05-28 18:38 - 00026137 _____ () C:\zoek-results.log
2014-05-28 18:52 - 2014-05-24 10:15 - 00008084 _____ () C:\Windows\PFRO.log
2014-05-28 18:50 - 2014-05-28 18:50 - 00000081 _____ () C:\folders.txt
2014-05-28 18:49 - 2014-05-28 18:37 - 00000000 ____D () C:\zoek_backup
2014-05-28 18:48 - 2013-02-07 14:45 - 00000000 ____D () C:\Users\Lars
2014-05-28 18:37 - 2014-05-28 18:50 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-05-28 18:34 - 2014-03-11 00:22 - 00000008 __RSH () C:\ProgramData\ntuser.pol
2014-05-28 18:31 - 2009-07-14 05:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-05-26 22:37 - 2010-11-21 08:50 - 00702964 _____ () C:\Windows\system32\perfh007.dat
2014-05-26 22:37 - 2010-11-21 08:50 - 00150604 _____ () C:\Windows\system32\perfc007.dat
2014-05-26 22:37 - 2009-07-14 07:13 - 01629436 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-26 22:35 - 2013-11-24 10:38 - 00000000 ____D () C:\Users\Lars\AppData\Roaming\vlc
2014-05-26 22:27 - 2013-03-02 18:27 - 00000138 _____ () C:\Windows\system\Dlap.pfx
2014-05-26 22:26 - 2014-05-26 22:26 - 00000501 _____ () C:\Windows\Cmicnfg3.ini.imi
2014-05-26 22:26 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system
2014-05-26 22:26 - 2007-04-19 18:27 - 00000501 _____ () C:\Windows\system\Cmicnfg3.ini
2014-05-26 22:13 - 2014-05-26 22:13 - 00262144 ____N () C:\Windows\Minidump\052614-22198-01.dmp
2014-05-26 22:13 - 2014-05-26 22:13 - 00000000 ____D () C:\Windows\Minidump
2014-05-25 12:59 - 2014-02-08 11:55 - 00000000 ____D () C:\Users\Lars\AppData\Roaming\.purple
2014-05-25 10:29 - 2013-09-19 19:33 - 00000000 ____D () C:\Users\Lars\Downloads\Primeval New World
2014-05-25 10:10 - 2013-09-21 08:41 - 00000000 ____D () C:\Users\Lars\AppData\Roaming\Mp3tag
2014-05-25 10:10 - 2013-05-11 10:10 - 00000000 ____D () C:\Users\Lars\Desktop\neue Musik
2014-05-25 06:30 - 2013-08-17 21:52 - 00000000 ____D () C:\Users\Lars\Desktop\XTreme 6.1
2014-05-25 03:58 - 2014-05-25 03:58 - 163006996 _____ () C:\Users\Lars\Downloads\INTP2268w.rar
2014-05-24 23:41 - 2014-05-24 23:41 - 00349160 _____ () C:\Users\Lars\Downloads\MediaPlayerClassic.exe
2014-05-24 20:30 - 2014-05-24 11:51 - 00000000 ____D () C:\Qoobox
2014-05-24 20:07 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-05-24 19:48 - 2014-05-20 10:56 - 00000000 ____D () C:\AdwCleaner
2014-05-24 19:33 - 2013-06-17 21:35 - 00000000 ____D () C:\Users\Lars\AppData\Roaming\uTorrent
2014-05-24 17:23 - 2014-05-24 15:52 - 00133962 _____ () C:\Windows\DPINST.LOG
2014-05-24 17:23 - 2014-05-09 11:11 - 00001069 _____ () C:\Users\Lars\Desktop\DENON DJ ASIO Driver.lnk
2014-05-24 16:12 - 2014-05-24 16:12 - 00000000 ____D () C:\Windows\ERUNT
2014-05-24 16:04 - 2014-05-24 16:04 - 00001094 _____ () C:\Users\Public\Desktop\Controller Editor.lnk
2014-05-24 16:04 - 2014-05-24 16:04 - 00000000 __HDC () C:\ProgramData\{FA277A43-401F-4EAE-9068-FCDF88DB3EA9}
2014-05-24 16:03 - 2013-02-14 12:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments
2014-05-24 16:03 - 2013-02-14 12:30 - 00000000 ____D () C:\Program Files\Native Instruments
2014-05-24 16:03 - 2013-02-14 12:30 - 00000000 ____D () C:\Program Files\Common Files\Native Instruments
2014-05-24 15:58 - 2014-05-24 15:58 - 00001002 _____ () C:\Users\Public\Desktop\Traktor 2.lnk
2014-05-24 15:58 - 2014-05-24 15:58 - 00000000 __HDC () C:\ProgramData\{0495C70B-87F4-4A64-87B3-4FB0BA1F60D2}
2014-05-24 15:42 - 2014-05-24 15:42 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-05-24 15:42 - 2014-05-24 15:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-05-24 15:42 - 2014-05-24 15:42 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-24 15:42 - 2014-05-24 15:42 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-05-24 12:52 - 2014-05-24 11:51 - 00000000 ____D () C:\Windows\erdnt
2014-05-24 11:47 - 2014-05-24 11:17 - 00000000 ____D () C:\Program Files (x86)\GfK-ProxyService
2014-05-24 10:21 - 2014-05-24 10:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-05-24 10:21 - 2013-02-07 15:07 - 00000000 ____D () C:\Program Files (x86)\Google
2014-05-24 10:19 - 2013-11-15 20:02 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-24 10:17 - 2014-03-01 16:48 - 00000000 ____D () C:\Users\Lars\Tracing
2014-05-24 10:02 - 2014-05-09 22:54 - 00000000 ____D () C:\ProgramData\Lavasoft
2014-05-24 10:02 - 2014-05-09 22:54 - 00000000 ____D () C:\Program Files (x86)\Lavasoft
2014-05-24 09:57 - 2014-05-24 09:57 - 00000000 _____ () C:\Windows\setuperr.log
2014-05-24 09:56 - 2014-05-20 08:48 - 00000668 _____ () C:\aaw7boot.log
2014-05-20 18:00 - 2014-05-20 17:59 - 00000000 ____D () C:\Program Files (x86)\winKeyLock
2014-05-20 17:59 - 2014-05-20 17:59 - 00000963 _____ () C:\Users\Lars\Desktop\winKeyLock.lnk
2014-05-20 17:59 - 2014-05-20 17:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\winKeyLock
2014-05-20 17:58 - 2014-05-20 17:58 - 00645904 _____ (winKeyLock ) C:\Users\Lars\Downloads\InstallWinKeyLock1.0.1.exe
2014-05-20 11:01 - 2013-03-09 18:46 - 00001079 _____ () C:\Users\Lars\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-05-20 11:01 - 2013-02-08 00:58 - 00001061 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-05-20 10:52 - 2014-05-20 10:52 - 00961360 _____ (Chip Digital GmbH) C:\Users\Lars\Desktop\AdwCleaner.exe
2014-05-20 09:04 - 2014-05-20 09:02 - 00000000 ____D () C:\Users\Lars\Desktop\Vertrag VF Oli Kamera
2014-05-16 08:44 - 2013-05-14 22:44 - 17938608 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-05-16 08:44 - 2013-02-09 01:54 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-05-16 08:44 - 2013-02-09 01:54 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-05-16 08:44 - 2013-02-09 01:54 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-05-16 08:40 - 2013-12-13 10:11 - 00000000 ____D () C:\Users\Lars\AppData\Local\Amazon Cloud Player
2014-05-16 08:39 - 2013-12-13 10:11 - 00001604 _____ () C:\Windows\System32\Tasks\Amazon Music Helper
2014-05-16 08:16 - 2013-02-07 14:51 - 00000000 ___RD () C:\Users\Lars\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-16 08:16 - 2013-02-07 14:51 - 00000000 ___RD () C:\Users\Lars\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-16 08:13 - 2014-05-16 08:13 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-16 08:13 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-05-16 08:12 - 2014-05-16 08:12 - 00001783 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-05-16 08:12 - 2014-05-16 08:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-05-16 08:12 - 2014-05-16 08:11 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-05-16 08:12 - 2014-05-16 08:11 - 00000000 ____D () C:\Program Files\iTunes
2014-05-16 08:12 - 2014-05-16 08:11 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-05-16 08:11 - 2014-05-16 08:11 - 00000000 ____D () C:\Program Files\iPod
2014-05-16 07:51 - 2013-02-08 01:03 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-05-16 07:50 - 2013-09-12 17:45 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-16 07:48 - 2013-02-08 12:34 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-16 07:35 - 2013-02-14 15:59 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2014-05-12 07:26 - 2014-05-24 15:42 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-12 07:26 - 2014-05-24 15:42 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-12 07:25 - 2014-05-24 15:42 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-11 07:36 - 2013-09-21 09:36 - 00000141 _____ () C:\Users\Lars\AppData\Roaming\WB.CFG
2014-05-09 15:21 - 2013-02-07 15:07 - 00004102 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-05-09 15:21 - 2013-02-07 15:07 - 00003850 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-05-09 12:30 - 2014-05-09 12:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mp3tag
2014-05-09 12:30 - 2013-09-21 08:41 - 00000979 _____ () C:\Users\Public\Desktop\Mp3tag.lnk
2014-05-09 12:30 - 2013-09-21 08:41 - 00000000 ____D () C:\Program Files (x86)\Mp3tag
2014-05-09 12:21 - 2014-05-09 12:21 - 00001026 _____ () C:\Users\Lars\Desktop\MP3Gain.lnk
2014-05-09 11:57 - 2013-02-14 14:13 - 00000000 ____D () C:\Users\Lars\Documents\Native Instruments
2014-05-09 11:49 - 2014-05-09 11:49 - 00000000 __HDC () C:\ProgramData\{4682E4CB-7209-4099-8AA1-580ABCCCE731}
2014-05-09 11:49 - 2014-05-09 11:49 - 00000000 __HDC () C:\ProgramData\{033B4844-E9C3-45D2-88D9-34DDF3F91100}
2014-05-09 11:48 - 2014-05-09 11:48 - 00000000 __HDC () C:\ProgramData\{D2030082-F62A-402A-9456-8009276FD896}
2014-05-09 11:48 - 2014-05-09 11:48 - 00000000 __HDC () C:\ProgramData\{B3478C15-588A-4968-AD66-76AA98803A28}
2014-05-09 11:48 - 2014-05-09 11:48 - 00000000 __HDC () C:\ProgramData\{0CC85DFF-E70A-4AB0-968A-F1F98F4D0C67}
2014-05-09 11:47 - 2014-05-09 11:47 - 00000000 __HDC () C:\ProgramData\{662EAAEC-9E9A-4C69-A658-884E51E909BB}
2014-05-09 11:47 - 2014-05-09 11:47 - 00000000 __HDC () C:\ProgramData\{5EE4F9B1-7274-48A2-9C25-C287604C3058}
2014-05-09 11:46 - 2014-05-09 11:46 - 00000000 __HDC () C:\ProgramData\{EB21323D-3F46-4EF0-B849-B096B7705C69}
2014-05-09 11:46 - 2014-05-09 11:46 - 00000000 __HDC () C:\ProgramData\{9B09061B-0A4F-42DA-9987-7D3F452DCB09}
2014-05-09 11:46 - 2014-05-09 11:46 - 00000000 __HDC () C:\ProgramData\{9597097D-B8DC-4754-AF2D-CB61CCFC861A}
2014-05-09 11:46 - 2014-05-09 11:46 - 00000000 __HDC () C:\ProgramData\{219191E6-6846-4329-889D-7956C487D9A6}
2014-05-09 11:45 - 2014-05-09 11:45 - 00000000 __HDC () C:\ProgramData\{B7C85E99-2AC6-455D-B4D1-752A56403757}
2014-05-09 11:45 - 2014-05-09 11:45 - 00000000 __HDC () C:\ProgramData\{AF79C86B-2321-4D47-A168-2A24BA2B6A73}
2014-05-09 11:45 - 2014-05-09 11:45 - 00000000 __HDC () C:\ProgramData\{9F570B21-E27A-40BE-A508-292899A7D042}
2014-05-09 11:44 - 2014-05-09 11:44 - 00000000 __HDC () C:\ProgramData\{57B31BE2-3175-4425-9722-D2AC5F68C7BD}
2014-05-09 11:11 - 2014-05-09 11:11 - 00000000 ____D () C:\Users\Lars\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DENON_DJ
2014-05-09 11:11 - 2014-05-09 11:11 - 00000000 ____D () C:\Program Files (x86)\DENON_DJ
2014-05-09 08:14 - 2014-05-16 07:46 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-09 08:11 - 2014-05-16 07:46 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-06 07:14 - 2014-05-16 07:51 - 19274752 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-06 07:14 - 2014-05-16 07:51 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-06 05:48 - 2014-05-16 07:51 - 14367232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-06 05:48 - 2014-05-16 07:51 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-06 05:37 - 2014-05-16 07:51 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-06 05:26 - 2014-05-16 07:51 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-02 23:38 - 2013-02-08 01:06 - 00000000 ____D () C:\Users\Lars\AppData\Roaming\TS3Client
2014-05-02 22:34 - 2013-05-21 01:53 - 00007607 _____ () C:\Users\Lars\AppData\Local\Resmon.ResmonCfg

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-02-26 19:00

==================== End Of Log ============================
         
--- --- ---

Antwort

Themen zu Unerwünschte, leere Pop-up Fenster erscheinen und Wörter sind unterstrichen und verlinkt
computer, funktion, mobogenie, mobogenie entfernen, nationzoom, nationzoom entfernen, programme, win32/adware.multiplug.k.gen, win32/adware.multiplug.n, win32/adware.pcerrorfix.a, win32/hafocoin.ae, win32/injector.azos, win64/adware.multiplug.a, öffnen



Ähnliche Themen: Unerwünschte, leere Pop-up Fenster erscheinen und Wörter sind unterstrichen und verlinkt


  1. bei Mozilla Firefox ungefragt werden Seiten geöffnet, Werbung erscheint und Wörter sind verlinkt
    Plagegeister aller Art und deren Bekämpfung - 23.03.2015 (15)
  2. Viele Wörter sind blau unterstrichen und es poppen Werbefenster aller Art auf
    Log-Analyse und Auswertung - 19.02.2015 (11)
  3. Fenster öffnen sich und wörter werden blau unterstrichen (links)
    Plagegeister aller Art und deren Bekämpfung - 31.12.2014 (13)
  4. Windows 7: es öffnet ständig Werbefenster, Webseiten werden auf Werbung umgeleitet, Wörter sind z.T unterstrichen.
    Log-Analyse und Auswertung - 13.11.2014 (11)
  5. Windows 7: Chrome öffnet Fenster, Tabs und PopUps mit Werbung und Wörter doppelt blau unterstrichen
    Log-Analyse und Auswertung - 10.09.2014 (9)
  6. Spamwerbefenster und farbige Wörter die unterstrichen sind und funktionsstörungen im Browser
    Diskussionsforum - 03.07.2014 (1)
  7. Blau unterstrichene Wörter in Chrome ; leere Fenster öffnen sich ; übermäßig viel Werbung
    Plagegeister aller Art und deren Bekämpfung - 03.04.2014 (3)
  8. Internet - Hyperlinks doppelt grün unterstrichen - falsche Seiten mit Werbebanner erscheinen
    Alles rund um Windows - 22.03.2014 (19)
  9. Windows 8: Einzelne Wörter grün, doppelt unterstrichen und verlinkt mit Werbung etc.
    Plagegeister aller Art und deren Bekämpfung - 21.03.2014 (14)
  10. Mehrere Wörter erscheinen im Firefox und Explorer unterstrichen als Link
    Plagegeister aller Art und deren Bekämpfung - 11.03.2014 (23)
  11. Windows 7: Im Text sind wahllos Wörter grün unterstrichen, welche Werbelinks sind
    Log-Analyse und Auswertung - 09.02.2014 (7)
  12. Wörter werden plötzlich zu links, sind grün und doppelt unterstrichen
    Plagegeister aller Art und deren Bekämpfung - 17.01.2014 (9)
  13. Wörter erscheinen im Browser Grün und doppelt unterstrichen
    Log-Analyse und Auswertung - 30.12.2013 (9)
  14. Einzelne Wörter sind plötzlich blau und doppelt unterstrichen - Fenster öffnen sich
    Plagegeister aller Art und deren Bekämpfung - 10.12.2013 (23)
  15. Unerwünschte, leere Pop-up Fenster erscheinen und Wörter sind unterstrichen und verlinkt
    Log-Analyse und Auswertung - 20.11.2013 (9)
  16. Wörter sind verlinkt und führen clickcompage.info
    Plagegeister aller Art und deren Bekämpfung - 07.06.2013 (9)
  17. Wörter sind unterstrichen und Werbung öffnet sich wenn man mit der Maus darauf fährt
    Plagegeister aller Art und deren Bekämpfung - 06.03.2013 (16)

Zum Thema Unerwünschte, leere Pop-up Fenster erscheinen und Wörter sind unterstrichen und verlinkt - Hallo Leute, ich bin mittlerweile relativ selten an meinem PC und habe ihm wenig Beachtung geschenkt. Früher war ich täglich am PC und habe selber viel "rumgebastelt". Ich konnte mir - Unerwünschte, leere Pop-up Fenster erscheinen und Wörter sind unterstrichen und verlinkt...
Archiv
Du betrachtest: Unerwünschte, leere Pop-up Fenster erscheinen und Wörter sind unterstrichen und verlinkt auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.