Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Internet Browser öffnet selbststädnig Tabs und neue Fenster mit Werbung

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 09.07.2014, 19:49   #1
bauerph
 
Internet Browser öffnet selbststädnig Tabs und neue Fenster mit Werbung - Standard

Internet Browser öffnet selbststädnig Tabs und neue Fenster mit Werbung



Hallo liebes Trojaner-Board-Team.
Seit ungefähr einer Woche bombardiert mich mein Browser (Google Chrome) mit nerviger Werbung. Hab schon zwei verschiedene Antivirenprogramme durchlaufen lassen und auch das Programm Malwarebytes. Leider ohne Erfolg. In einem ähnlichen Thema in diesem Forum habe ich gelesen, dass man einen Scan mit der FRST.exe machen soll und hier anschließend die FRST.txt und Addition.txt hier posten soll. Dies habe ich schon erledigt.
Hoffe ihr könnt mir bei meinem Problem weiterhelfen. Schon mal danke für eure Mühe.

Hier die FRST.txt
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-07-2014
Ran by Philipp (administrator) on PHILIPP-PC on 09-07-2014 19:37:31
Running from C:\Users\Philipp\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ 
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Internet Security 2014\psksvc.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Internet Security 2014\TPSrvWow.exe
(Panda Security) C:\Program Files (x86)\Panda Security\Panda Internet Security 2014\WebProxy.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
(Nero AG) C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Internet Security 2014\PsCtrlS.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Internet Security 2014\PavFnSvr.exe
(Panda Security, S.L.) C:\Program Files (x86)\Common Files\Panda Security\PavShld\PavPrSrv.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Internet Security 2014\pavsrvx86.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Internet Security 2014\AVENGINE.EXE
(Panda Security International) C:\Program Files (x86)\Panda Security\Panda Internet Security 2014\FIREWALL\PSHost.exe
(Panda Security S.L.) C:\Program Files (x86)\Panda Security\Panda Internet Security 2014\PsImSvc.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Service.exe
() C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 4630 series\Bin\ScanToPCActivationApp.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Users\Philipp\AppData\Local\Genesis_07021837\Genesis_07021837.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Internet Security 2014\ApVxdWin.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-Network.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-BlockDevice.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-SharedFolder.exe
(Spotify Ltd) C:\Users\Philipp\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Internet Security 2014\SrvLoad.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Internet Security 2014\PavBckPT.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AdobeCollabSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AdobeCollabSync.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1890088 2009-12-10] (Synaptics Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [707472 2014-03-12] (Cisco Systems, Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [189480 2014-02-06] (Geek Software GmbH)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [t4pc_en_3] => [X]
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2014-04-03] (DivX, LLC)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] ()
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2013536 2014-05-10] (Wondershare)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [832272 2014-06-23] (BlueStack Systems, Inc.)
HKLM-x32\...\Run: [APVXDWIN] => C:\Program Files (x86)\Panda Security\Panda Internet Security 2014\APVXDWIN.EXE [1062880 2013-09-30] (Panda Security, S.L.)
HKLM-x32\...\Run: [SCANINICIO] => C:\Program Files (x86)\Panda Security\Panda Internet Security 2014\Inicio.exe [71648 2013-09-30] (Panda Security, S.L.)
HKLM\...\Winlogon: [Userinit] C:\Windows\SysWOW64\userinit.exe,
Winlogon\Notify\avldr: C:\Windows\SYSTEM32\avldr64.dll (On-Access Anti-Malware Scanner Sync)
Winlogon\Notify\igfxcui: C:\Windows\SYSTEM32\igfxdev.dll (Intel Corporation)
HKU\.DEFAULT\...\RunOnce: [SPReview] - C:\Windows\System32\SPReview\SPReview.exe [301568 2014-04-28] (Microsoft Corporation)
HKU\S-1-5-21-3379497200-3633149747-2736143602-1001\...\Run: [HP Officejet 4630 series (NET)] => C:\Program Files\HP\HP Officejet 4630 series\Bin\ScanToPCActivationApp.exe [3421216 2013-08-13] (Hewlett-Packard Co.)
HKU\S-1-5-21-3379497200-3633149747-2736143602-1001\...\Run: [Spotify] => C:\Users\Philipp\AppData\Roaming\Spotify\Spotify.exe [6162488 2014-07-09] (Spotify Ltd)
HKU\S-1-5-21-3379497200-3633149747-2736143602-1001\...\Run: [Spotify Web Helper] => C:\Users\Philipp\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1178168 2014-07-09] (Spotify Ltd)
HKU\S-1-5-21-3379497200-3633149747-2736143602-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-3379497200-3633149747-2736143602-1001\...\Run: [genesis_07021837] => c:\users\philipp\appdata\local\genesis_07021837\genesis_07021837.exe [3227648 2014-07-02] ()
HKU\S-1-5-21-3379497200-3633149747-2736143602-1001\...\Run: [GoogleChromeAutoLaunch_5760F31D5B4387C1CCD75B272A389EB7] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [860488 2014-06-05] (Google Inc.)
HKU\S-1-5-21-3379497200-3633149747-2736143602-1001\...\MountPoints2: G - G:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-3379497200-3633149747-2736143602-1001\...\MountPoints2: {861917ce-feac-11e3-affc-9d6a3e7c9f18} - E:\setup.exe
IFEO\bitguard.exe: [Debugger] tasklist.exe
IFEO\bprotect.exe: [Debugger] tasklist.exe
IFEO\bpsvc.exe: [Debugger] tasklist.exe
IFEO\browserdefender.exe: [Debugger] tasklist.exe
IFEO\browserprotect.exe: [Debugger] tasklist.exe
IFEO\browsersafeguard.exe: [Debugger] tasklist.exe
IFEO\dprotectsvc.exe: [Debugger] tasklist.exe
IFEO\jumpflip: [Debugger] tasklist.exe
IFEO\protectedsearch.exe: [Debugger] tasklist.exe
IFEO\searchinstaller.exe: [Debugger] tasklist.exe
IFEO\searchprotection.exe: [Debugger] tasklist.exe
IFEO\searchprotector.exe: [Debugger] tasklist.exe
IFEO\searchsettings.exe: [Debugger] tasklist.exe
IFEO\searchsettings64.exe: [Debugger] tasklist.exe
IFEO\snapdo.exe: [Debugger] tasklist.exe
IFEO\stinst32.exe: [Debugger] tasklist.exe
IFEO\stinst64.exe: [Debugger] tasklist.exe
IFEO\umbrella.exe: [Debugger] tasklist.exe
IFEO\utiljumpflip.exe: [Debugger] tasklist.exe
IFEO\volaro: [Debugger] tasklist.exe
IFEO\vonteera: [Debugger] tasklist.exe
IFEO\websteroids.exe: [Debugger] tasklist.exe
IFEO\websteroidsservice.exe: [Debugger] tasklist.exe
Startup: C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\genesis_07021837.lnk
ShortcutTarget: genesis_07021837.lnk -> C:\Users\Philipp\AppData\Local\Genesis_07021837\Genesis_07021837.exe ()
ShellIconOverlayIdentifiers:  SkyDrivePro1 (ErrorConflict) -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers:  SkyDrivePro2 (SyncInProgress) -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers:  SkyDrivePro3 (InSync) -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32:  SkyDrivePro1 (ErrorConflict) -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32:  SkyDrivePro2 (SyncInProgress) -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32:  SkyDrivePro3 (InSync) -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.msn.com/?pc=UP97&ocid=UP97DHP
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x83DD87649D61CF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://istart.webssearches.com/web/?type=ds&ts=1400254823&from=tugs&uid=WDCXWD5000BPVT-22HXZT1_WD-WXQ1AB0T4199T4199&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://istart.webssearches.com/web/?type=ds&ts=1400254823&from=tugs&uid=WDCXWD5000BPVT-22HXZT1_WD-WXQ1AB0T4199T4199&q={searchTerms}
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2503} URL = hxxp://www.default-search.net/search?sid=503&aid=101&itype=n&ver=13001&tm=394&src=ds&p={searchTerms}
SearchScopes: HKLM-x32 - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2503} URL = hxxp://www.default-search.net/search?sid=503&aid=101&itype=n&ver=13001&tm=394&src=ds&p={searchTerms}
SearchScopes: HKCU - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2503} URL = hxxp://www.default-search.net/search?sid=503&aid=101&itype=n&ver=13001&tm=394&src=ds&p={searchTerms}
SearchScopes: HKCU - {B6217394-1A8D-40E4-8676-D0FC74CD60E0} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1400254823&from=tugs&uid=WDCXWD5000BPVT-22HXZT1_WD-WXQ1AB0T4199T4199&q={searchTerms}
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 - C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 - C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)

Chrome: 
=======
CHR HomePage: hxxp://facebook.com/
CHR StartupUrls: "hxxp://www.default-search.net?sid=503&aid=101&itype=n&ver=13001&tm=394&src=hmp"
CHR Extension: (Google Docs) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-07-06]
CHR Extension: (Google Drive) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-07-06]
CHR Extension: (YouTube) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-07-06]
CHR Extension: (Google-Suche) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-07-06]
CHR Extension: (Google Wallet) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-07-06]
CHR Extension: (Google Mail) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-07-06]

==================== Services (Whitelisted) =================

R2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [406288 2014-06-23] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [385808 2014-06-23] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [774928 2014-06-23] (BlueStack Systems, Inc.)
S2 globalUpdate; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-05-16] (globalUpdate) [File not signed]
S3 globalUpdatem; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-05-16] (globalUpdate) [File not signed]
R2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2014-04-02] (Nero AG)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 Panda Software Controller; C:\Program Files (x86)\Panda Security\Panda Internet Security 2014\PsCtrls.exe [177440 2012-11-19] (Panda Security, S.L.)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] () [File not signed]
R2 PAVFNSVR; C:\Program Files (x86)\Panda Security\Panda Internet Security 2014\PavFnSvr.exe [202016 2012-09-21] (Panda Security, S.L.)
R2 PavPrSrv; C:\Program Files (x86)\Common Files\Panda Security\PavShld\pavprsrv.exe [62768 2008-02-04] (Panda Security, S.L.)
R2 PAVSRV; C:\Program Files (x86)\Panda Security\Panda Internet Security 2014\pavsrvx86.exe [313664 2011-04-13] (Panda Security, S.L.)
R2 PSHost; c:\program files (x86)\panda security\panda internet security 2014\firewall\PSHOST.EXE [226560 2009-11-26] (Panda Security International)
R2 PSIMSVC; C:\Program Files (x86)\Panda Security\Panda Internet Security 2014\PsImSvc.exe [108288 2008-06-19] (Panda Security S.L.)
R2 PskSvcRetail; C:\Program Files (x86)\Panda Security\Panda Internet Security 2014\PskSvc.exe [28992 2010-08-16] (Panda Security, S.L.)
R2 TPSrv; C:\Program Files (x86)\Panda Security\Panda Internet Security 2014\TPSrvWow.exe [173816 2014-02-25] (Panda Security, S.L.)
S2 SystemkService; C:\Program Files (x86)\Settings Manager\systemk\SystemkService.exe [X]

==================== Drivers (Whitelisted) ====================

R2 AmFSM; C:\Windows\System32\DRIVERS\amm6460.sys [71432 2012-03-26] (Panda Security, S.L.)
R2 APPFLT; C:\Windows\system32\Drivers\APPFLT64.SYS [129096 2011-01-31] (Panda Security, S.L.)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [123152 2014-06-23] (BlueStack Systems)
R2 ComFiltr; C:\Windows\system32\DRIVERS\COMFiltr.sys [15928 2014-07-04] ()
R2 DSAFLT; C:\Windows\system32\Drivers\DSAFLT64.SYS [82952 2009-09-25] (Panda Security, S.L.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-06-30] (Disc Soft Ltd)
R2 FNETMON; C:\Windows\system32\Drivers\fnetm64.SYS [31752 2009-09-25] (Panda Security, S.L.)
S3 HtcVCom32; C:\Windows\System32\DRIVERS\HtcVComV64.sys [121800 2010-03-09] (QUALCOMM Incorporated)
R2 IDSFLT; C:\Windows\system32\Drivers\IDSFLT64.SYS [78920 2010-09-09] (Panda Security, S.L.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-07-09] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
R2 NETFLTDI; C:\Windows\system32\Drivers\NETTDI64.SYS [170504 2009-09-25] (Panda Security, S.L.)
R3 NETIMFLT01060044; C:\Windows\System32\DRIVERS\n64i1644.sys [216648 2010-09-01] (Panda Security, S.L.)
R0 pavboot; C:\Windows\System32\Drivers\pavboot64.sys [30792 2010-06-22] (Panda Security, S.L.)
R1 ShldFlt; C:\Windows\System32\DRIVERS\ShldFlt.sys [48136 2009-10-27] (Panda Security, S.L.)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2014-05-17] (Anchorfree Inc.)
S3 vpnva; C:\Windows\System32\DRIVERS\vpnva64-6.sys [52592 2014-03-12] (Cisco Systems, Inc.)
R2 WNMFLT; C:\Windows\system32\Drivers\WNMFLT64.SYS [74760 2009-09-25] (Panda Security, S.L.)
S1 F06DEFF2-5B9C-490D-910F-35D3A9119622; \??\C:\Program Files (x86)\Settings Manager\systemk\x64\systemkmgrc2.cfg [X]
R3 PavTPK.sys; \??\C:\Windows\system32\PavTPK.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-07-09 19:37 - 2014-07-09 19:38 - 00022441 _____ () C:\Users\Philipp\Desktop\FRST.txt
2014-07-09 19:37 - 2014-07-09 19:37 - 00000000 ____D () C:\FRST
2014-07-09 19:36 - 2014-07-09 19:36 - 02084352 _____ (Farbar) C:\Users\Philipp\Desktop\FRST64.exe
2014-07-09 19:33 - 2014-07-09 19:33 - 00000000 ___HD () C:\Windows\AxInstSV
2014-07-09 18:49 - 2014-07-09 18:49 - 00001061 _____ () C:\Users\Philipp\Desktop\Free PDF to Word Doc Converter.lnk
2014-07-09 18:49 - 2014-07-09 18:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free PDF to Word Doc Converter
2014-07-09 18:49 - 2014-07-09 18:49 - 00000000 ____D () C:\Program Files (x86)\Free PDF to Word Doc Converter
2014-07-09 18:48 - 2014-07-09 18:48 - 01128916 _____ (www.hellopdf.com ) C:\Users\Philipp\Downloads\pdf2wordsetup11.exe
2014-07-09 12:01 - 2014-07-09 12:01 - 00003758 _____ () C:\Windows\System32\Tasks\AutoKMS
2014-07-07 14:15 - 2014-07-07 15:35 - 00000000 ____D () C:\Users\Philipp\AppData\Roaming\VOPackage
2014-07-07 14:15 - 2014-07-07 14:15 - 00000000 ____D () C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage
2014-07-07 14:14 - 2014-07-07 14:14 - 00000000 ____D () C:\Program Files (x86)\Iminent
2014-07-07 14:13 - 2014-07-09 12:08 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-07 14:13 - 2014-07-07 14:13 - 00287750 _____ ( ) C:\Users\Philipp\Desktop\VOPackage.exe
2014-07-07 14:12 - 2014-07-07 14:12 - 00001110 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-07-07 14:12 - 2014-07-07 14:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-07-07 14:12 - 2014-07-07 14:12 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-07 14:12 - 2014-07-07 14:12 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-07-07 14:12 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-07-07 14:12 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-07-07 14:12 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-07-07 14:11 - 2014-07-07 14:11 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Philipp\Desktop\mbam-setup-2-0-2-1012.exe
2014-07-06 21:03 - 2014-07-09 19:08 - 00001112 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-06 21:03 - 2014-07-09 11:55 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-06 21:03 - 2014-07-06 21:03 - 00004108 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-07-06 21:03 - 2014-07-06 21:03 - 00003856 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-07-06 21:03 - 2014-07-06 21:03 - 00002255 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-07-06 21:03 - 2014-07-06 21:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-07-06 21:02 - 2014-07-06 21:02 - 00000000 ____D () C:\Users\Philipp\AppData\Local\Deployment
2014-07-06 21:02 - 2014-07-06 21:02 - 00000000 ____D () C:\Users\Philipp\AppData\Local\Apps\2.0
2014-07-04 16:42 - 2014-07-09 11:59 - 00000056 _____ () C:\Windows\system32\Drivers\etc\WnmFlt.cfg.bck
2014-07-04 16:42 - 2014-07-09 11:59 - 00000056 _____ () C:\Windows\system32\Drivers\etc\WnmFlt.cfg
2014-07-04 15:59 - 2014-07-09 11:59 - 00000252 _____ () C:\Windows\system32\Drivers\etc\IdsFlt.cfg.bck
2014-07-04 15:59 - 2014-07-09 11:59 - 00000252 _____ () C:\Windows\system32\Drivers\etc\IdsFlt.cfg
2014-07-04 15:59 - 2014-07-09 11:59 - 00000080 _____ () C:\Windows\system32\Drivers\etc\NetLoc.wlt.bck
2014-07-04 15:59 - 2014-07-09 11:59 - 00000080 _____ () C:\Windows\system32\Drivers\etc\NetLoc.wlt
2014-07-04 15:59 - 2014-07-09 11:59 - 00000056 _____ () C:\Windows\system32\Drivers\etc\DsaFlt.cfg.bck
2014-07-04 15:59 - 2014-07-09 11:59 - 00000056 _____ () C:\Windows\system32\Drivers\etc\DsaFlt.cfg
2014-07-04 15:57 - 2014-07-09 11:59 - 00000068 _____ () C:\Windows\system32\Drivers\etc\NetFlt.cfg.bck
2014-07-04 15:57 - 2014-07-09 11:59 - 00000068 _____ () C:\Windows\system32\Drivers\etc\NetFlt.cfg
2014-07-04 15:57 - 2014-07-09 11:58 - 00000136 _____ () C:\Windows\system32\Drivers\etc\NetAdapt.cfg.bck
2014-07-04 15:57 - 2014-07-09 11:58 - 00000136 _____ () C:\Windows\system32\Drivers\etc\NetAdapt.cfg
2014-07-04 15:57 - 2014-07-09 11:58 - 00000064 _____ () C:\Windows\system32\Drivers\etc\NetAR.wlt.bck
2014-07-04 15:57 - 2014-07-09 11:58 - 00000064 _____ () C:\Windows\system32\Drivers\etc\NetAR.wlt
2014-07-04 15:54 - 2014-07-04 15:54 - 00015928 _____ () C:\Windows\system32\Drivers\COMFiltr.sys
2014-07-04 15:54 - 2014-07-04 15:54 - 00000000 ____D () C:\Users\Philipp\AppData\Local\Panda Security
2014-07-04 15:53 - 2014-07-09 19:37 - 00289268 _____ () C:\Windows\system32\Drivers\APPFCONT.DAT.bck
2014-07-04 15:53 - 2014-07-09 19:37 - 00289268 _____ () C:\Windows\system32\Drivers\APPFCONT.DAT
2014-07-04 15:53 - 2014-07-09 11:59 - 00303044 _____ () C:\Windows\system32\Drivers\etc\DsaFlt.rls.bck
2014-07-04 15:53 - 2014-07-09 11:59 - 00303044 _____ () C:\Windows\system32\Drivers\etc\DsaFlt.rls
2014-07-04 15:53 - 2014-07-09 11:59 - 00001132 _____ () C:\Windows\system32\Drivers\APPFLTR.CFG.bck
2014-07-04 15:53 - 2014-07-09 11:59 - 00001132 _____ () C:\Windows\system32\Drivers\APPFLTR.CFG
2014-07-04 15:53 - 2014-07-04 15:53 - 00002536 _____ () C:\Users\Public\Desktop\Remote-Zugriff installieren.lnk
2014-07-04 15:53 - 2014-07-04 15:53 - 00002255 _____ () C:\Users\Public\Desktop\Panda Internet Security 2014.lnk
2014-07-04 15:53 - 2014-07-04 15:53 - 00000274 _____ () C:\Windows\system32\PavCPL64.dat
2014-07-04 15:53 - 2014-07-04 15:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Security
2014-07-04 15:53 - 2011-01-31 16:41 - 00129096 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\APPFLT64.SYS
2014-07-04 15:53 - 2010-09-09 16:23 - 00078920 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\idsflt64.sys
2014-07-04 15:53 - 2010-06-22 18:20 - 00030792 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\pavboot64.sys
2014-07-04 15:53 - 2009-09-25 14:54 - 00170504 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\NETTDI64.SYS
2014-07-04 15:53 - 2009-09-25 14:54 - 00082952 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\dsaflt64.sys
2014-07-04 15:53 - 2009-09-25 14:54 - 00074760 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\wnmflt64.sys
2014-07-04 15:53 - 2009-09-25 14:54 - 00031752 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\fnetm64.sys
2014-07-04 15:52 - 2014-07-04 15:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Internet Security 2014
2014-07-04 15:52 - 2007-03-15 19:38 - 00046640 _____ (Panda Software) C:\Windows\system32\pavcpl64.cpl
2014-07-04 15:51 - 2014-07-04 15:53 - 00000000 ____D () C:\Program Files (x86)\Panda Security
2014-07-04 15:51 - 2014-07-04 15:51 - 00000000 ____D () C:\Windows\SysWOW64\PAV
2014-07-04 15:51 - 2014-07-04 15:51 - 00000000 ____D () C:\Users\Philipp\AppData\Roaming\Panda Security
2014-07-04 15:51 - 2014-07-04 15:51 - 00000000 ____D () C:\ProgramData\Panda Security
2014-07-04 15:51 - 2014-03-20 11:29 - 00120056 _____ (Panda Security, S.L.) C:\Windows\system32\PavLspHook64.dll
2014-07-04 15:51 - 2014-03-20 11:29 - 00089336 _____ (Panda Security, S.L.) C:\Windows\SysWOW64\PavLspHookWow.dll
2014-07-04 15:51 - 2014-02-25 12:59 - 00838392 _____ (Panda Security, S.L.) C:\Windows\system32\PavSHook64.dll
2014-07-04 15:51 - 2014-02-25 12:59 - 00545528 _____ (Panda Security, S.L.) C:\Windows\SysWOW64\PavSHookWow.dll
2014-07-04 15:51 - 2014-02-25 12:59 - 00269560 _____ (Panda Security, S.L.) C:\Windows\system32\sysHelper64.dll
2014-07-04 15:51 - 2014-02-25 12:59 - 00213752 _____ (Panda Security, S.L.) C:\Windows\SysWOW64\sysHelper32.dll
2014-07-04 15:51 - 2012-03-26 18:57 - 00071432 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\amm6460.sys
2014-07-04 15:51 - 2010-09-01 11:09 - 00216648 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\n64i1644.sys
2014-07-04 15:51 - 2010-06-21 17:02 - 00323392 _____ (Panda Security, S.L.) C:\Windows\system32\TpUtil64.dll
2014-07-04 15:51 - 2010-06-21 17:02 - 00202048 _____ (Panda Security, S.L.) C:\Windows\SysWOW64\TpUtilWow.dll
2014-07-04 15:51 - 2010-06-21 17:01 - 00090944 _____ (Panda Security, S.L.) C:\Windows\system32\PavIpc64.dll
2014-07-04 15:51 - 2010-06-21 17:01 - 00066880 _____ (Panda Security, S.L.) C:\Windows\SysWOW64\PavIpcWow.dll
2014-07-04 15:51 - 2010-03-24 12:56 - 00064768 _____ (On-Access Anti-Malware Scanner Sync) C:\Windows\system32\avldr64.dll
2014-07-04 15:51 - 2009-10-27 12:07 - 00048136 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\ShldFlt.sys
2014-07-04 15:51 - 2003-10-22 18:23 - 00446464 _____ (eHelp Corporation.) C:\Windows\SysWOW64\HHActiveX.dll
2014-07-04 15:43 - 2014-07-04 15:44 - 01042952 _____ () C:\Users\Philipp\Downloads\PANDAIS14.exe
2014-07-04 15:09 - 2014-07-04 15:09 - 00262144 _____ () C:\Windows\system32\config\elam
2014-07-04 14:37 - 2014-07-04 14:40 - 233068656 _____ () C:\Users\Philipp\Downloads\kav14.0.0.4651de-de.exe
2014-07-04 13:57 - 2014-07-04 13:57 - 00000687 _____ () C:\awh2B34.tmp
2014-07-04 01:37 - 2014-07-04 01:37 - 07787136 _____ () C:\Users\Philipp\Downloads\HSS-3.42-install-e-550-plain.exe
2014-07-04 01:21 - 2014-07-04 01:21 - 00000000 ____D () C:\Users\Philipp\AppData\Local\Skype
2014-07-04 01:20 - 2014-07-04 01:52 - 00000000 ____D () C:\Users\Philipp\AppData\Roaming\Skype
2014-07-04 01:20 - 2014-07-04 01:52 - 00000000 ____D () C:\ProgramData\Skype
2014-07-04 01:18 - 2014-07-04 01:19 - 01677440 _____ (Skype Technologies S.A.) C:\Users\Philipp\Downloads\SkypeSetup.exe
2014-07-03 12:53 - 2014-07-03 12:53 - 00000687 _____ () C:\awh275D.tmp
2014-07-02 21:38 - 2014-07-02 21:38 - 00000687 _____ () C:\awh119C.tmp
2014-07-02 20:37 - 2014-07-09 19:36 - 00000000 ____D () C:\Users\Philipp\AppData\Local\Genesis_07021837
2014-07-02 20:37 - 2014-07-04 15:22 - 00000000 ____D () C:\Users\Philipp\AppData\Local\24223
2014-07-02 15:10 - 2014-07-02 15:10 - 00911360 _____ () C:\Users\Philipp\Downloads\energy-2.ppt
2014-07-02 00:07 - 2014-07-02 00:07 - 00000000 ____D () C:\Users\Philipp\AppData\Roaming\Subversion
2014-07-02 00:06 - 2014-07-02 00:06 - 00000000 ____D () C:\Users\Philipp\AppData\Roaming\MathWorks
2014-07-02 00:06 - 2014-07-02 00:06 - 00000000 ____D () C:\Users\Philipp\AppData\Local\MathWorks
2014-07-02 00:02 - 2014-07-02 00:02 - 00001303 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MATLAB R2014a.lnk
2014-07-02 00:02 - 2014-07-02 00:02 - 00001291 _____ () C:\Users\Public\Desktop\MATLAB R2014a.lnk
2014-07-02 00:02 - 2014-07-02 00:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MATLAB
2014-07-02 00:01 - 2014-07-02 00:01 - 00000000 ____D () C:\ProgramData\MathWorks
2014-07-01 23:29 - 2014-07-01 23:29 - 00000000 ____D () C:\Program Files\MATLAB
2014-07-01 21:45 - 2014-07-02 00:13 - 00000000 ____D () C:\Users\Philipp\Documents\Matlab
2014-07-01 03:00 - 2014-07-01 03:00 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help
2014-07-01 03:00 - 2014-07-01 03:00 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help
2014-06-30 19:17 - 2014-06-30 19:17 - 00002839 _____ () C:\Users\Philipp\Desktop\OneNote 2013.lnk
2014-06-30 19:17 - 2014-06-30 19:01 - 00002959 _____ () C:\Users\Philipp\Desktop\Lync 2013.lnk
2014-06-30 19:17 - 2014-06-30 19:01 - 00002937 _____ () C:\Users\Philipp\Desktop\Publisher 2013.lnk
2014-06-30 19:15 - 2014-06-30 19:01 - 00002937 _____ () C:\Users\Philipp\Desktop\PowerPoint 2013.lnk
2014-06-30 19:15 - 2014-06-30 19:01 - 00002864 _____ () C:\Users\Philipp\Desktop\Outlook 2013.lnk
2014-06-30 19:15 - 2014-06-30 19:01 - 00002829 _____ () C:\Users\Philipp\Desktop\Access 2013.lnk
2014-06-30 19:14 - 2014-06-30 19:01 - 00003037 _____ () C:\Users\Philipp\Desktop\Excel 2013.lnk
2014-06-30 19:13 - 2014-06-30 19:13 - 00003015 _____ () C:\Users\Philipp\Desktop\Word 2013.lnk
2014-06-30 19:09 - 2014-07-01 03:35 - 00000000 ____D () C:\Windows\AutoKMS
2014-06-30 19:08 - 2014-06-30 19:08 - 00000000 ____D () C:\ProgramData\Microsoft Toolkit
2014-06-30 19:02 - 2014-06-30 19:02 - 00000000 ____D () C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2014-06-30 19:01 - 2014-07-01 03:16 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-06-30 19:01 - 2014-06-30 19:01 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-06-30 19:00 - 2014-06-30 19:00 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-30 19:00 - 2014-06-30 19:00 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server
2014-06-30 18:59 - 2014-06-30 19:00 - 00000000 ____D () C:\Program Files\Microsoft SQL Server
2014-06-30 18:59 - 2014-06-30 18:59 - 00000000 ____D () C:\Windows\PCHEALTH
2014-06-30 18:57 - 2014-06-30 18:57 - 00000000 ____D () C:\Users\Philipp\AppData\Local\Microsoft Help
2014-06-30 18:57 - 2014-06-30 18:57 - 00000000 ____D () C:\Program Files\Microsoft Analysis Services
2014-06-30 18:57 - 2014-06-30 18:57 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-06-30 18:57 - 2014-06-30 18:57 - 00000000 ____D () C:\Program Files (x86)\Microsoft Analysis Services
2014-06-30 18:56 - 2014-07-01 03:16 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-06-30 18:56 - 2014-06-30 18:59 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-06-30 18:55 - 2014-06-30 18:55 - 00000000 __RHD () C:\MSOCache
2014-06-30 18:51 - 2014-06-30 18:51 - 00000000 ____D () C:\Users\Philipp\AppData\Roaming\TuneUp Software
2014-06-30 18:51 - 2014-06-30 18:51 - 00000000 ____D () C:\Users\Philipp\AppData\Local\TuneUp Software
2014-06-30 18:49 - 2014-06-30 18:52 - 00000000 ____D () C:\ProgramData\TuneUp Software
2014-06-30 18:49 - 2014-06-30 18:49 - 00001958 _____ () C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2014-06-30 18:49 - 2014-06-30 18:49 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-06-30 18:48 - 2014-07-04 17:40 - 00000000 ____D () C:\Users\Philipp\AppData\Local\Linkey
2014-06-30 18:47 - 2014-07-07 15:35 - 00000000 ____D () C:\Program Files (x86)\Settings Manager
2014-06-30 18:46 - 2014-06-30 18:52 - 00000000 ____D () C:\Users\Philipp\AppData\Roaming\DAEMON Tools Lite
2014-06-30 18:46 - 2014-06-30 18:52 - 00000000 ____D () C:\ProgramData\DAEMON Tools Lite
2014-06-30 18:46 - 2014-06-30 18:46 - 00283064 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtsoftbus01.sys
2014-06-30 18:46 - 2014-06-30 18:46 - 00000000 ____D () C:\Program Files (x86)\DAEMON Tools Lite
2014-06-30 18:39 - 2014-06-30 18:40 - 00000000 ____D () C:\Users\Philipp\Documents\Office
2014-06-27 11:06 - 2014-07-09 11:57 - 00000000 ____D () C:\Users\Philipp\AppData\Roaming\Spotify
2014-06-27 11:06 - 2014-07-07 23:03 - 00000000 ____D () C:\Users\Philipp\AppData\Local\Spotify
2014-06-27 11:06 - 2014-06-27 11:06 - 00126112 _____ (Spotify Ltd) C:\Users\Philipp\Downloads\SpotifySetup.exe
2014-06-27 11:06 - 2014-06-27 11:06 - 00001821 _____ () C:\Users\Philipp\Desktop\Spotify.lnk
2014-06-27 11:06 - 2014-06-27 11:06 - 00001807 _____ () C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2014-06-26 09:43 - 2014-06-26 09:43 - 25755856 _____ (Microsoft Corporation) C:\Users\Philipp\Downloads\wordview_de-de.exe
2014-06-26 09:43 - 2014-06-26 09:43 - 00000000 ____D () C:\Program Files (x86)\MSECache
2014-06-25 20:39 - 2014-06-25 20:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks
2014-06-25 20:39 - 2014-06-25 20:39 - 00000000 ____D () C:\ProgramData\BlueStacks
2014-06-25 20:39 - 2014-06-25 20:39 - 00000000 ____D () C:\Program Files (x86)\BlueStacks
2014-06-25 20:38 - 2014-06-25 20:45 - 00000000 ____D () C:\ProgramData\BlueStacksSetup
2014-06-25 20:38 - 2014-06-25 20:38 - 00000000 ____D () C:\Users\Philipp\AppData\Local\Bluestacks
2014-06-25 20:37 - 2014-06-25 20:38 - 12851944 _____ (BlueStack Systems Inc.) C:\Users\Philipp\Downloads\BlueStacks-SplitInstaller_native_c.exe
2014-06-25 01:04 - 2014-06-25 01:04 - 00000075 _____ () C:\Users\Philipp\Downloads\Downloads.rar
2014-06-22 17:50 - 2014-06-22 17:50 - 00000000 ____D () C:\Users\Philipp\AppData\Local\Wondershare
2014-06-22 17:50 - 2014-06-06 11:53 - 00096328 _____ (Wondershare Software) C:\Windows\system32\WSMonEditor.dll
2014-06-22 17:49 - 2014-06-22 17:50 - 00000000 ____D () C:\Users\Philipp\AppData\Roaming\Wondershare
2014-06-22 17:49 - 2014-06-22 17:49 - 00000000 ____D () C:\ProgramData\PDFEditor
2014-06-22 17:49 - 2014-06-22 17:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2014-06-22 17:49 - 2014-06-22 17:49 - 00000000 ____D () C:\Program Files (x86)\Wondershare
2014-06-22 17:48 - 2014-06-22 17:53 - 00000000 ____D () C:\Users\Public\Documents\Wondershare
2014-06-22 17:48 - 2014-06-22 17:48 - 00710144 _____ (Wondershare) C:\Users\Philipp\Downloads\pdf-editor_setup_full1155.exe
2014-06-19 09:57 - 2014-06-19 09:57 - 00000897 _____ () C:\Users\Philipp\Documents\Kosten.txt
2014-06-16 09:17 - 2014-05-28 16:47 - 15642623 _____ () C:\Users\Philipp\Documents\DmathsAddon.oxt
2014-06-15 19:45 - 2014-06-15 19:45 - 00286734 _____ () C:\Windows\msxml4-KB973688-enu.LOG
2014-06-15 19:45 - 2014-06-15 19:45 - 00000000 ____D () C:\Program Files (x86)\MSXML 4.0
2014-06-15 19:44 - 2014-06-15 19:45 - 00291980 _____ () C:\Windows\msxml4-KB954430-enu.LOG
2014-06-15 08:46 - 2014-06-15 08:46 - 00108544 _____ () C:\Windows\SysWOW64\installd.exe
2014-06-12 12:28 - 2014-06-12 12:29 - 08101888 _____ () C:\Users\Philipp\Downloads\recovery-clockwork-touch-6.0.3.6-m4.img
2014-06-12 11:56 - 2013-10-28 16:29 - 00000000 ____D () C:\Users\Philipp\Downloads\__MACOSX
2014-06-12 11:56 - 2013-05-04 17:47 - 00162816 _____ () C:\Users\Philipp\Downloads\adb.exe
2014-06-12 11:56 - 2013-05-04 17:47 - 00096256 _____ (Google, inc) C:\Users\Philipp\Downloads\AdbWinApi.dll
2014-06-12 11:56 - 2013-05-04 17:47 - 00070144 _____ () C:\Users\Philipp\Downloads\fastboot.exe
2014-06-12 11:56 - 2013-05-04 17:47 - 00060928 _____ (Google, inc) C:\Users\Philipp\Downloads\AdbWinUsbApi.dll
2014-06-12 11:47 - 2014-06-12 11:47 - 00083753 _____ () C:\Users\Philipp\Downloads\fastboot-win.zip
2014-06-12 11:43 - 2014-06-12 11:43 - 00000000 ____D () C:\Users\Philipp\AppData\Roaming\HTC
2014-06-12 11:42 - 2014-06-12 12:29 - 00000000 ____D () C:\Unlock
2014-06-12 11:41 - 2014-06-12 11:41 - 00000000 ____D () C:\Neuer Ordner
2014-06-12 11:36 - 2014-07-09 11:56 - 00000000 ____D () C:\Users\Philipp\AppData\Local\HTC MediaHub
2014-06-12 11:36 - 2014-06-12 11:42 - 00000000 ____D () C:\Users\Philipp\Documents\HTC
2014-06-12 11:36 - 2014-06-12 11:36 - 00002035 _____ () C:\Users\Public\Desktop\HTC Sync Manager.lnk
2014-06-12 11:36 - 2014-06-12 11:36 - 00000000 ____D () C:\Users\Philipp\AppData\Roaming\Apple Computer
2014-06-12 11:36 - 2014-06-12 11:36 - 00000000 ____D () C:\Users\Philipp\AppData\Local\Apple Computer
2014-06-12 11:36 - 2014-06-12 11:36 - 00000000 ____D () C:\Users\Philipp\.android
2014-06-12 11:36 - 2014-06-12 11:36 - 00000000 ____D () C:\ProgramData\HTC
2014-06-12 11:29 - 2014-06-12 11:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HTC
2014-06-12 11:28 - 2014-06-12 11:36 - 00000000 ____D () C:\Program Files (x86)\HTC
2014-06-12 11:28 - 2014-06-12 11:28 - 00000000 ____D () C:\Program Files (x86)\Spirent Communications
2014-06-12 11:28 - 2014-04-25 04:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-06-12 11:28 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-06-12 11:27 - 2014-05-30 12:21 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-12 11:27 - 2014-05-30 12:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-12 11:27 - 2014-05-30 12:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-06-12 11:27 - 2014-05-30 11:45 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-12 11:27 - 2014-05-30 11:39 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-12 11:27 - 2014-05-30 11:39 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-12 11:27 - 2014-05-30 11:38 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-06-12 11:27 - 2014-05-30 11:28 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-12 11:27 - 2014-05-30 11:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-12 11:27 - 2014-05-30 11:24 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-12 11:27 - 2014-05-30 11:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-12 11:27 - 2014-05-30 11:21 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-06-12 11:27 - 2014-05-30 11:20 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-06-12 11:27 - 2014-05-30 11:18 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-12 11:27 - 2014-05-30 11:11 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-06-12 11:27 - 2014-05-30 11:08 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-12 11:27 - 2014-05-30 11:06 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-12 11:27 - 2014-05-30 11:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-12 11:27 - 2014-05-30 10:55 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-06-12 11:27 - 2014-05-30 10:49 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-12 11:27 - 2014-05-30 10:46 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-12 11:27 - 2014-05-30 10:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-06-12 11:27 - 2014-05-30 10:44 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-12 11:27 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-06-12 11:27 - 2014-05-30 10:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-06-12 11:27 - 2014-05-30 10:38 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-12 11:27 - 2014-05-30 10:35 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-12 11:27 - 2014-05-30 10:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-12 11:27 - 2014-05-30 10:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-12 11:27 - 2014-05-30 10:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-06-12 11:27 - 2014-05-30 10:29 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-12 11:27 - 2014-05-30 10:28 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-06-12 11:27 - 2014-05-30 10:27 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-06-12 11:27 - 2014-05-30 10:24 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-06-12 11:27 - 2014-05-30 10:23 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-12 11:27 - 2014-05-30 10:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-12 11:27 - 2014-05-30 10:10 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-06-12 11:27 - 2014-05-30 10:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-12 11:27 - 2014-05-30 10:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-12 11:27 - 2014-05-30 10:02 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-12 11:27 - 2014-05-30 09:56 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-12 11:27 - 2014-05-30 09:56 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-12 11:27 - 2014-05-30 09:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-12 11:27 - 2014-05-30 09:50 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-06-12 11:27 - 2014-05-30 09:49 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-12 11:27 - 2014-05-30 09:43 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-12 11:27 - 2014-05-30 09:40 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-12 11:27 - 2014-05-30 09:30 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-12 11:27 - 2014-05-30 09:21 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-12 11:27 - 2014-05-30 09:15 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-12 11:27 - 2014-05-30 09:13 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-06-12 11:27 - 2014-05-30 09:13 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-06-12 11:27 - 2014-04-05 04:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-12 11:27 - 2014-04-05 04:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-06-12 11:27 - 2014-03-26 16:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-06-12 11:27 - 2014-03-26 16:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-06-12 11:27 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-06-12 11:27 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-06-12 11:27 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-06-12 11:27 - 2014-03-26 16:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-06-12 11:27 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2014-06-12 11:27 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-06-12 11:26 - 2014-06-12 11:26 - 00000000 ____D () C:\Users\Philipp\AppData\Local\Downloaded Installations
2014-06-12 11:26 - 2014-06-08 11:13 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-12 11:26 - 2014-06-08 11:08 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-12 11:24 - 2014-06-12 11:24 - 00209183 _____ () C:\Users\Philipp\Downloads\htc-one-mini-bootloader-unlock.zip
2014-06-12 11:22 - 2014-06-12 11:24 - 136072080 _____ (HTC) C:\Users\Philipp\Downloads\setup_3.1.13.0_htc.exe

==================== One Month Modified Files and Folders =======

2014-07-09 19:38 - 2014-07-09 19:37 - 00022441 _____ () C:\Users\Philipp\Desktop\FRST.txt
2014-07-09 19:37 - 2014-07-09 19:37 - 00000000 ____D () C:\FRST
2014-07-09 19:37 - 2014-07-04 15:53 - 00289268 _____ () C:\Windows\system32\Drivers\APPFCONT.DAT.bck
2014-07-09 19:37 - 2014-07-04 15:53 - 00289268 _____ () C:\Windows\system32\Drivers\APPFCONT.DAT
2014-07-09 19:36 - 2014-07-09 19:36 - 02084352 _____ (Farbar) C:\Users\Philipp\Desktop\FRST64.exe
2014-07-09 19:36 - 2014-07-02 20:37 - 00000000 ____D () C:\Users\Philipp\AppData\Local\Genesis_07021837
2014-07-09 19:33 - 2014-07-09 19:33 - 00000000 ___HD () C:\Windows\AxInstSV
2014-07-09 19:08 - 2014-07-06 21:03 - 00001112 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-09 18:49 - 2014-07-09 18:49 - 00001061 _____ () C:\Users\Philipp\Desktop\Free PDF to Word Doc Converter.lnk
2014-07-09 18:49 - 2014-07-09 18:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free PDF to Word Doc Converter
2014-07-09 18:49 - 2014-07-09 18:49 - 00000000 ____D () C:\Program Files (x86)\Free PDF to Word Doc Converter
2014-07-09 18:49 - 2014-04-25 17:02 - 00000000 ____D () C:\Users\Philipp\AppData\Local\VirtualStore
2014-07-09 18:48 - 2014-07-09 18:48 - 01128916 _____ (www.hellopdf.com ) C:\Users\Philipp\Downloads\pdf2wordsetup11.exe
2014-07-09 18:38 - 2014-04-25 16:40 - 01758077 _____ () C:\Windows\WindowsUpdate.log
2014-07-09 17:45 - 2014-05-16 17:40 - 00000918 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job
2014-07-09 17:45 - 2014-05-16 17:40 - 00000914 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
2014-07-09 12:45 - 2014-04-28 01:18 - 00008627 _____ () C:\Windows\SysWOW64\PAV_FOG.OPC
2014-07-09 12:08 - 2014-07-07 14:13 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-09 12:05 - 2009-07-14 06:45 - 00014928 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-09 12:05 - 2009-07-14 06:45 - 00014928 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-09 12:01 - 2014-07-09 12:01 - 00003758 _____ () C:\Windows\System32\Tasks\AutoKMS
2014-07-09 11:59 - 2014-07-04 16:42 - 00000056 _____ () C:\Windows\system32\Drivers\etc\WnmFlt.cfg.bck
2014-07-09 11:59 - 2014-07-04 16:42 - 00000056 _____ () C:\Windows\system32\Drivers\etc\WnmFlt.cfg
2014-07-09 11:59 - 2014-07-04 15:59 - 00000252 _____ () C:\Windows\system32\Drivers\etc\IdsFlt.cfg.bck
2014-07-09 11:59 - 2014-07-04 15:59 - 00000252 _____ () C:\Windows\system32\Drivers\etc\IdsFlt.cfg
2014-07-09 11:59 - 2014-07-04 15:59 - 00000080 _____ () C:\Windows\system32\Drivers\etc\NetLoc.wlt.bck
2014-07-09 11:59 - 2014-07-04 15:59 - 00000080 _____ () C:\Windows\system32\Drivers\etc\NetLoc.wlt
2014-07-09 11:59 - 2014-07-04 15:59 - 00000056 _____ () C:\Windows\system32\Drivers\etc\DsaFlt.cfg.bck
2014-07-09 11:59 - 2014-07-04 15:59 - 00000056 _____ () C:\Windows\system32\Drivers\etc\DsaFlt.cfg
2014-07-09 11:59 - 2014-07-04 15:57 - 00000068 _____ () C:\Windows\system32\Drivers\etc\NetFlt.cfg.bck
2014-07-09 11:59 - 2014-07-04 15:57 - 00000068 _____ () C:\Windows\system32\Drivers\etc\NetFlt.cfg
2014-07-09 11:59 - 2014-07-04 15:53 - 00303044 _____ () C:\Windows\system32\Drivers\etc\DsaFlt.rls.bck
2014-07-09 11:59 - 2014-07-04 15:53 - 00303044 _____ () C:\Windows\system32\Drivers\etc\DsaFlt.rls
2014-07-09 11:59 - 2014-07-04 15:53 - 00001132 _____ () C:\Windows\system32\Drivers\APPFLTR.CFG.bck
2014-07-09 11:59 - 2014-07-04 15:53 - 00001132 _____ () C:\Windows\system32\Drivers\APPFLTR.CFG
2014-07-09 11:58 - 2014-07-04 15:57 - 00000136 _____ () C:\Windows\system32\Drivers\etc\NetAdapt.cfg.bck
2014-07-09 11:58 - 2014-07-04 15:57 - 00000136 _____ () C:\Windows\system32\Drivers\etc\NetAdapt.cfg
2014-07-09 11:58 - 2014-07-04 15:57 - 00000064 _____ () C:\Windows\system32\Drivers\etc\NetAR.wlt.bck
2014-07-09 11:58 - 2014-07-04 15:57 - 00000064 _____ () C:\Windows\system32\Drivers\etc\NetAR.wlt
2014-07-09 11:57 - 2014-06-27 11:06 - 00000000 ____D () C:\Users\Philipp\AppData\Roaming\Spotify
2014-07-09 11:56 - 2014-06-12 11:36 - 00000000 ____D () C:\Users\Philipp\AppData\Local\HTC MediaHub
2014-07-09 11:55 - 2014-07-06 21:03 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-09 11:54 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-09 11:54 - 2009-07-14 06:51 - 00033171 _____ () C:\Windows\setupact.log
2014-07-08 12:12 - 2014-04-27 00:31 - 00160248 _____ () C:\Windows\PFRO.log
2014-07-07 23:03 - 2014-06-27 11:06 - 00000000 ____D () C:\Users\Philipp\AppData\Local\Spotify
2014-07-07 15:35 - 2014-07-07 14:15 - 00000000 ____D () C:\Users\Philipp\AppData\Roaming\VOPackage
2014-07-07 15:35 - 2014-06-30 18:47 - 00000000 ____D () C:\Program Files (x86)\Settings Manager
2014-07-07 14:15 - 2014-07-07 14:15 - 00000000 ____D () C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage
2014-07-07 14:14 - 2014-07-07 14:14 - 00000000 ____D () C:\Program Files (x86)\Iminent
2014-07-07 14:13 - 2014-07-07 14:13 - 00287750 _____ ( ) C:\Users\Philipp\Desktop\VOPackage.exe
2014-07-07 14:12 - 2014-07-07 14:12 - 00001110 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-07-07 14:12 - 2014-07-07 14:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-07-07 14:12 - 2014-07-07 14:12 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-07 14:12 - 2014-07-07 14:12 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-07-07 14:11 - 2014-07-07 14:11 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Philipp\Desktop\mbam-setup-2-0-2-1012.exe
2014-07-06 21:03 - 2014-07-06 21:03 - 00004108 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-07-06 21:03 - 2014-07-06 21:03 - 00003856 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-07-06 21:03 - 2014-07-06 21:03 - 00002255 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-07-06 21:03 - 2014-07-06 21:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-07-06 21:03 - 2014-04-27 00:20 - 00000000 ____D () C:\Users\Philipp\AppData\Local\Google
2014-07-06 21:03 - 2014-04-27 00:20 - 00000000 ____D () C:\Program Files (x86)\Google
2014-07-06 21:02 - 2014-07-06 21:02 - 00000000 ____D () C:\Users\Philipp\AppData\Local\Deployment
2014-07-06 21:02 - 2014-07-06 21:02 - 00000000 ____D () C:\Users\Philipp\AppData\Local\Apps\2.0
2014-07-04 17:40 - 2014-06-30 18:48 - 00000000 ____D () C:\Users\Philipp\AppData\Local\Linkey
2014-07-04 15:54 - 2014-07-04 15:54 - 00015928 _____ () C:\Windows\system32\Drivers\COMFiltr.sys
2014-07-04 15:54 - 2014-07-04 15:54 - 00000000 ____D () C:\Users\Philipp\AppData\Local\Panda Security
2014-07-04 15:53 - 2014-07-04 15:53 - 00002536 _____ () C:\Users\Public\Desktop\Remote-Zugriff installieren.lnk
2014-07-04 15:53 - 2014-07-04 15:53 - 00002255 _____ () C:\Users\Public\Desktop\Panda Internet Security 2014.lnk
2014-07-04 15:53 - 2014-07-04 15:53 - 00000274 _____ () C:\Windows\system32\PavCPL64.dat
2014-07-04 15:53 - 2014-07-04 15:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Security
2014-07-04 15:53 - 2014-07-04 15:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Internet Security 2014
2014-07-04 15:53 - 2014-07-04 15:51 - 00000000 ____D () C:\Program Files (x86)\Panda Security
2014-07-04 15:51 - 2014-07-04 15:51 - 00000000 ____D () C:\Windows\SysWOW64\PAV
2014-07-04 15:51 - 2014-07-04 15:51 - 00000000 ____D () C:\Users\Philipp\AppData\Roaming\Panda Security
2014-07-04 15:51 - 2014-07-04 15:51 - 00000000 ____D () C:\ProgramData\Panda Security
2014-07-04 15:44 - 2014-07-04 15:43 - 01042952 _____ () C:\Users\Philipp\Downloads\PANDAIS14.exe
2014-07-04 15:22 - 2014-07-02 20:37 - 00000000 ____D () C:\Users\Philipp\AppData\Local\24223
2014-07-04 15:09 - 2014-07-04 15:09 - 00262144 _____ () C:\Windows\system32\config\elam
2014-07-04 14:40 - 2014-07-04 14:37 - 233068656 _____ () C:\Users\Philipp\Downloads\kav14.0.0.4651de-de.exe
2014-07-04 13:57 - 2014-07-04 13:57 - 00000687 _____ () C:\awh2B34.tmp
2014-07-04 01:52 - 2014-07-04 01:20 - 00000000 ____D () C:\Users\Philipp\AppData\Roaming\Skype
2014-07-04 01:52 - 2014-07-04 01:20 - 00000000 ____D () C:\ProgramData\Skype
2014-07-04 01:37 - 2014-07-04 01:37 - 07787136 _____ () C:\Users\Philipp\Downloads\HSS-3.42-install-e-550-plain.exe
2014-07-04 01:21 - 2014-07-04 01:21 - 00000000 ____D () C:\Users\Philipp\AppData\Local\Skype
2014-07-04 01:19 - 2014-07-04 01:18 - 01677440 _____ (Skype Technologies S.A.) C:\Users\Philipp\Downloads\SkypeSetup.exe
2014-07-04 00:55 - 2014-04-27 00:50 - 00000000 ____D () C:\Users\Philipp\Documents\Stronghold Legends
2014-07-04 00:53 - 2014-04-27 00:26 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-07-04 00:52 - 2014-04-28 00:55 - 00000000 ____D () C:\Users\Philipp\Documents\Studium
2014-07-03 12:53 - 2014-07-03 12:53 - 00000687 _____ () C:\awh275D.tmp
2014-07-02 21:38 - 2014-07-02 21:38 - 00000687 _____ () C:\awh119C.tmp
2014-07-02 15:10 - 2014-07-02 15:10 - 00911360 _____ () C:\Users\Philipp\Downloads\energy-2.ppt
2014-07-02 00:13 - 2014-07-01 21:45 - 00000000 ____D () C:\Users\Philipp\Documents\Matlab
2014-07-02 00:07 - 2014-07-02 00:07 - 00000000 ____D () C:\Users\Philipp\AppData\Roaming\Subversion
2014-07-02 00:06 - 2014-07-02 00:06 - 00000000 ____D () C:\Users\Philipp\AppData\Roaming\MathWorks
2014-07-02 00:06 - 2014-07-02 00:06 - 00000000 ____D () C:\Users\Philipp\AppData\Local\MathWorks
2014-07-02 00:02 - 2014-07-02 00:02 - 00001303 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MATLAB R2014a.lnk
2014-07-02 00:02 - 2014-07-02 00:02 - 00001291 _____ () C:\Users\Public\Desktop\MATLAB R2014a.lnk
2014-07-02 00:02 - 2014-07-02 00:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MATLAB
2014-07-02 00:01 - 2014-07-02 00:01 - 00000000 ____D () C:\ProgramData\MathWorks
2014-07-01 23:29 - 2014-07-01 23:29 - 00000000 ____D () C:\Program Files\MATLAB
2014-07-01 03:35 - 2014-06-30 19:09 - 00000000 ____D () C:\Windows\AutoKMS
2014-07-01 03:34 - 2009-07-14 06:45 - 00460696 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-01 03:16 - 2014-06-30 19:01 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-07-01 03:16 - 2014-06-30 18:56 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-07-01 03:02 - 2009-07-14 04:34 - 00000478 _____ () C:\Windows\win.ini
2014-07-01 03:00 - 2014-07-01 03:00 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help
2014-07-01 03:00 - 2014-07-01 03:00 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help
2014-06-30 19:17 - 2014-06-30 19:17 - 00002839 _____ () C:\Users\Philipp\Desktop\OneNote 2013.lnk
2014-06-30 19:13 - 2014-06-30 19:13 - 00003015 _____ () C:\Users\Philipp\Desktop\Word 2013.lnk
2014-06-30 19:08 - 2014-06-30 19:08 - 00000000 ____D () C:\ProgramData\Microsoft Toolkit
2014-06-30 19:07 - 2014-04-28 00:41 - 00117912 _____ () C:\Users\Philipp\AppData\Local\GDIPFONTCACHEV1.DAT
2014-06-30 19:02 - 2014-06-30 19:02 - 00000000 ____D () C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2014-06-30 19:01 - 2014-06-30 19:17 - 00002959 _____ () C:\Users\Philipp\Desktop\Lync 2013.lnk
2014-06-30 19:01 - 2014-06-30 19:17 - 00002937 _____ () C:\Users\Philipp\Desktop\Publisher 2013.lnk
2014-06-30 19:01 - 2014-06-30 19:15 - 00002937 _____ () C:\Users\Philipp\Desktop\PowerPoint 2013.lnk
2014-06-30 19:01 - 2014-06-30 19:15 - 00002864 _____ () C:\Users\Philipp\Desktop\Outlook 2013.lnk
2014-06-30 19:01 - 2014-06-30 19:15 - 00002829 _____ () C:\Users\Philipp\Desktop\Access 2013.lnk
2014-06-30 19:01 - 2014-06-30 19:14 - 00003037 _____ () C:\Users\Philipp\Desktop\Excel 2013.lnk
2014-06-30 19:01 - 2014-06-30 19:01 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-06-30 19:01 - 2009-07-14 20:18 - 00000000 ____D () C:\Windows\ShellNew
2014-06-30 19:01 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-06-30 19:00 - 2014-06-30 19:00 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-30 19:00 - 2014-06-30 19:00 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server
2014-06-30 19:00 - 2014-06-30 18:59 - 00000000 ____D () C:\Program Files\Microsoft SQL Server
2014-06-30 18:59 - 2014-06-30 18:59 - 00000000 ____D () C:\Windows\PCHEALTH
2014-06-30 18:59 - 2014-06-30 18:56 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-06-30 18:58 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\System
2014-06-30 18:57 - 2014-06-30 18:57 - 00000000 ____D () C:\Users\Philipp\AppData\Local\Microsoft Help
2014-06-30 18:57 - 2014-06-30 18:57 - 00000000 ____D () C:\Program Files\Microsoft Analysis Services
2014-06-30 18:57 - 2014-06-30 18:57 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-06-30 18:57 - 2014-06-30 18:57 - 00000000 ____D () C:\Program Files (x86)\Microsoft Analysis Services
2014-06-30 18:55 - 2014-06-30 18:55 - 00000000 __RHD () C:\MSOCache
2014-06-30 18:52 - 2014-06-30 18:49 - 00000000 ____D () C:\ProgramData\TuneUp Software
2014-06-30 18:52 - 2014-06-30 18:46 - 00000000 ____D () C:\Users\Philipp\AppData\Roaming\DAEMON Tools Lite
2014-06-30 18:52 - 2014-06-30 18:46 - 00000000 ____D () C:\ProgramData\DAEMON Tools Lite
2014-06-30 18:52 - 2009-07-14 19:58 - 00699248 _____ () C:\Windows\system32\perfh007.dat
2014-06-30 18:52 - 2009-07-14 19:58 - 00149356 _____ () C:\Windows\system32\perfc007.dat
2014-06-30 18:52 - 2009-07-14 07:13 - 01618896 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-30 18:51 - 2014-06-30 18:51 - 00000000 ____D () C:\Users\Philipp\AppData\Roaming\TuneUp Software
2014-06-30 18:51 - 2014-06-30 18:51 - 00000000 ____D () C:\Users\Philipp\AppData\Local\TuneUp Software
2014-06-30 18:49 - 2014-06-30 18:49 - 00001958 _____ () C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2014-06-30 18:49 - 2014-06-30 18:49 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-06-30 18:46 - 2014-06-30 18:46 - 00283064 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtsoftbus01.sys
2014-06-30 18:46 - 2014-06-30 18:46 - 00000000 ____D () C:\Program Files (x86)\DAEMON Tools Lite
2014-06-30 18:40 - 2014-06-30 18:39 - 00000000 ____D () C:\Users\Philipp\Documents\Office
2014-06-30 14:34 - 2014-04-28 12:35 - 00000000 ____D () C:\ProgramData\HP
2014-06-30 14:34 - 2014-04-28 12:35 - 00000000 ____D () C:\Program Files (x86)\HP
2014-06-27 11:06 - 2014-06-27 11:06 - 00126112 _____ (Spotify Ltd) C:\Users\Philipp\Downloads\SpotifySetup.exe
2014-06-27 11:06 - 2014-06-27 11:06 - 00001821 _____ () C:\Users\Philipp\Desktop\Spotify.lnk
2014-06-27 11:06 - 2014-06-27 11:06 - 00001807 _____ () C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2014-06-26 09:43 - 2014-06-26 09:43 - 25755856 _____ (Microsoft Corporation) C:\Users\Philipp\Downloads\wordview_de-de.exe
2014-06-26 09:43 - 2014-06-26 09:43 - 00000000 ____D () C:\Program Files (x86)\MSECache
2014-06-25 20:45 - 2014-06-25 20:38 - 00000000 ____D () C:\ProgramData\BlueStacksSetup
2014-06-25 20:40 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Public\Libraries
2014-06-25 20:39 - 2014-06-25 20:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks
2014-06-25 20:39 - 2014-06-25 20:39 - 00000000 ____D () C:\ProgramData\BlueStacks
2014-06-25 20:39 - 2014-06-25 20:39 - 00000000 ____D () C:\Program Files (x86)\BlueStacks
2014-06-25 20:38 - 2014-06-25 20:38 - 00000000 ____D () C:\Users\Philipp\AppData\Local\Bluestacks
2014-06-25 20:38 - 2014-06-25 20:37 - 12851944 _____ (BlueStack Systems Inc.) C:\Users\Philipp\Downloads\BlueStacks-SplitInstaller_native_c.exe
2014-06-25 01:04 - 2014-06-25 01:04 - 00000075 _____ () C:\Users\Philipp\Downloads\Downloads.rar
2014-06-22 17:53 - 2014-06-22 17:48 - 00000000 ____D () C:\Users\Public\Documents\Wondershare
2014-06-22 17:50 - 2014-06-22 17:50 - 00000000 ____D () C:\Users\Philipp\AppData\Local\Wondershare
2014-06-22 17:50 - 2014-06-22 17:49 - 00000000 ____D () C:\Users\Philipp\AppData\Roaming\Wondershare
2014-06-22 17:49 - 2014-06-22 17:49 - 00000000 ____D () C:\ProgramData\PDFEditor
2014-06-22 17:49 - 2014-06-22 17:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2014-06-22 17:49 - 2014-06-22 17:49 - 00000000 ____D () C:\Program Files (x86)\Wondershare
2014-06-22 17:48 - 2014-06-22 17:48 - 00710144 _____ (Wondershare) C:\Users\Philipp\Downloads\pdf-editor_setup_full1155.exe
2014-06-22 17:40 - 2009-07-14 07:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-06-19 09:57 - 2014-06-19 09:57 - 00000897 _____ () C:\Users\Philipp\Documents\Kosten.txt
2014-06-15 19:45 - 2014-06-15 19:45 - 00286734 _____ () C:\Windows\msxml4-KB973688-enu.LOG
2014-06-15 19:45 - 2014-06-15 19:45 - 00000000 ____D () C:\Program Files (x86)\MSXML 4.0
2014-06-15 19:45 - 2014-06-15 19:44 - 00291980 _____ () C:\Windows\msxml4-KB954430-enu.LOG
2014-06-15 19:44 - 2014-05-16 17:45 - 00000000 ____D () C:\Users\Philipp\Documents\Optimizer Pro
2014-06-15 08:46 - 2014-06-15 08:46 - 00108544 _____ () C:\Windows\SysWOW64\installd.exe
2014-06-14 19:59 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-06-12 12:48 - 2014-05-06 22:14 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-06-12 12:29 - 2014-06-12 12:28 - 08101888 _____ () C:\Users\Philipp\Downloads\recovery-clockwork-touch-6.0.3.6-m4.img
2014-06-12 12:29 - 2014-06-12 11:42 - 00000000 ____D () C:\Unlock
2014-06-12 11:47 - 2014-06-12 11:47 - 00083753 _____ () C:\Users\Philipp\Downloads\fastboot-win.zip
2014-06-12 11:43 - 2014-06-12 11:43 - 00000000 ____D () C:\Users\Philipp\AppData\Roaming\HTC
2014-06-12 11:42 - 2014-06-12 11:36 - 00000000 ____D () C:\Users\Philipp\Documents\HTC
2014-06-12 11:41 - 2014-06-12 11:41 - 00000000 ____D () C:\Neuer Ordner
2014-06-12 11:36 - 2014-06-12 11:36 - 00002035 _____ () C:\Users\Public\Desktop\HTC Sync Manager.lnk
2014-06-12 11:36 - 2014-06-12 11:36 - 00000000 ____D () C:\Users\Philipp\AppData\Roaming\Apple Computer
2014-06-12 11:36 - 2014-06-12 11:36 - 00000000 ____D () C:\Users\Philipp\AppData\Local\Apple Computer
2014-06-12 11:36 - 2014-06-12 11:36 - 00000000 ____D () C:\Users\Philipp\.android
2014-06-12 11:36 - 2014-06-12 11:36 - 00000000 ____D () C:\ProgramData\HTC
2014-06-12 11:36 - 2014-06-12 11:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HTC
2014-06-12 11:36 - 2014-06-12 11:28 - 00000000 ____D () C:\Program Files (x86)\HTC
2014-06-12 11:36 - 2014-04-25 17:01 - 00000000 ____D () C:\Users\Philipp
2014-06-12 11:29 - 2014-04-27 00:29 - 00020744 _____ () C:\Windows\DPINST.LOG
2014-06-12 11:28 - 2014-06-12 11:28 - 00000000 ____D () C:\Program Files (x86)\Spirent Communications
2014-06-12 11:26 - 2014-06-12 11:26 - 00000000 ____D () C:\Users\Philipp\AppData\Local\Downloaded Installations
2014-06-12 11:24 - 2014-06-12 11:24 - 00209183 _____ () C:\Users\Philipp\Downloads\htc-one-mini-bootloader-unlock.zip
2014-06-12 11:24 - 2014-06-12 11:22 - 136072080 _____ (HTC) C:\Users\Philipp\Downloads\setup_3.1.13.0_htc.exe
2014-06-11 11:44 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF

Some content of TEMP:
====================
C:\Users\Philipp\AppData\Local\Temp\2040-2082_re-markit.exe
C:\Users\Philipp\AppData\Local\Temp\amsetup_activeris_default_010414_installer.exe
C:\Users\Philipp\AppData\Local\Temp\application.exe
C:\Users\Philipp\AppData\Local\Temp\BackupSetup.exe
C:\Users\Philipp\AppData\Local\Temp\cloud_backup_setup.exe
C:\Users\Philipp\AppData\Local\Temp\comver.dll
C:\Users\Philipp\AppData\Local\Temp\DseShExt-x64.dll
C:\Users\Philipp\AppData\Local\Temp\DseShExt-x86.dll
C:\Users\Philipp\AppData\Local\Temp\IminentSetup_june26.exe
C:\Users\Philipp\AppData\Local\Temp\ose00001.exe
C:\Users\Philipp\AppData\Local\Temp\SDShelEx-win32.dll
C:\Users\Philipp\AppData\Local\Temp\SDShelEx-x64.dll
C:\Users\Philipp\AppData\Local\Temp\vcredist_x64.exe
C:\Users\Philipp\AppData\Local\Temp\vopackage.exe
C:\Users\Philipp\AppData\Local\Temp\{602AA508-EAA9-4231-A904-F6D6A4AE5E8D}.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-07-08 14:00

==================== End Of Log ============================
         
Und hier die Addition.txt
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-07-2014
Ran by Philipp at 2014-07-09 19:38:25
Running from C:\Users\Philipp\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Panda Internet Security 2014 (Enabled - Up to date) {86971480-9989-6750-B122-681A86518D59}
AS: Panda Internet Security 2014 (Enabled - Up to date) {3DF6F564-BFB3-68DE-8B92-5368FDD6C7E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Panda Personal Firewall 2014 (Enabled) {BEAC95A5-D3E6-6608-9A7D-C12F7882CA22}

==================== Installed Programs ======================

µTorrent (HKCU\...\uTorrent) (Version: 3.4.1.31139 - BitTorrent Inc.)
Adobe Reader XI (11.0.07) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Advanced Archive Password Recovery (HKLM-x32\...\{01011662-76A8-41E8-B1A8-4F8821570AC5}) (Version: 4.54.48.1338 - Elcomsoft Co. Ltd.)
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.8.11.3116 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{80194F84-21CE-44CF-A46E-38D8CE448856}) (Version: 0.8.11.3116 - BlueStack Systems, Inc.)
Cisco AnyConnect Secure Mobility Client  (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 3.1.05160 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (x32 Version: 3.1.05160 - Cisco Systems, Inc.) Hidden
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version:  - Valve)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Definition Update for Microsoft Office 2013 (KB2760587) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{AD09282B-E878-4C2C-914D-E67475E4729C}) (Version:  - Microsoft)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.3.22 - DivX, LLC)
Free IP Switcher (HKLM-x32\...\Free IP Switcher) (Version: hxxp://www.eusing.com/ipswitch/free_ip_switcher.htm - Eusing Software)
Free PDF to Word Doc Converter v1.1 (HKLM-x32\...\Free PDF to Word Doc Converter_is1) (Version: 1.1 - www.hellopdf.com)
GamersGoMakers Demo version 1.00 (HKLM-x32\...\{002C48A1-8B64-42C0-8A6A-57C4391E67D8}_is1) (Version: 1.00 - gnifrebel games)
GameSpy Arcade (HKLM-x32\...\GameSpy Arcade) (Version:  - )
Genesis (HKCU\...\genesis_07021837) (Version:  - ) <==== ATTENTION
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
HP Officejet 4630 series - Grundlegende Software für das Gerät (HKLM\...\{CCF92FFE-5341-4263-9048-472D9E3C5703}) (Version: 32.0.1180.44630 - Hewlett-Packard Co.)
HP Officejet 4630 series Hilfe (HKLM-x32\...\{08B9332C-26DB-4EF3-85D6-6DC62B937681}) (Version: 31.0.0 - Hewlett Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HTC Driver Installer (HKLM-x32\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.11.0.001 - HTC Corporation)
HTC Sync Manager (HKLM-x32\...\{231D0C79-98A6-4693-A366-36DE7D7346EC}) (Version: 3.1.13.0 - HTC)
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
Installer (HKLM-x32\...\VOPackage) (Version: 1.0.0.0 - ) <==== ATTENTION
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217055FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Linkey (HKCU\...\Linkey) (Version: 0.0.0.469 - Aztec Media Inc) <==== ATTENTION
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
MATLAB R2014a (HKLM\...\Matlab R2014a) (Version: 8.3 - The MathWorks, Inc.)
MegaTrainer eXperience V1.1.0.4 (HKLM-x32\...\MegaTrainer eXperience_is1) (Version:  - )
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Access MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft DCF MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Excel MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Groove MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Lync MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office 32-bit Components 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Korrekturhilfen 2013 - Deutsch (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - English (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - Italiano (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft OneNote MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Word MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Network System Driver (HKLM-x32\...\inethnfd) (Version: 1.0.0.3001 - ) <==== ATTENTION
NVIDIA Grafiktreiber 327.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.02 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.133.889 - NVIDIA Corporation) Hidden
NVIDIA Optimus 1.14.17 (Version: 1.14.17 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 327.02 (Version: 327.02 - NVIDIA Corporation) Hidden
NVIDIA Update 1.14.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.14.17 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.14.17 - NVIDIA Corporation) Hidden
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Panda Internet Security 2014 (HKLM-x32\...\{7926EFB6-7CB4-4A9D-AB01-095F67F9D519}) (Version: 19.01.01 - Panda Security)
Panda Internet Security 2014 (x32 Version: 19.01.01 - Panda Security) Hidden
Password Depot 7 - Panda Secure Vault Edition (HKLM-x32\...\{A6144BFB-45FB-4DDB-BC4F-AB10E9FF0395}_is1) (Version: 7.1.0 - AceBIT GmbH)
PDF24 Creator 6.3.2 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
RAR Password Recovery v1.1 RC17 (remove only) (HKLM-x32\...\Intelore - RAR Password Recovery) (Version:  - )
Spotify (HKCU\...\Spotify) (Version: 0.9.11.27.g2b1a638c - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
Stronghold Legends (HKLM-x32\...\Steam App 40980) (Version:  - FireFly Studios)
Studie zur Verbesserung von HP Officejet 4630 series (HKLM\...\{9D3B1C22-1F19-4BCD-A03F-DA75E38E3456}) (Version: 32.0.1180.44630 - Hewlett-Packard Co.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 14.0.19.0 - Synaptics Incorporated)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
Update for Microsoft Excel 2013 (KB2881014) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D8C78DED-3543-449A-8E3E-9391643EBB0E}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2881014) 64-Bit Edition (HKLM\...\{90150000-0016-0407-1000-0000000FF1CE}_Office15.PROPLUS_{D8C78DED-3543-449A-8E3E-9391643EBB0E}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2881014) 64-Bit Edition (HKLM\...\{90150000-0018-0407-1000-0000000FF1CE}_Office15.PROPLUS_{D8C78DED-3543-449A-8E3E-9391643EBB0E}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2881014) 64-Bit Edition (HKLM\...\{90150000-001B-0407-1000-0000000FF1CE}_Office15.PROPLUS_{D8C78DED-3543-449A-8E3E-9391643EBB0E}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2881014) 64-Bit Edition (HKLM\...\{90150000-00C1-0407-1000-0000000FF1CE}_Office15.PROPLUS_{D8C78DED-3543-449A-8E3E-9391643EBB0E}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2850074) 64-Bit Edition (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.PROPLUS_{CE9A9D7C-B6FB-4F6C-8BDE-9A1ADBBAC1EE}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760344) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{EF77B4A6-DFEC-4010-A87D-9B6BF87FABEC}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760544) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{62857CDD-2985-4939-91BA-19ED0B0031A5}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2768012) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{0814662C-FD28-4DE0-ACE5-EE50D1D6C8FB}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817302) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{E79EFFDB-192A-4D9E-A2DB-C0F774E6EC32}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817302) 64-Bit Edition (HKLM\...\{90150000-0016-0407-1000-0000000FF1CE}_Office15.PROPLUS_{E79EFFDB-192A-4D9E-A2DB-C0F774E6EC32}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2826040) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{C4AEA56A-0759-4D08-9FAB-31A92137D0B8}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2837644) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D692E9FF-84BF-4F44-A0EA-D58ECE0D538E}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2863843) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{290D80DE-03AB-47EC-9402-108AF4CE4F66}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2878313) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{98821750-2C79-4A07-9AE9-D2536FD9491D}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880457) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{EC2AF602-2730-4B05-9438-06CDE43153F2}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{24584DD4-C680-4FEB-A464-D760C7A5B041}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 64-Bit Edition (HKLM\...\{90150000-006E-0407-1000-0000000FF1CE}_Office15.PROPLUS_{24584DD4-C680-4FEB-A464-D760C7A5B041}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{24584DD4-C680-4FEB-A464-D760C7A5B041}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880464) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{88B29AA5-71EE-4692-91E2-E89407F0B783}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880476) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D3FC5B59-0F86-4B9A-94DF-FC213DF4FA63}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880476) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D3FC5B59-0F86-4B9A-94DF-FC213DF4FA63}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880478) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{8116ED50-F1E7-49E1-9D8D-421497D34B0F}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880991) 64-Bit Edition (HKLM\...\{90150000-001F-0407-1000-0000000FF1CE}_Office15.PROPLUS_{B386BAA9-7D92-450E-B43E-BD96B01ADEC0}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880991) 64-Bit Edition (HKLM\...\{90150000-001F-0409-1000-0000000FF1CE}_Office15.PROPLUS_{F6CE638B-5A06-4EDD-A1FA-BFA827D14071}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880991) 64-Bit Edition (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}_Office15.PROPLUS_{927B47DF-91B2-4EBF-9B66-43B2C95E41BF}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880991) 64-Bit Edition (HKLM\...\{90150000-001F-0410-1000-0000000FF1CE}_Office15.PROPLUS_{7BD6AF81-49D4-482A-8CDD-90B4031627F2}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{885C981B-F1E3-430A-A099-31CA9D28C251}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 64-Bit Edition (HKLM\...\{90150000-0016-0407-1000-0000000FF1CE}_Office15.PROPLUS_{885C981B-F1E3-430A-A099-31CA9D28C251}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 64-Bit Edition (HKLM\...\{90150000-0090-0407-1000-0000000FF1CE}_Office15.PROPLUS_{885C981B-F1E3-430A-A099-31CA9D28C251}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2881018) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{F0B3B3E0-40AC-4339-83F7-735DD302ADDE}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2881018) 64-Bit Edition (HKLM\...\{90150000-00BA-0407-1000-0000000FF1CE}_Office15.PROPLUS_{F0B3B3E0-40AC-4339-83F7-735DD302ADDE}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2881018) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{F0B3B3E0-40AC-4339-83F7-735DD302ADDE}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2881018) 64-Bit Edition (HKLM\...\{90150000-00C1-0407-1000-0000000FF1CE}_Office15.PROPLUS_{F0B3B3E0-40AC-4339-83F7-735DD302ADDE}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2880458) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D2CD59AB-CA83-44D4-AEF8-E49A3FE8FD7F}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2880458) 64-Bit Edition (HKLM\...\{90150000-00A1-0407-1000-0000000FF1CE}_Office15.PROPLUS_{D2CD59AB-CA83-44D4-AEF8-E49A3FE8FD7F}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2880458) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D2CD59AB-CA83-44D4-AEF8-E49A3FE8FD7F}) (Version:  - Microsoft)
Update for Microsoft Outlook 2013 (KB2880470) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{34A169EC-990A-4DAE-AC65-9F981158B7DB}) (Version:  - Microsoft)
Update for Microsoft Outlook 2013 (KB2880470) 64-Bit Edition (HKLM\...\{90150000-001A-0407-1000-0000000FF1CE}_Office15.PROPLUS_{34A169EC-990A-4DAE-AC65-9F981158B7DB}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2881000) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D3F7B995-360E-406A-B74B-5EA682159985}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2881000) 64-Bit Edition (HKLM\...\{90150000-0018-0407-1000-0000000FF1CE}_Office15.PROPLUS_{D3F7B995-360E-406A-B74B-5EA682159985}) (Version:  - Microsoft)
Update for Microsoft Publisher 2013 (KB2726952) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{03B2C707-503D-4979-8322-CA92C45AD6B4}) (Version:  - Microsoft)
Update for Microsoft Publisher 2013 (KB2726952) 64-Bit Edition (HKLM\...\{90150000-0019-0407-1000-0000000FF1CE}_Office15.PROPLUS_{03B2C707-503D-4979-8322-CA92C45AD6B4}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{8E5CD68A-CDF8-4930-88DF-B7778B1871A9}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 64-Bit Edition (HKLM\...\{90150000-006E-0407-1000-0000000FF1CE}_Office15.PROPLUS_{8E5CD68A-CDF8-4930-88DF-B7778B1871A9}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2878319) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{BC51FE30-3A56-4802-8D9E-E9BC05B56B49}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2881005) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{125BAFEC-EB26-45C3-B97A-475162C6BDC0}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2881005) 64-Bit Edition (HKLM\...\{90150000-001A-0407-1000-0000000FF1CE}_Office15.PROPLUS_{125BAFEC-EB26-45C3-B97A-475162C6BDC0}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2881005) 64-Bit Edition (HKLM\...\{90150000-001B-0407-1000-0000000FF1CE}_Office15.PROPLUS_{125BAFEC-EB26-45C3-B97A-475162C6BDC0}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2881005) 64-Bit Edition (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.PROPLUS_{125BAFEC-EB26-45C3-B97A-475162C6BDC0}) (Version:  - Microsoft)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
WinRAR archiver (HKLM-x32\...\WinRAR archiver) (Version:  - )
Wondershare PDF Editor OCR (HKLM-x32\...\{408133BA-3665-4EF5-9DC4-E6A475DA8119}_is1) (Version: 3.6.0.9 - Wondershare Software Co.,Ltd.)
Wondershare PDF Editor(Build 3.8.0) (HKLM-x32\...\{75BAE677-F65A-45A4-9931-363FE0CF5E58}_is1) (Version: 3.8.0.11 - Wondershare Software Co.,Ltd.)

==================== Restore Points  =========================

01-07-2014 01:00:15 Windows Update
03-07-2014 23:38:29 Gerätetreiber-Paketinstallation: Anchorfree HSS VPN Adapter Netzwerkadapter
03-07-2014 23:41:13 Gerätetreiber-Paketinstallation: Anchorfree Inc Netzwerkdienst
03-07-2014 23:51:33 Removed Skype™ 6.16
03-07-2014 23:52:10 Removed Skype Click to Call
04-07-2014 11:57:14 Windows Update
08-07-2014 10:25:53 Windows Update

==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {058009E5-6F67-4694-A24D-29B5FA95647E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {259E782C-7ED7-4FFF-85FD-DCD9E48FFC77} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2014-06-30] ()
Task: {3AB74056-283F-4137-AD76-7401BC22D3F0} - System32\Tasks\globalUpdateUpdateTaskMachineUA => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-05-16] (globalUpdate) <==== ATTENTION
Task: {46F363B0-6212-4DB1-8CBC-3CF2832665D1} - System32\Tasks\globalUpdateUpdateTaskMachineCore => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-05-16] (globalUpdate) <==== ATTENTION
Task: {60DEDF45-9D41-437B-ABC2-18AB6A5E2638} - System32\Tasks\HPCustParticipation HP Officejet 4630 series => C:\Program Files\HP\HP Officejet 4630 series\Bin\HPCustPartic.exe [2013-08-13] (Hewlett-Packard Co.)
Task: {6FAE5414-351E-496A-B17F-25D7ADB25DF9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-06] (Google Inc.)
Task: {70E70A88-0A78-4C5C-9A26-32E4709F81EE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-06] (Google Inc.)
Task: {CE0F5724-4EBA-4D5A-9C8A-E444E8F21EDB} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {DEA1207A-4000-4594-A8C6-F89072DDEB77} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-04-25 17:20 - 2013-08-30 00:43 - 00097568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-05-28 00:43 - 2008-06-20 00:41 - 00062464 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll
2012-12-07 17:26 - 2012-12-07 17:26 - 00167424 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
2014-05-27 12:43 - 2014-05-27 12:43 - 00821600 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
2012-01-10 21:12 - 2012-01-10 21:12 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-07-02 20:37 - 2014-07-02 20:38 - 03227648 _____ () C:\Users\Philipp\AppData\Local\Genesis_07021837\Genesis_07021837.exe
2014-01-10 07:26 - 2014-01-10 07:26 - 01861968 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
2014-03-12 22:53 - 2014-03-12 22:53 - 00063376 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
2014-05-27 12:42 - 2014-05-27 12:42 - 00031080 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DbAccess.dll
2014-05-27 12:42 - 2014-05-27 12:42 - 00607376 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\sqlite3.dll
2014-05-27 12:43 - 2014-05-27 12:43 - 00059752 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NAdvLog.dll
2014-05-27 12:42 - 2014-05-27 12:42 - 00036216 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NFileCacheDBAccess.dll
2014-05-27 12:43 - 2014-05-27 12:43 - 00080248 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\ninstallerhelper.dll
2014-05-27 12:44 - 2014-05-27 12:44 - 00129376 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\zlib1.dll
2014-05-27 12:45 - 2014-05-27 12:45 - 00223592 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DevConnMon.dll
2014-07-04 15:52 - 2007-02-14 13:55 - 00165424 _____ () C:\Program Files (x86)\Panda Security\Panda Internet Security 2014\MiniCrypto.dll
2014-07-04 15:52 - 2004-05-19 11:33 - 00507904 _____ () C:\Program Files (x86)\Panda Security\Panda Internet Security 2014\libxml2.dll
2014-07-04 15:52 - 2007-02-14 13:55 - 00099888 _____ () C:\Program Files (x86)\Panda Security\Panda Internet Security 2014\APIcr.dll
2014-01-10 07:28 - 2014-01-10 07:28 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
2014-06-22 17:50 - 2014-05-10 20:33 - 00411136 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll
2014-06-22 17:50 - 2014-04-30 11:13 - 00137728 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll
2014-07-06 21:03 - 2014-06-05 15:58 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\libglesv2.dll
2014-07-06 21:03 - 2014-06-05 15:58 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\libegl.dll
2014-07-06 21:03 - 2014-06-05 15:58 - 01732424 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ffmpegsumo.dll
2014-07-06 21:03 - 2014-06-05 15:58 - 14612296 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\PepperFlash\pepflashplayer.dll
2012-09-23 20:43 - 2012-09-23 20:43 - 00313992 _____ () C:\Program Files (x86)\Adobe\Reader 11.0\Reader\sqlite.dll
2013-12-21 08:04 - 2013-12-21 08:04 - 14588632 _____ () C:\Program Files (x86)\Adobe\Reader 11.0\Reader\NPSWF32.dll
2014-07-06 21:03 - 2014-06-05 15:58 - 04217672 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\pdf.dll
2014-07-06 21:03 - 2014-06-05 15:58 - 00414536 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PskSvcRetail => ""="Service"

==================== EXE Association (whitelisted) =============


==================== MSCONFIG/TASK MANAGER disabled items =========


==================== Faulty Device Manager Devices =============

Name: F06DEFF2-5B9C-490D-910F-35D3A9119622
Description: F06DEFF2-5B9C-490D-910F-35D3A9119622
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: F06DEFF2-5B9C-490D-910F-35D3A9119622
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Ethernet-Controller
Description: Ethernet-Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/07/2014 02:07:15 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/07/2014 02:07:03 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/07/2014 02:06:51 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/07/2014 00:59:43 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: WebProxy.exe, Version: 9.4.0.0, Zeitstempel: 0x51d517b2
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea8e7
Ausnahmecode: 0xc0000264
Fehleroffset: 0x000a2525
ID des fehlerhaften Prozesses: 0x724
Startzeit der fehlerhaften Anwendung: 0xWebProxy.exe0
Pfad der fehlerhaften Anwendung: WebProxy.exe1
Pfad des fehlerhaften Moduls: WebProxy.exe2
Berichtskennung: WebProxy.exe3

Error: (07/04/2014 01:41:31 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: hsswd.exe, Version: 0.0.0.0, Zeitstempel: 0x51087583
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea8e7
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0003332f
ID des fehlerhaften Prozesses: 0x1db8
Startzeit der fehlerhaften Anwendung: 0xhsswd.exe0
Pfad der fehlerhaften Anwendung: hsswd.exe1
Pfad des fehlerhaften Moduls: hsswd.exe2
Berichtskennung: hsswd.exe3

Error: (07/04/2014 01:22:38 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Skype.exe, Version 6.16.0.105 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 16c4

Startzeit: 01cf9715699baafd

Endzeit: 22

Anwendungspfad: C:\Program Files (x86)\Skype\Phone\Skype.exe

Berichts-ID:

Error: (07/02/2014 00:26:31 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: AutoKMS.exe, Version: 2.5.0.0, Zeitstempel: 0x52ea7aea
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18409, Zeitstempel: 0x5315a05a
Ausnahmecode: 0xe0434352
Fehleroffset: 0x000000000000940d
ID des fehlerhaften Prozesses: 0x64c
Startzeit der fehlerhaften Anwendung: 0xAutoKMS.exe0
Pfad der fehlerhaften Anwendung: AutoKMS.exe1
Pfad des fehlerhaften Moduls: AutoKMS.exe2
Berichtskennung: AutoKMS.exe3

Error: (07/02/2014 00:26:28 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: AutoKMS.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.Runtime.InteropServices.COMException
Stapel:
   bei ..(System.String, System.String, ., System.String)
   bei ...ctor()
   bei ..(.)
   bei ..()

Error: (07/01/2014 07:14:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: wmpnetwk.exe, Version: 12.0.7601.17514, Zeitstempel: 0x4ce7ae7f
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000007feff4c0000
ID des fehlerhaften Prozesses: 0x2c8
Startzeit der fehlerhaften Anwendung: 0xwmpnetwk.exe0
Pfad der fehlerhaften Anwendung: wmpnetwk.exe1
Pfad des fehlerhaften Moduls: wmpnetwk.exe2
Berichtskennung: wmpnetwk.exe3

Error: (06/30/2014 07:37:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: wmpnetwk.exe, Version: 12.0.7601.17514, Zeitstempel: 0x4ce7ae7f
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000007feff1c0000
ID des fehlerhaften Prozesses: 0x1178
Startzeit der fehlerhaften Anwendung: 0xwmpnetwk.exe0
Pfad der fehlerhaften Anwendung: wmpnetwk.exe1
Pfad des fehlerhaften Moduls: wmpnetwk.exe2
Berichtskennung: wmpnetwk.exe3


System errors:
=============
Error: (07/09/2014 11:56:37 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
F06DEFF2-5B9C-490D-910F-35D3A9119622

Error: (07/09/2014 11:54:56 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Systemk Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (07/08/2014 00:14:17 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
F06DEFF2-5B9C-490D-910F-35D3A9119622

Error: (07/08/2014 00:14:15 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "BlueStacks Android Service" wurde nicht richtig gestartet.

Error: (07/08/2014 00:12:43 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Systemk Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (07/07/2014 10:52:38 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
F06DEFF2-5B9C-490D-910F-35D3A9119622

Error: (07/07/2014 10:52:14 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Systemk Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (07/07/2014 02:34:07 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
F06DEFF2-5B9C-490D-910F-35D3A9119622

Error: (07/07/2014 02:33:09 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Systemk Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (07/07/2014 11:47:40 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
F06DEFF2-5B9C-490D-910F-35D3A9119622


Microsoft Office Sessions:
=========================
Error: (07/07/2014 02:07:15 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Philipp\Downloads\SoftonicDownloader_fuer_malwarebytes-anti-malware.exe

Error: (07/07/2014 02:07:03 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Philipp\Downloads\SoftonicDownloader_fuer_malwarebytes-anti-malware.exe

Error: (07/07/2014 02:06:51 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Philipp\Downloads\SoftonicDownloader_fuer_malwarebytes-anti-malware.exe

Error: (07/07/2014 00:59:43 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: WebProxy.exe9.4.0.051d517b2ntdll.dll6.1.7601.18247521ea8e7c0000264000a252572401cf97c193695f4eC:\PROGRAM FILES (X86)\PANDA SECURITY\PANDA INTERNET SECURITY 2014\WebProxy.exeC:\Windows\SysWOW64\ntdll.dll36ffb85c-0561-11e4-afeb-d0dd6a91861f

Error: (07/04/2014 01:41:31 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: hsswd.exe0.0.0.051087583ntdll.dll6.1.7601.18247521ea8e7c00000050003332f1db801cf9717dff07d00C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exeC:\Windows\SysWOW64\ntdll.dll8f2ede2f-030b-11e4-bbb6-c4963e5d421c

Error: (07/04/2014 01:22:38 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Skype.exe6.16.0.10516c401cf9715699baafd22C:\Program Files (x86)\Skype\Phone\Skype.exe

Error: (07/02/2014 00:26:31 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: AutoKMS.exe2.5.0.052ea7aeaKERNELBASE.dll6.1.7601.184095315a05ae0434352000000000000940d64c01cf957b29daf265C:\Windows\AutoKMS\AutoKMS.exeC:\Windows\system32\KERNELBASE.dllbfbf9cd6-016e-11e4-9c31-e1294b0b781f

Error: (07/02/2014 00:26:28 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: AutoKMS.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.Runtime.InteropServices.COMException
Stapel:
   bei ..(System.String, System.String, ., System.String)
   bei ...ctor()
   bei ..(.)
   bei ..()

Error: (07/01/2014 07:14:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: wmpnetwk.exe12.0.7601.175144ce7ae7funknown0.0.0.000000000c0000005000007feff4c00002c801cf94cd26854c4fC:\Program Files\Windows Media Player\wmpnetwk.exeunknown29595983-0143-11e4-be1d-a5d33e678416

Error: (06/30/2014 07:37:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: wmpnetwk.exe12.0.7601.175144ce7ae7funknown0.0.0.000000000c0000005000007feff1c0000117801cf92b979545c4cC:\Program Files\Windows Media Player\wmpnetwk.exeunknown3bce9aaf-007d-11e4-affc-9d6a3e7c9f18


==================== Memory info =========================== 

Percentage of memory in use: 58%
Total physical RAM: 3766.71 MB
Available physical RAM: 1549.72 MB
Total Pagefile: 7531.6 MB
Available Pagefile: 4426.23 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:451.66 GB) (Free:352.66 GB) NTFS
Drive e: (MATHWORKS_R2014A) (CDROM) (Total:7.33 GB) (Free:0 GB) CDFS
Drive f: (SYSTEM RESERVED) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 06ED9DA9)
Partition 1: (Not Active) - (Size=14 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=452 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         

Alt 09.07.2014, 20:03   #2
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
Internet Browser öffnet selbststädnig Tabs und neue Fenster mit Werbung - Standard

Internet Browser öffnet selbststädnig Tabs und neue Fenster mit Werbung





Mein Name ist Jürgen und ich werde Dir bei Deinem Problem behilflich sein. Zusammen schaffen wir das...
  • Bitte arbeite alle Schritte der Reihe nach ab.
  • Lese die Anleitungen sorgfältig durch bevor Du beginnst. Wenn es Probleme gibt oder Du etwas nicht verstehst, dann stoppe mit Deiner Ausführung und beschreibe mir das Problem.
  • Führe bitte nur Scans durch, zu denen Du von mir aufgefordert wurdest.
  • Bitte kein Crossposting (posten in mehreren Foren).
  • Installiere oder deinstalliere während der Bereinigung keine Software, außer Du wurdest dazu aufgefordert.
  • Speichere alle unsere Tools auf dem Desktop ab.
  • Poste die Logfiles direkt in Deinen Thread in Code-Tags.
  • Bedenke, dass wir hier alle während unserer Freizeit tätig sind, wenn du innerhalb von 24 Stunden nichts von mir liest, dann schreibe mir bitte eine PM.

Hinweis:
Ich kann Dir niemals eine Garantie geben, dass wir alle schädlichen Dateien finden werden.
Eine Formatierung ist meist der schnellere und immer der sicherste Weg, aber auch nur bei wirklicher Malware empfehlenswert.
Adware & Co. können wir sehr gut entfernen.
Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis Du mein clean bekommst.



Los geht's:


Schritt 1
Lade Dir bitte Revo Uninstallerhier herunter.
Entpacke die zip-Datei auf den Desktop.
  • Starte die Revouninstaller.exe
  • Klicke auf Optionen und wähle als Sprache Deutsch.
  • Suche im Uninstallerfeld nach den Programmen, die unter:

    diesen Zusatz haben:
  • Wähle die Programme nacheinander aus und klicke jedes Mal auf Uninstall.
  • Wähle anschließend den Modus "Moderat" aus.
  • Reste löschen:
    Klicke auf dann auf und dann auf .
Wenn Du ein Programm nicht deinstallieren kannst, mach mit dem nächsten weiter.
Auch wenn am Ende noch Programme übrig geblieben sind, die den ATTENTION-Zusatz haben, führe den nächsten Schritt aus:


Schritt 2
Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).


Schritt 3
Bitte lade Dir zoek.exe von hier: http://hijackthis.nl/smeenk/
  • Bitte deaktiviere während des Scans den Virenscanner, da dieser Zoek stören könnte.
  • Starte die zoek.exe mit einem Doppelklick.
  • Achtung: Das folgende Skript wurde nur für diesen speziellen Fall geschrieben und sollte nicht 1:1 auf andere Computer übernommen werden.
  • Kopiere den Text der folgenden Box in das Skriptfenster von zoek:
    Code:
    ATTFilter
    FFdefaults;
    CHRdefaults;
    iedefaults;
    emptyclsid;
    autoclean;
             
  • Nun klicke auf "Run script" und sei geduldig bis das Skript durchgelaufen ist.
  • Wenn das Tool fertig ist, wird sich eine Logdatei öffnen (ggf. erst nach einem Neustart). Das Log befindet sich aber auch noch unter c:
  • Bitte poste mir das ZOEK-Log (möglichst in CODE-Tags - #-Symbol im Antwortfenster klicken)

Schritt 4



Bitte starte FRST erneut, markiere auch die checkbox und drücke auf Scan.
Bitte poste mir den Inhalt der beiden Logs die erstellt werden.
__________________

__________________

Alt 09.07.2014, 21:42   #3
bauerph
 
Internet Browser öffnet selbststädnig Tabs und neue Fenster mit Werbung - Standard

Internet Browser öffnet selbststädnig Tabs und neue Fenster mit Werbung



Hallo Jürgen. Das ging aber schnell. Danke für die zügige Antwort :-)

Hier die Log vom Adw-Cleaner
Code:
ATTFilter
# AdwCleaner v3.215 - Bericht erstellt am 09/07/2014 um 20:34:39
# Aktualisiert 09/07/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Philipp - PHILIPP-PC
# Gestartet von : C:\Users\Philipp\Desktop\adwcleaner_3.215.exe
# Option : Löschen

***** [ Dienste ] *****

[#] Dienst Gelöscht : F06DEFF2-5B9C-490D-910F-35D3A9119622
[#] Dienst Gelöscht : globalUpdate
[#] Dienst Gelöscht : globalUpdatem
[#] Dienst Gelöscht : SystemkService

***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\SearchProtect
Ordner Gelöscht : C:\Program Files (x86)\globalUpdate
Ordner Gelöscht : C:\Program Files (x86)\Iminent
Ordner Gelöscht : C:\Program Files (x86)\predm
Ordner Gelöscht : C:\Program Files (x86)\Settings Manager
Ordner Gelöscht : C:\Users\Philipp\AppData\Local\Genesis
Ordner Gelöscht : C:\Users\Philipp\AppData\Local\globalUpdate
Ordner Gelöscht : C:\Users\Philipp\AppData\Local\Linkey
Ordner Gelöscht : C:\Users\Philipp\AppData\Local\Temp\hotspot shield
Ordner Gelöscht : C:\Users\Philipp\AppData\Local\Temp\OCS
Ordner Gelöscht : C:\Users\Philipp\AppData\Roaming\Activeris
Ordner Gelöscht : C:\Users\Philipp\AppData\Roaming\VOPackage
Ordner Gelöscht : C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage
Ordner Gelöscht : C:\Users\Philipp\Documents\Optimizer Pro
Datei Gelöscht : C:\Windows\SysWOW64\installd.exe
Datei Gelöscht : C:\Users\Philipp\AppData\Roaming\Uninstall.exe
Datei Gelöscht : C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
Datei Gelöscht : C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
Datei Gelöscht : C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
Datei Gelöscht : C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore
Datei Gelöscht : C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job
Datei Gelöscht : C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA

***** [ Verknüpfungen ] *****

Verknüpfung Desinfiziert : C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Verknüpfung Desinfiziert : C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Verknüpfung Desinfiziert : C:\Users\Philipp\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Verknüpfung Desinfiziert : C:\Users\Philipp\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk

***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\ActiverisAntiMalware_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\ActiverisAntiMalware_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\NewPlayer_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\NewPlayer_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\WajamInternetEnhancer_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\WajamInternetEnhancer_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
Schlüssel Gelöscht : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
Wert Gelöscht : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x64]
Wert Gelöscht : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x86]
Wert Gelöscht : HKLM\SYSTEM\ControlSet002\Control\Session Manager\AppCertDlls [x64]
Wert Gelöscht : HKLM\SYSTEM\ControlSet002\Control\Session Manager\AppCertDlls [x86]
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Schlüssel Gelöscht : HKCU\Software\AnyProtect
Schlüssel Gelöscht : HKCU\Software\genesis
Schlüssel Gelöscht : HKCU\Software\Linkey
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\TutoTag
Schlüssel Gelöscht : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Schlüssel Gelöscht : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Schlüssel Gelöscht : HKLM\Software\Tutorials
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Linkey
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VOPackage
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dprotectsvc.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jumpflip
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchinstaller.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotector.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings64.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\umbrella.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utiljumpflip.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\volaro
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vonteera
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroids.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroidsservice.exe

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17126

Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]

-\\ Google Chrome v35.0.1916.153

[ Datei : C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Gelöscht [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1400254823&from=tugs&uid=WDCXWD5000BPVT-22HXZT1_WD-WXQ1AB0T4199T4199&q={searchTerms}
Gelöscht [Search Provider] : hxxp://www.default-search.net/search?sid=503&aid=101&itype=n&ver=13001&tm=394&src=ds&p={searchTerms}
Gelöscht [Search Provider] : hxxp://www.default-search.net/search?sid=503&aid=101&itype=n&ver=13001&tm=394&src=ds&p={searchTerms}
Gelöscht [Startup_urls] : hxxp://www.default-search.net?sid=503&aid=101&itype=n&ver=13001&tm=394&src=hmp

*************************

AdwCleaner[R0].txt - [9975 octets] - [09/07/2014 20:33:23]
AdwCleaner[S0].txt - [8684 octets] - [09/07/2014 20:34:39]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [8744 octets] ##########
         
Hier die log von zoek
Code:
ATTFilter
Zoek.exe v5.0.0.0 Updated 05-July-2014
Tool run by Philipp on 09.07.2014 at 20:45:47,32.
Microsoft Windows 7 Home Premium  6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Philipp\AppData\Local\Temp\Rar$EX00.195\zoek.exe [Scan all users] [Script inserted] 

==== System Restore Info ======================

09.07.2014 20:47:29 Zoek.exe System Restore Point Created Succesfully.

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3379497200-3633149747-2736143602-1001\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2503} deleted successfully
HKEY_USERS\S-1-5-21-3379497200-3633149747-2736143602-1001\Software\Microsoft\Internet Explorer\SearchScopes\{B6217394-1A8D-40E4-8676-D0FC74CD60E0} deleted successfully
HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== Deleting Files \ Folders ======================

C:\Users\Philipp\.android deleted
C:\PROGRA~2\COMMON~1\Config\uninstinethnfd.exe deleted
C:\PROGRA~2\Wondershare deleted
C:\found.000 deleted
C:\Users\Philipp\AppData\Roaming\Wondershare deleted
C:\Users\Philipp\AppData\Local\nsv5275.tmp deleted
C:\Users\Philipp\AppData\Local\Wondershare deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare deleted
C:\Users\Philipp\Searches deleted
C:\Windows\SysNative\config\systemprofile\Searches deleted
C:\Users\Philipp\AppData\Roaming\unwrapped.exe deleted
"C:\Windows\Installer\3bb2ae4.msi" deleted
"C:\PROGRA~2\COMMON~1\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll" deleted
"C:\PROGRA~2\COMMON~1\Wondershare\Wondershare Helper Compact\CBSProducstInfo.dll" deleted
"C:\PROGRA~2\COMMON~1\Wondershare\Wondershare Helper Compact\DAQExp.dll" deleted
"C:\PROGRA~2\COMMON~1\Wondershare\Wondershare Helper Compact\WSHelper.exe" deleted
"C:\PROGRA~2\COMMON~1\Wondershare" deleted
"C:\PROGRA~2\COMMON~1\Wondershare\Wondershare Helper Compact" deleted

==== Chrome Look ======================


==== Chrome Fix ======================

C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage deleted successfully
C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage-journal deleted successfully
C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_malwarebytes-anti-malware.softonic.de_0.localstorage deleted successfully
C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_malwarebytes-anti-malware.softonic.de_0.localstorage-journal deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="hxxp://de.msn.com/?pc=UP97&ocid=UP97DHP"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Search Page"="hxxp://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Search Page"="hxxp://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="hxxp://de.msn.com/?pc=UP97&ocid=UP97DHP"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Search Page"="hxxp://go.microsoft.com/fwlink/?LinkId=54896"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Search Page"="hxxp://go.microsoft.com/fwlink/?LinkId=54896"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google  Url="hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== Reset Google Chrome ======================

C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F60730A4A66673047777F5728467D401 deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4A03706F-666A-4037-7777-5F2748764D10} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\F60730A4A66673047777F5728467D401 deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Philipp\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Philipp\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Philipp\AppData\Local\Temp\acrord32_sbx\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

No Flash Cache Found

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================


==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Philipp\AppData\Local\Temp will be emptied at reboot
C:\Users\UpdatusUser\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Philipp\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on 09.07.2014 at 21:17:01,85 ======================
         
Hier die FRST log

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-07-2014
Ran by Philipp (administrator) on PHILIPP-PC on 09-07-2014 21:32:36
Running from C:\Users\Philipp\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Internet Security 2014\psksvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Internet Security 2014\TPSrvWow.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Panda Security) C:\Program Files (x86)\Panda Security\Panda Internet Security 2014\WebProxy.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
(Nero AG) C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Internet Security 2014\PsCtrlS.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Internet Security 2014\PavFnSvr.exe
(Panda Security, S.L.) C:\Program Files (x86)\Common Files\Panda Security\PavShld\PavPrSrv.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Internet Security 2014\pavsrvx86.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Internet Security 2014\AVENGINE.EXE
(Panda Security International) C:\Program Files (x86)\Panda Security\Panda Internet Security 2014\FIREWALL\PSHost.exe
(Panda Security S.L.) C:\Program Files (x86)\Panda Security\Panda Internet Security 2014\PsImSvc.exe
() C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 4630 series\Bin\ScanToPCActivationApp.exe
(Spotify Ltd) C:\Users\Philipp\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
() C:\Users\Philipp\AppData\Local\Genesis_07021837\Genesis_07021837.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Internet Security 2014\ApVxdWin.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Internet Security 2014\SrvLoad.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Internet Security 2014\PavBckPT.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1890088 2009-12-10] (Synaptics Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [707472 2014-03-12] (Cisco Systems, Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [189480 2014-02-06] (Geek Software GmbH)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [t4pc_en_3] => [X]
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2014-04-03] (DivX, LLC)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] ()
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [832272 2014-06-23] (BlueStack Systems, Inc.)
HKLM-x32\...\Run: [APVXDWIN] => C:\Program Files (x86)\Panda Security\Panda Internet Security 2014\APVXDWIN.EXE [1062880 2013-09-30] (Panda Security, S.L.)
HKLM-x32\...\Run: [SCANINICIO] => C:\Program Files (x86)\Panda Security\Panda Internet Security 2014\Inicio.exe [71648 2013-09-30] (Panda Security, S.L.)
HKLM\...\Winlogon: [Userinit] C:\Windows\SysWOW64\userinit.exe,
Winlogon\Notify\avldr: C:\Windows\SYSTEM32\avldr64.dll (On-Access Anti-Malware Scanner Sync)
Winlogon\Notify\igfxcui: C:\Windows\SYSTEM32\igfxdev.dll (Intel Corporation)
HKU\.DEFAULT\...\RunOnce: [SPReview] - C:\Windows\System32\SPReview\SPReview.exe [301568 2014-04-28] (Microsoft Corporation)
HKU\S-1-5-21-3379497200-3633149747-2736143602-1001\...\Run: [HP Officejet 4630 series (NET)] => C:\Program Files\HP\HP Officejet 4630 series\Bin\ScanToPCActivationApp.exe [3421216 2013-08-13] (Hewlett-Packard Co.)
HKU\S-1-5-21-3379497200-3633149747-2736143602-1001\...\Run: [Spotify] => C:\Users\Philipp\AppData\Roaming\Spotify\Spotify.exe [6162488 2014-07-09] (Spotify Ltd)
HKU\S-1-5-21-3379497200-3633149747-2736143602-1001\...\Run: [Spotify Web Helper] => C:\Users\Philipp\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1178168 2014-07-09] (Spotify Ltd)
HKU\S-1-5-21-3379497200-3633149747-2736143602-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-3379497200-3633149747-2736143602-1001\...\Run: [genesis_07021837] => c:\users\philipp\appdata\local\genesis_07021837\genesis_07021837.exe [3227648 2014-07-02] ()
HKU\S-1-5-21-3379497200-3633149747-2736143602-1001\...\Run: [GoogleChromeAutoLaunch_5760F31D5B4387C1CCD75B272A389EB7] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [860488 2014-06-05] (Google Inc.)
HKU\S-1-5-21-3379497200-3633149747-2736143602-1001\...\MountPoints2: G - G:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-3379497200-3633149747-2736143602-1001\...\MountPoints2: {861917ce-feac-11e3-affc-9d6a3e7c9f18} - E:\setup.exe
Startup: C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\genesis_07021837.lnk
ShortcutTarget: genesis_07021837.lnk -> C:\Users\Philipp\AppData\Local\Genesis_07021837\Genesis_07021837.exe ()
ShellIconOverlayIdentifiers:  SkyDrivePro1 (ErrorConflict) -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers:  SkyDrivePro2 (SyncInProgress) -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers:  SkyDrivePro3 (InSync) -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32:  SkyDrivePro1 (ErrorConflict) -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32:  SkyDrivePro2 (SyncInProgress) -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32:  SkyDrivePro3 (InSync) -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.msn.com/?pc=UP97&ocid=UP97DHP
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x83DD87649D61CF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)

Chrome: 
=======
CHR Extension: (Google Docs) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-07-06]
CHR Extension: (Google Drive) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-07-06]
CHR Extension: (YouTube) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-07-06]
CHR Extension: (Google-Suche) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-07-06]
CHR Extension: (Google Wallet) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-07-06]
CHR Extension: (Google Mail) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-07-06]

==================== Services (Whitelisted) =================

S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [406288 2014-06-23] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [385808 2014-06-23] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [774928 2014-06-23] (BlueStack Systems, Inc.)
R2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2014-04-02] (Nero AG)
R2 Panda Software Controller; C:\Program Files (x86)\Panda Security\Panda Internet Security 2014\PsCtrls.exe [177440 2012-11-19] (Panda Security, S.L.)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] () [File not signed]
R2 PAVFNSVR; C:\Program Files (x86)\Panda Security\Panda Internet Security 2014\PavFnSvr.exe [202016 2012-09-21] (Panda Security, S.L.)
R2 PavPrSrv; C:\Program Files (x86)\Common Files\Panda Security\PavShld\pavprsrv.exe [62768 2008-02-04] (Panda Security, S.L.)
R2 PAVSRV; C:\Program Files (x86)\Panda Security\Panda Internet Security 2014\pavsrvx86.exe [313664 2011-04-13] (Panda Security, S.L.)
R2 PSHost; c:\program files (x86)\panda security\panda internet security 2014\firewall\PSHOST.EXE [226560 2009-11-26] (Panda Security International)
R2 PSIMSVC; C:\Program Files (x86)\Panda Security\Panda Internet Security 2014\PsImSvc.exe [108288 2008-06-19] (Panda Security S.L.)
R2 PskSvcRetail; C:\Program Files (x86)\Panda Security\Panda Internet Security 2014\PskSvc.exe [28992 2010-08-16] (Panda Security, S.L.)
R2 TPSrv; C:\Program Files (x86)\Panda Security\Panda Internet Security 2014\TPSrvWow.exe [173816 2014-02-25] (Panda Security, S.L.)

==================== Drivers (Whitelisted) ====================

R2 AmFSM; C:\Windows\System32\DRIVERS\amm6460.sys [71432 2012-03-26] (Panda Security, S.L.)
R2 APPFLT; C:\Windows\system32\Drivers\APPFLT64.SYS [129096 2011-01-31] (Panda Security, S.L.)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [123152 2014-06-23] (BlueStack Systems)
R2 ComFiltr; C:\Windows\system32\DRIVERS\COMFiltr.sys [15928 2014-07-04] ()
R2 DSAFLT; C:\Windows\system32\Drivers\DSAFLT64.SYS [82952 2009-09-25] (Panda Security, S.L.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-06-30] (Disc Soft Ltd)
R2 FNETMON; C:\Windows\system32\Drivers\fnetm64.SYS [31752 2009-09-25] (Panda Security, S.L.)
S3 HtcVCom32; C:\Windows\System32\DRIVERS\HtcVComV64.sys [121800 2010-03-09] (QUALCOMM Incorporated)
R2 IDSFLT; C:\Windows\system32\Drivers\IDSFLT64.SYS [78920 2010-09-09] (Panda Security, S.L.)
R2 NETFLTDI; C:\Windows\system32\Drivers\NETTDI64.SYS [170504 2009-09-25] (Panda Security, S.L.)
R3 NETIMFLT01060044; C:\Windows\System32\DRIVERS\n64i1644.sys [216648 2010-09-01] (Panda Security, S.L.)
R0 pavboot; C:\Windows\System32\Drivers\pavboot64.sys [30792 2010-06-22] (Panda Security, S.L.)
R1 ShldFlt; C:\Windows\System32\DRIVERS\ShldFlt.sys [48136 2009-10-27] (Panda Security, S.L.)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2014-05-17] (Anchorfree Inc.)
S3 vpnva; C:\Windows\System32\DRIVERS\vpnva64-6.sys [52592 2014-03-12] (Cisco Systems, Inc.)
R2 WNMFLT; C:\Windows\system32\Drivers\WNMFLT64.SYS [74760 2009-09-25] (Panda Security, S.L.)
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
R3 PavTPK.sys; \??\C:\Windows\system32\PavTPK.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-07-09 21:32 - 2014-07-09 21:33 - 00018175 _____ () C:\Users\Philipp\Desktop\FRST.txt
2014-07-09 21:31 - 2014-07-09 21:32 - 00000000 ___HD () C:\Windows\AxInstSV
2014-07-09 21:16 - 2014-07-09 21:16 - 00000000 ____D () C:\Users\Philipp\.android
2014-07-09 21:09 - 2014-07-09 20:44 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-07-09 20:46 - 2014-07-09 21:17 - 00007646 _____ () C:\zoek-results.log
2014-07-09 20:46 - 2014-05-21 08:36 - 01285120 _____ () C:\Users\Philipp\Desktop\zoek.exe
2014-07-09 20:44 - 2014-07-09 21:06 - 00000000 ____D () C:\zoek_backup
2014-07-09 20:41 - 2014-07-09 20:42 - 04095664 _____ () C:\Users\Philipp\Desktop\zoek.zip
2014-07-09 20:33 - 2014-07-09 20:34 - 00000000 ____D () C:\AdwCleaner
2014-07-09 20:33 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-07-09 20:31 - 2014-07-09 20:31 - 01348263 _____ () C:\Users\Philipp\Desktop\adwcleaner_3.215.exe
2014-07-09 20:19 - 2014-07-09 20:20 - 00000000 ____D () C:\Users\Philipp\Desktop\revouninstaller-portable
2014-07-09 20:19 - 2014-07-09 20:19 - 03007700 _____ () C:\Users\Philipp\Downloads\revouninstaller.zip
2014-07-09 19:37 - 2014-07-09 21:32 - 00000000 ____D () C:\FRST
2014-07-09 19:36 - 2014-07-09 19:36 - 02084352 _____ (Farbar) C:\Users\Philipp\Desktop\FRST64.exe
2014-07-09 18:49 - 2014-07-09 18:49 - 00001061 _____ () C:\Users\Philipp\Desktop\Free PDF to Word Doc Converter.lnk
2014-07-09 18:49 - 2014-07-09 18:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free PDF to Word Doc Converter
2014-07-09 18:49 - 2014-07-09 18:49 - 00000000 ____D () C:\Program Files (x86)\Free PDF to Word Doc Converter
2014-07-09 18:48 - 2014-07-09 18:48 - 01128916 _____ (www.hellopdf.com ) C:\Users\Philipp\Downloads\pdf2wordsetup11.exe
2014-07-09 12:01 - 2014-07-09 21:16 - 00003758 _____ () C:\Windows\System32\Tasks\AutoKMS
2014-07-07 14:13 - 2014-07-07 14:13 - 00287750 _____ ( ) C:\Users\Philipp\Desktop\VOPackage.exe
2014-07-07 14:12 - 2014-07-07 14:12 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-07 14:11 - 2014-07-07 14:11 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Philipp\Desktop\mbam-setup-2-0-2-1012.exe
2014-07-06 21:03 - 2014-07-09 21:16 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-06 21:03 - 2014-07-09 21:08 - 00001112 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-06 21:03 - 2014-07-06 21:03 - 00004108 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-07-06 21:03 - 2014-07-06 21:03 - 00003856 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-07-06 21:03 - 2014-07-06 21:03 - 00002255 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-07-06 21:03 - 2014-07-06 21:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-07-06 21:02 - 2014-07-06 21:02 - 00000000 ____D () C:\Users\Philipp\AppData\Local\Deployment
2014-07-06 21:02 - 2014-07-06 21:02 - 00000000 ____D () C:\Users\Philipp\AppData\Local\Apps\2.0
2014-07-04 16:42 - 2014-07-09 21:18 - 00000056 _____ () C:\Windows\system32\Drivers\etc\WnmFlt.cfg.bck
2014-07-04 16:42 - 2014-07-09 21:18 - 00000056 _____ () C:\Windows\system32\Drivers\etc\WnmFlt.cfg
2014-07-04 15:59 - 2014-07-09 21:18 - 00000252 _____ () C:\Windows\system32\Drivers\etc\IdsFlt.cfg.bck
2014-07-04 15:59 - 2014-07-09 21:18 - 00000252 _____ () C:\Windows\system32\Drivers\etc\IdsFlt.cfg
2014-07-04 15:59 - 2014-07-09 21:18 - 00000080 _____ () C:\Windows\system32\Drivers\etc\NetLoc.wlt.bck
2014-07-04 15:59 - 2014-07-09 21:18 - 00000080 _____ () C:\Windows\system32\Drivers\etc\NetLoc.wlt
2014-07-04 15:59 - 2014-07-09 21:18 - 00000056 _____ () C:\Windows\system32\Drivers\etc\DsaFlt.cfg.bck
2014-07-04 15:59 - 2014-07-09 21:18 - 00000056 _____ () C:\Windows\system32\Drivers\etc\DsaFlt.cfg
2014-07-04 15:57 - 2014-07-09 21:18 - 00000068 _____ () C:\Windows\system32\Drivers\etc\NetFlt.cfg.bck
2014-07-04 15:57 - 2014-07-09 21:18 - 00000068 _____ () C:\Windows\system32\Drivers\etc\NetFlt.cfg
2014-07-04 15:57 - 2014-07-09 21:15 - 00000136 _____ () C:\Windows\system32\Drivers\etc\NetAdapt.cfg.bck
2014-07-04 15:57 - 2014-07-09 21:15 - 00000136 _____ () C:\Windows\system32\Drivers\etc\NetAdapt.cfg
2014-07-04 15:57 - 2014-07-09 21:15 - 00000064 _____ () C:\Windows\system32\Drivers\etc\NetAR.wlt.bck
2014-07-04 15:57 - 2014-07-09 21:15 - 00000064 _____ () C:\Windows\system32\Drivers\etc\NetAR.wlt
2014-07-04 15:54 - 2014-07-04 15:54 - 00015928 _____ () C:\Windows\system32\Drivers\COMFiltr.sys
2014-07-04 15:54 - 2014-07-04 15:54 - 00000000 ____D () C:\Users\Philipp\AppData\Local\Panda Security
2014-07-04 15:53 - 2014-07-09 21:18 - 00282752 _____ () C:\Windows\system32\Drivers\APPFCONT.DAT.bck
2014-07-04 15:53 - 2014-07-09 21:18 - 00282752 _____ () C:\Windows\system32\Drivers\APPFCONT.DAT
2014-07-04 15:53 - 2014-07-09 21:18 - 00001132 _____ () C:\Windows\system32\Drivers\APPFLTR.CFG.bck
2014-07-04 15:53 - 2014-07-09 21:18 - 00001132 _____ () C:\Windows\system32\Drivers\APPFLTR.CFG
2014-07-04 15:53 - 2014-07-09 20:42 - 00303044 _____ () C:\Windows\system32\Drivers\etc\DsaFlt.rls.bck
2014-07-04 15:53 - 2014-07-09 20:42 - 00303044 _____ () C:\Windows\system32\Drivers\etc\DsaFlt.rls
2014-07-04 15:53 - 2014-07-04 15:53 - 00002536 _____ () C:\Users\Public\Desktop\Remote-Zugriff installieren.lnk
2014-07-04 15:53 - 2014-07-04 15:53 - 00002255 _____ () C:\Users\Public\Desktop\Panda Internet Security 2014.lnk
2014-07-04 15:53 - 2014-07-04 15:53 - 00000274 _____ () C:\Windows\system32\PavCPL64.dat
2014-07-04 15:53 - 2014-07-04 15:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Security
2014-07-04 15:53 - 2011-01-31 16:41 - 00129096 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\APPFLT64.SYS
2014-07-04 15:53 - 2010-09-09 16:23 - 00078920 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\idsflt64.sys
2014-07-04 15:53 - 2010-06-22 18:20 - 00030792 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\pavboot64.sys
2014-07-04 15:53 - 2009-09-25 14:54 - 00170504 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\NETTDI64.SYS
2014-07-04 15:53 - 2009-09-25 14:54 - 00082952 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\dsaflt64.sys
2014-07-04 15:53 - 2009-09-25 14:54 - 00074760 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\wnmflt64.sys
2014-07-04 15:53 - 2009-09-25 14:54 - 00031752 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\fnetm64.sys
2014-07-04 15:52 - 2014-07-04 15:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Internet Security 2014
2014-07-04 15:52 - 2007-03-15 19:38 - 00046640 _____ (Panda Software) C:\Windows\system32\pavcpl64.cpl
2014-07-04 15:51 - 2014-07-04 15:53 - 00000000 ____D () C:\Program Files (x86)\Panda Security
2014-07-04 15:51 - 2014-07-04 15:51 - 00000000 ____D () C:\Windows\SysWOW64\PAV
2014-07-04 15:51 - 2014-07-04 15:51 - 00000000 ____D () C:\Users\Philipp\AppData\Roaming\Panda Security
2014-07-04 15:51 - 2014-07-04 15:51 - 00000000 ____D () C:\ProgramData\Panda Security
2014-07-04 15:51 - 2014-03-20 11:29 - 00120056 _____ (Panda Security, S.L.) C:\Windows\system32\PavLspHook64.dll
2014-07-04 15:51 - 2014-03-20 11:29 - 00089336 _____ (Panda Security, S.L.) C:\Windows\SysWOW64\PavLspHookWow.dll
2014-07-04 15:51 - 2014-02-25 12:59 - 00838392 _____ (Panda Security, S.L.) C:\Windows\system32\PavSHook64.dll
2014-07-04 15:51 - 2014-02-25 12:59 - 00545528 _____ (Panda Security, S.L.) C:\Windows\SysWOW64\PavSHookWow.dll
2014-07-04 15:51 - 2014-02-25 12:59 - 00269560 _____ (Panda Security, S.L.) C:\Windows\system32\sysHelper64.dll
2014-07-04 15:51 - 2014-02-25 12:59 - 00213752 _____ (Panda Security, S.L.) C:\Windows\SysWOW64\sysHelper32.dll
2014-07-04 15:51 - 2012-03-26 18:57 - 00071432 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\amm6460.sys
2014-07-04 15:51 - 2010-09-01 11:09 - 00216648 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\n64i1644.sys
2014-07-04 15:51 - 2010-06-21 17:02 - 00323392 _____ (Panda Security, S.L.) C:\Windows\system32\TpUtil64.dll
2014-07-04 15:51 - 2010-06-21 17:02 - 00202048 _____ (Panda Security, S.L.) C:\Windows\SysWOW64\TpUtilWow.dll
2014-07-04 15:51 - 2010-06-21 17:01 - 00090944 _____ (Panda Security, S.L.) C:\Windows\system32\PavIpc64.dll
2014-07-04 15:51 - 2010-06-21 17:01 - 00066880 _____ (Panda Security, S.L.) C:\Windows\SysWOW64\PavIpcWow.dll
2014-07-04 15:51 - 2010-03-24 12:56 - 00064768 _____ (On-Access Anti-Malware Scanner Sync) C:\Windows\system32\avldr64.dll
2014-07-04 15:51 - 2009-10-27 12:07 - 00048136 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\ShldFlt.sys
2014-07-04 15:51 - 2003-10-22 18:23 - 00446464 _____ (eHelp Corporation.) C:\Windows\SysWOW64\HHActiveX.dll
2014-07-04 15:43 - 2014-07-04 15:44 - 01042952 _____ () C:\Users\Philipp\Downloads\PANDAIS14.exe
2014-07-04 15:09 - 2014-07-04 15:09 - 00262144 _____ () C:\Windows\system32\config\elam
2014-07-04 14:37 - 2014-07-04 14:40 - 233068656 _____ () C:\Users\Philipp\Downloads\kav14.0.0.4651de-de.exe
2014-07-04 13:57 - 2014-07-04 13:57 - 00000687 _____ () C:\awh2B34.tmp
2014-07-04 01:37 - 2014-07-04 01:37 - 07787136 _____ () C:\Users\Philipp\Downloads\HSS-3.42-install-e-550-plain.exe
2014-07-04 01:21 - 2014-07-04 01:21 - 00000000 ____D () C:\Users\Philipp\AppData\Local\Skype
2014-07-04 01:20 - 2014-07-04 01:52 - 00000000 ____D () C:\Users\Philipp\AppData\Roaming\Skype
2014-07-04 01:20 - 2014-07-04 01:52 - 00000000 ____D () C:\ProgramData\Skype
2014-07-04 01:18 - 2014-07-04 01:19 - 01677440 _____ (Skype Technologies S.A.) C:\Users\Philipp\Downloads\SkypeSetup.exe
2014-07-03 12:53 - 2014-07-03 12:53 - 00000687 _____ () C:\awh275D.tmp
2014-07-02 21:38 - 2014-07-02 21:38 - 00000687 _____ () C:\awh119C.tmp
2014-07-02 20:37 - 2014-07-09 21:33 - 00000000 ____D () C:\Users\Philipp\AppData\Local\Genesis_07021837
2014-07-02 20:37 - 2014-07-04 15:22 - 00000000 ____D () C:\Users\Philipp\AppData\Local\24223
2014-07-02 15:10 - 2014-07-02 15:10 - 00911360 _____ () C:\Users\Philipp\Downloads\energy-2.ppt
2014-07-02 00:07 - 2014-07-02 00:07 - 00000000 ____D () C:\Users\Philipp\AppData\Roaming\Subversion
2014-07-02 00:06 - 2014-07-02 00:06 - 00000000 ____D () C:\Users\Philipp\AppData\Roaming\MathWorks
2014-07-02 00:06 - 2014-07-02 00:06 - 00000000 ____D () C:\Users\Philipp\AppData\Local\MathWorks
2014-07-02 00:02 - 2014-07-02 00:02 - 00001303 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MATLAB R2014a.lnk
2014-07-02 00:02 - 2014-07-02 00:02 - 00001291 _____ () C:\Users\Public\Desktop\MATLAB R2014a.lnk
2014-07-02 00:02 - 2014-07-02 00:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MATLAB
2014-07-02 00:01 - 2014-07-02 00:01 - 00000000 ____D () C:\ProgramData\MathWorks
2014-07-01 23:29 - 2014-07-01 23:29 - 00000000 ____D () C:\Program Files\MATLAB
2014-07-01 21:45 - 2014-07-02 00:13 - 00000000 ____D () C:\Users\Philipp\Documents\Matlab
2014-07-01 03:00 - 2014-07-01 03:00 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help
2014-07-01 03:00 - 2014-07-01 03:00 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help
2014-06-30 19:17 - 2014-06-30 19:17 - 00002839 _____ () C:\Users\Philipp\Desktop\OneNote 2013.lnk
2014-06-30 19:17 - 2014-06-30 19:01 - 00002959 _____ () C:\Users\Philipp\Desktop\Lync 2013.lnk
2014-06-30 19:17 - 2014-06-30 19:01 - 00002937 _____ () C:\Users\Philipp\Desktop\Publisher 2013.lnk
2014-06-30 19:15 - 2014-06-30 19:01 - 00002937 _____ () C:\Users\Philipp\Desktop\PowerPoint 2013.lnk
2014-06-30 19:15 - 2014-06-30 19:01 - 00002864 _____ () C:\Users\Philipp\Desktop\Outlook 2013.lnk
2014-06-30 19:15 - 2014-06-30 19:01 - 00002829 _____ () C:\Users\Philipp\Desktop\Access 2013.lnk
2014-06-30 19:14 - 2014-06-30 19:01 - 00003037 _____ () C:\Users\Philipp\Desktop\Excel 2013.lnk
2014-06-30 19:13 - 2014-06-30 19:13 - 00003015 _____ () C:\Users\Philipp\Desktop\Word 2013.lnk
2014-06-30 19:09 - 2014-07-01 03:35 - 00000000 ____D () C:\Windows\AutoKMS
2014-06-30 19:08 - 2014-06-30 19:08 - 00000000 ____D () C:\ProgramData\Microsoft Toolkit
2014-06-30 19:02 - 2014-06-30 19:02 - 00000000 ____D () C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2014-06-30 19:01 - 2014-07-01 03:16 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-06-30 19:01 - 2014-06-30 19:01 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-06-30 19:00 - 2014-06-30 19:00 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-30 19:00 - 2014-06-30 19:00 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server
2014-06-30 18:59 - 2014-06-30 19:00 - 00000000 ____D () C:\Program Files\Microsoft SQL Server
2014-06-30 18:59 - 2014-06-30 18:59 - 00000000 ____D () C:\Windows\PCHEALTH
2014-06-30 18:57 - 2014-06-30 18:57 - 00000000 ____D () C:\Users\Philipp\AppData\Local\Microsoft Help
2014-06-30 18:57 - 2014-06-30 18:57 - 00000000 ____D () C:\Program Files\Microsoft Analysis Services
2014-06-30 18:57 - 2014-06-30 18:57 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-06-30 18:57 - 2014-06-30 18:57 - 00000000 ____D () C:\Program Files (x86)\Microsoft Analysis Services
2014-06-30 18:56 - 2014-07-01 03:16 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-06-30 18:56 - 2014-06-30 18:59 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-06-30 18:55 - 2014-06-30 18:55 - 00000000 __RHD () C:\MSOCache
2014-06-30 18:51 - 2014-06-30 18:51 - 00000000 ____D () C:\Users\Philipp\AppData\Roaming\TuneUp Software
2014-06-30 18:51 - 2014-06-30 18:51 - 00000000 ____D () C:\Users\Philipp\AppData\Local\TuneUp Software
2014-06-30 18:49 - 2014-06-30 18:52 - 00000000 ____D () C:\ProgramData\TuneUp Software
2014-06-30 18:49 - 2014-06-30 18:49 - 00001958 _____ () C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2014-06-30 18:49 - 2014-06-30 18:49 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-06-30 18:46 - 2014-06-30 18:52 - 00000000 ____D () C:\Users\Philipp\AppData\Roaming\DAEMON Tools Lite
2014-06-30 18:46 - 2014-06-30 18:52 - 00000000 ____D () C:\ProgramData\DAEMON Tools Lite
2014-06-30 18:46 - 2014-06-30 18:46 - 00283064 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtsoftbus01.sys
2014-06-30 18:46 - 2014-06-30 18:46 - 00000000 ____D () C:\Program Files (x86)\DAEMON Tools Lite
2014-06-30 18:39 - 2014-06-30 18:40 - 00000000 ____D () C:\Users\Philipp\Documents\Office
2014-06-27 11:06 - 2014-07-09 21:31 - 00000000 ____D () C:\Users\Philipp\AppData\Roaming\Spotify
2014-06-27 11:06 - 2014-07-07 23:03 - 00000000 ____D () C:\Users\Philipp\AppData\Local\Spotify
2014-06-27 11:06 - 2014-06-27 11:06 - 00126112 _____ (Spotify Ltd) C:\Users\Philipp\Downloads\SpotifySetup.exe
2014-06-27 11:06 - 2014-06-27 11:06 - 00001821 _____ () C:\Users\Philipp\Desktop\Spotify.lnk
2014-06-27 11:06 - 2014-06-27 11:06 - 00001807 _____ () C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2014-06-26 09:43 - 2014-06-26 09:43 - 25755856 _____ (Microsoft Corporation) C:\Users\Philipp\Downloads\wordview_de-de.exe
2014-06-26 09:43 - 2014-06-26 09:43 - 00000000 ____D () C:\Program Files (x86)\MSECache
2014-06-25 20:39 - 2014-06-25 20:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks
2014-06-25 20:39 - 2014-06-25 20:39 - 00000000 ____D () C:\ProgramData\BlueStacks
2014-06-25 20:39 - 2014-06-25 20:39 - 00000000 ____D () C:\Program Files (x86)\BlueStacks
2014-06-25 20:38 - 2014-06-25 20:45 - 00000000 ____D () C:\ProgramData\BlueStacksSetup
2014-06-25 20:38 - 2014-06-25 20:38 - 00000000 ____D () C:\Users\Philipp\AppData\Local\Bluestacks
2014-06-25 20:37 - 2014-06-25 20:38 - 12851944 _____ (BlueStack Systems Inc.) C:\Users\Philipp\Downloads\BlueStacks-SplitInstaller_native_c.exe
2014-06-25 01:04 - 2014-06-25 01:04 - 00000075 _____ () C:\Users\Philipp\Downloads\Downloads.rar
2014-06-22 17:50 - 2014-06-06 11:53 - 00096328 _____ (Wondershare Software) C:\Windows\system32\WSMonEditor.dll
2014-06-22 17:49 - 2014-06-22 17:49 - 00000000 ____D () C:\ProgramData\PDFEditor
2014-06-22 17:48 - 2014-06-22 17:53 - 00000000 ____D () C:\Users\Public\Documents\Wondershare
2014-06-22 17:48 - 2014-06-22 17:48 - 00710144 _____ (Wondershare) C:\Users\Philipp\Downloads\pdf-editor_setup_full1155.exe
2014-06-19 09:57 - 2014-06-19 09:57 - 00000897 _____ () C:\Users\Philipp\Documents\Kosten.txt
2014-06-16 09:17 - 2014-05-28 16:47 - 15642623 _____ () C:\Users\Philipp\Documents\DmathsAddon.oxt
2014-06-15 19:45 - 2014-06-15 19:45 - 00286734 _____ () C:\Windows\msxml4-KB973688-enu.LOG
2014-06-15 19:45 - 2014-06-15 19:45 - 00000000 ____D () C:\Program Files (x86)\MSXML 4.0
2014-06-15 19:44 - 2014-06-15 19:45 - 00291980 _____ () C:\Windows\msxml4-KB954430-enu.LOG
2014-06-12 12:28 - 2014-06-12 12:29 - 08101888 _____ () C:\Users\Philipp\Downloads\recovery-clockwork-touch-6.0.3.6-m4.img
2014-06-12 11:56 - 2013-10-28 16:29 - 00000000 ____D () C:\Users\Philipp\Downloads\__MACOSX
2014-06-12 11:56 - 2013-05-04 17:47 - 00162816 _____ () C:\Users\Philipp\Downloads\adb.exe
2014-06-12 11:56 - 2013-05-04 17:47 - 00096256 _____ (Google, inc) C:\Users\Philipp\Downloads\AdbWinApi.dll
2014-06-12 11:56 - 2013-05-04 17:47 - 00070144 _____ () C:\Users\Philipp\Downloads\fastboot.exe
2014-06-12 11:56 - 2013-05-04 17:47 - 00060928 _____ (Google, inc) C:\Users\Philipp\Downloads\AdbWinUsbApi.dll
2014-06-12 11:47 - 2014-06-12 11:47 - 00083753 _____ () C:\Users\Philipp\Downloads\fastboot-win.zip
2014-06-12 11:43 - 2014-06-12 11:43 - 00000000 ____D () C:\Users\Philipp\AppData\Roaming\HTC
2014-06-12 11:42 - 2014-06-12 12:29 - 00000000 ____D () C:\Unlock
2014-06-12 11:41 - 2014-06-12 11:41 - 00000000 ____D () C:\Neuer Ordner
2014-06-12 11:36 - 2014-07-09 21:17 - 00000000 ____D () C:\Users\Philipp\AppData\Local\HTC MediaHub
2014-06-12 11:36 - 2014-06-12 11:42 - 00000000 ____D () C:\Users\Philipp\Documents\HTC
2014-06-12 11:36 - 2014-06-12 11:36 - 00002035 _____ () C:\Users\Public\Desktop\HTC Sync Manager.lnk
2014-06-12 11:36 - 2014-06-12 11:36 - 00000000 ____D () C:\Users\Philipp\AppData\Roaming\Apple Computer
2014-06-12 11:36 - 2014-06-12 11:36 - 00000000 ____D () C:\Users\Philipp\AppData\Local\Apple Computer
2014-06-12 11:36 - 2014-06-12 11:36 - 00000000 ____D () C:\ProgramData\HTC
2014-06-12 11:29 - 2014-06-12 11:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HTC
2014-06-12 11:28 - 2014-06-12 11:36 - 00000000 ____D () C:\Program Files (x86)\HTC
2014-06-12 11:28 - 2014-06-12 11:28 - 00000000 ____D () C:\Program Files (x86)\Spirent Communications
2014-06-12 11:28 - 2014-04-25 04:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-06-12 11:28 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-06-12 11:27 - 2014-05-30 12:21 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-12 11:27 - 2014-05-30 12:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-12 11:27 - 2014-05-30 12:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-06-12 11:27 - 2014-05-30 11:45 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-12 11:27 - 2014-05-30 11:39 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-12 11:27 - 2014-05-30 11:39 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-12 11:27 - 2014-05-30 11:38 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-06-12 11:27 - 2014-05-30 11:28 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-12 11:27 - 2014-05-30 11:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-12 11:27 - 2014-05-30 11:24 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-12 11:27 - 2014-05-30 11:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-12 11:27 - 2014-05-30 11:21 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-06-12 11:27 - 2014-05-30 11:20 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-06-12 11:27 - 2014-05-30 11:18 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-12 11:27 - 2014-05-30 11:11 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-06-12 11:27 - 2014-05-30 11:08 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-12 11:27 - 2014-05-30 11:06 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-12 11:27 - 2014-05-30 11:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-12 11:27 - 2014-05-30 10:55 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-06-12 11:27 - 2014-05-30 10:49 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-12 11:27 - 2014-05-30 10:46 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-12 11:27 - 2014-05-30 10:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-06-12 11:27 - 2014-05-30 10:44 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-12 11:27 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-06-12 11:27 - 2014-05-30 10:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-06-12 11:27 - 2014-05-30 10:38 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-12 11:27 - 2014-05-30 10:35 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-12 11:27 - 2014-05-30 10:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-12 11:27 - 2014-05-30 10:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-12 11:27 - 2014-05-30 10:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-06-12 11:27 - 2014-05-30 10:29 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-12 11:27 - 2014-05-30 10:28 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-06-12 11:27 - 2014-05-30 10:27 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-06-12 11:27 - 2014-05-30 10:24 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-06-12 11:27 - 2014-05-30 10:23 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-12 11:27 - 2014-05-30 10:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-12 11:27 - 2014-05-30 10:10 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-06-12 11:27 - 2014-05-30 10:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-12 11:27 - 2014-05-30 10:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-12 11:27 - 2014-05-30 10:02 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-12 11:27 - 2014-05-30 09:56 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-12 11:27 - 2014-05-30 09:56 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-12 11:27 - 2014-05-30 09:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-12 11:27 - 2014-05-30 09:50 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-06-12 11:27 - 2014-05-30 09:49 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-12 11:27 - 2014-05-30 09:43 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-12 11:27 - 2014-05-30 09:40 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-12 11:27 - 2014-05-30 09:30 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-12 11:27 - 2014-05-30 09:21 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-12 11:27 - 2014-05-30 09:15 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-12 11:27 - 2014-05-30 09:13 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-06-12 11:27 - 2014-05-30 09:13 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-06-12 11:27 - 2014-04-05 04:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-12 11:27 - 2014-04-05 04:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-06-12 11:27 - 2014-03-26 16:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-06-12 11:27 - 2014-03-26 16:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-06-12 11:27 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-06-12 11:27 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-06-12 11:27 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-06-12 11:27 - 2014-03-26 16:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-06-12 11:27 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2014-06-12 11:27 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-06-12 11:26 - 2014-06-12 11:26 - 00000000 ____D () C:\Users\Philipp\AppData\Local\Downloaded Installations
2014-06-12 11:26 - 2014-06-08 11:13 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-12 11:26 - 2014-06-08 11:08 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-12 11:24 - 2014-06-12 11:24 - 00209183 _____ () C:\Users\Philipp\Downloads\htc-one-mini-bootloader-unlock.zip
2014-06-12 11:22 - 2014-06-12 11:24 - 136072080 _____ (HTC) C:\Users\Philipp\Downloads\setup_3.1.13.0_htc.exe

==================== One Month Modified Files and Folders =======

2014-07-09 21:33 - 2014-07-09 21:32 - 00018175 _____ () C:\Users\Philipp\Desktop\FRST.txt
2014-07-09 21:33 - 2014-07-02 20:37 - 00000000 ____D () C:\Users\Philipp\AppData\Local\Genesis_07021837
2014-07-09 21:32 - 2014-07-09 21:31 - 00000000 ___HD () C:\Windows\AxInstSV
2014-07-09 21:32 - 2014-07-09 19:37 - 00000000 ____D () C:\FRST
2014-07-09 21:31 - 2014-06-27 11:06 - 00000000 ____D () C:\Users\Philipp\AppData\Roaming\Spotify
2014-07-09 21:21 - 2009-07-14 06:45 - 00014928 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-09 21:21 - 2009-07-14 06:45 - 00014928 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-09 21:20 - 2014-04-25 16:40 - 01831131 _____ () C:\Windows\WindowsUpdate.log
2014-07-09 21:18 - 2014-07-04 16:42 - 00000056 _____ () C:\Windows\system32\Drivers\etc\WnmFlt.cfg.bck
2014-07-09 21:18 - 2014-07-04 16:42 - 00000056 _____ () C:\Windows\system32\Drivers\etc\WnmFlt.cfg
2014-07-09 21:18 - 2014-07-04 15:59 - 00000252 _____ () C:\Windows\system32\Drivers\etc\IdsFlt.cfg.bck
2014-07-09 21:18 - 2014-07-04 15:59 - 00000252 _____ () C:\Windows\system32\Drivers\etc\IdsFlt.cfg
2014-07-09 21:18 - 2014-07-04 15:59 - 00000080 _____ () C:\Windows\system32\Drivers\etc\NetLoc.wlt.bck
2014-07-09 21:18 - 2014-07-04 15:59 - 00000080 _____ () C:\Windows\system32\Drivers\etc\NetLoc.wlt
2014-07-09 21:18 - 2014-07-04 15:59 - 00000056 _____ () C:\Windows\system32\Drivers\etc\DsaFlt.cfg.bck
2014-07-09 21:18 - 2014-07-04 15:59 - 00000056 _____ () C:\Windows\system32\Drivers\etc\DsaFlt.cfg
2014-07-09 21:18 - 2014-07-04 15:57 - 00000068 _____ () C:\Windows\system32\Drivers\etc\NetFlt.cfg.bck
2014-07-09 21:18 - 2014-07-04 15:57 - 00000068 _____ () C:\Windows\system32\Drivers\etc\NetFlt.cfg
2014-07-09 21:18 - 2014-07-04 15:53 - 00282752 _____ () C:\Windows\system32\Drivers\APPFCONT.DAT.bck
2014-07-09 21:18 - 2014-07-04 15:53 - 00282752 _____ () C:\Windows\system32\Drivers\APPFCONT.DAT
2014-07-09 21:18 - 2014-07-04 15:53 - 00001132 _____ () C:\Windows\system32\Drivers\APPFLTR.CFG.bck
2014-07-09 21:18 - 2014-07-04 15:53 - 00001132 _____ () C:\Windows\system32\Drivers\APPFLTR.CFG
2014-07-09 21:17 - 2014-07-09 20:46 - 00007646 _____ () C:\zoek-results.log
2014-07-09 21:17 - 2014-06-12 11:36 - 00000000 ____D () C:\Users\Philipp\AppData\Local\HTC MediaHub
2014-07-09 21:16 - 2014-07-09 21:16 - 00000000 ____D () C:\Users\Philipp\.android
2014-07-09 21:16 - 2014-07-09 12:01 - 00003758 _____ () C:\Windows\System32\Tasks\AutoKMS
2014-07-09 21:16 - 2014-07-06 21:03 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-09 21:16 - 2014-04-25 17:01 - 00000000 ____D () C:\Users\Philipp
2014-07-09 21:15 - 2014-07-04 15:57 - 00000136 _____ () C:\Windows\system32\Drivers\etc\NetAdapt.cfg.bck
2014-07-09 21:15 - 2014-07-04 15:57 - 00000136 _____ () C:\Windows\system32\Drivers\etc\NetAdapt.cfg
2014-07-09 21:15 - 2014-07-04 15:57 - 00000064 _____ () C:\Windows\system32\Drivers\etc\NetAR.wlt.bck
2014-07-09 21:15 - 2014-07-04 15:57 - 00000064 _____ () C:\Windows\system32\Drivers\etc\NetAR.wlt
2014-07-09 21:15 - 2014-04-27 00:31 - 00161126 _____ () C:\Windows\PFRO.log
2014-07-09 21:15 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-09 21:15 - 2009-07-14 06:51 - 00033283 _____ () C:\Windows\setupact.log
2014-07-09 21:08 - 2014-07-06 21:03 - 00001112 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-09 21:06 - 2014-07-09 20:44 - 00000000 ____D () C:\zoek_backup
2014-07-09 20:44 - 2014-07-09 21:09 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-07-09 20:42 - 2014-07-09 20:41 - 04095664 _____ () C:\Users\Philipp\Desktop\zoek.zip
2014-07-09 20:42 - 2014-07-04 15:53 - 00303044 _____ () C:\Windows\system32\Drivers\etc\DsaFlt.rls.bck
2014-07-09 20:42 - 2014-07-04 15:53 - 00303044 _____ () C:\Windows\system32\Drivers\etc\DsaFlt.rls
2014-07-09 20:34 - 2014-07-09 20:33 - 00000000 ____D () C:\AdwCleaner
2014-07-09 20:34 - 2014-04-27 15:15 - 00001003 _____ () C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-07-09 20:31 - 2014-07-09 20:31 - 01348263 _____ () C:\Users\Philipp\Desktop\adwcleaner_3.215.exe
2014-07-09 20:20 - 2014-07-09 20:19 - 00000000 ____D () C:\Users\Philipp\Desktop\revouninstaller-portable
2014-07-09 20:19 - 2014-07-09 20:19 - 03007700 _____ () C:\Users\Philipp\Downloads\revouninstaller.zip
2014-07-09 19:36 - 2014-07-09 19:36 - 02084352 _____ (Farbar) C:\Users\Philipp\Desktop\FRST64.exe
2014-07-09 18:49 - 2014-07-09 18:49 - 00001061 _____ () C:\Users\Philipp\Desktop\Free PDF to Word Doc Converter.lnk
2014-07-09 18:49 - 2014-07-09 18:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free PDF to Word Doc Converter
2014-07-09 18:49 - 2014-07-09 18:49 - 00000000 ____D () C:\Program Files (x86)\Free PDF to Word Doc Converter
2014-07-09 18:49 - 2014-04-25 17:02 - 00000000 ____D () C:\Users\Philipp\AppData\Local\VirtualStore
2014-07-09 18:48 - 2014-07-09 18:48 - 01128916 _____ (www.hellopdf.com ) C:\Users\Philipp\Downloads\pdf2wordsetup11.exe
2014-07-09 12:45 - 2014-04-28 01:18 - 00008627 _____ () C:\Windows\SysWOW64\PAV_FOG.OPC
2014-07-07 23:03 - 2014-06-27 11:06 - 00000000 ____D () C:\Users\Philipp\AppData\Local\Spotify
2014-07-07 14:13 - 2014-07-07 14:13 - 00287750 _____ ( ) C:\Users\Philipp\Desktop\VOPackage.exe
2014-07-07 14:12 - 2014-07-07 14:12 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-07 14:11 - 2014-07-07 14:11 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Philipp\Desktop\mbam-setup-2-0-2-1012.exe
2014-07-06 21:03 - 2014-07-06 21:03 - 00004108 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-07-06 21:03 - 2014-07-06 21:03 - 00003856 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-07-06 21:03 - 2014-07-06 21:03 - 00002255 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-07-06 21:03 - 2014-07-06 21:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-07-06 21:03 - 2014-04-27 00:20 - 00000000 ____D () C:\Users\Philipp\AppData\Local\Google
2014-07-06 21:03 - 2014-04-27 00:20 - 00000000 ____D () C:\Program Files (x86)\Google
2014-07-06 21:02 - 2014-07-06 21:02 - 00000000 ____D () C:\Users\Philipp\AppData\Local\Deployment
2014-07-06 21:02 - 2014-07-06 21:02 - 00000000 ____D () C:\Users\Philipp\AppData\Local\Apps\2.0
2014-07-04 15:54 - 2014-07-04 15:54 - 00015928 _____ () C:\Windows\system32\Drivers\COMFiltr.sys
2014-07-04 15:54 - 2014-07-04 15:54 - 00000000 ____D () C:\Users\Philipp\AppData\Local\Panda Security
2014-07-04 15:53 - 2014-07-04 15:53 - 00002536 _____ () C:\Users\Public\Desktop\Remote-Zugriff installieren.lnk
2014-07-04 15:53 - 2014-07-04 15:53 - 00002255 _____ () C:\Users\Public\Desktop\Panda Internet Security 2014.lnk
2014-07-04 15:53 - 2014-07-04 15:53 - 00000274 _____ () C:\Windows\system32\PavCPL64.dat
2014-07-04 15:53 - 2014-07-04 15:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Security
2014-07-04 15:53 - 2014-07-04 15:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Internet Security 2014
2014-07-04 15:53 - 2014-07-04 15:51 - 00000000 ____D () C:\Program Files (x86)\Panda Security
2014-07-04 15:51 - 2014-07-04 15:51 - 00000000 ____D () C:\Windows\SysWOW64\PAV
2014-07-04 15:51 - 2014-07-04 15:51 - 00000000 ____D () C:\Users\Philipp\AppData\Roaming\Panda Security
2014-07-04 15:51 - 2014-07-04 15:51 - 00000000 ____D () C:\ProgramData\Panda Security
2014-07-04 15:44 - 2014-07-04 15:43 - 01042952 _____ () C:\Users\Philipp\Downloads\PANDAIS14.exe
2014-07-04 15:22 - 2014-07-02 20:37 - 00000000 ____D () C:\Users\Philipp\AppData\Local\24223
2014-07-04 15:09 - 2014-07-04 15:09 - 00262144 _____ () C:\Windows\system32\config\elam
2014-07-04 14:40 - 2014-07-04 14:37 - 233068656 _____ () C:\Users\Philipp\Downloads\kav14.0.0.4651de-de.exe
2014-07-04 13:57 - 2014-07-04 13:57 - 00000687 _____ () C:\awh2B34.tmp
2014-07-04 01:52 - 2014-07-04 01:20 - 00000000 ____D () C:\Users\Philipp\AppData\Roaming\Skype
2014-07-04 01:52 - 2014-07-04 01:20 - 00000000 ____D () C:\ProgramData\Skype
2014-07-04 01:37 - 2014-07-04 01:37 - 07787136 _____ () C:\Users\Philipp\Downloads\HSS-3.42-install-e-550-plain.exe
2014-07-04 01:21 - 2014-07-04 01:21 - 00000000 ____D () C:\Users\Philipp\AppData\Local\Skype
2014-07-04 01:19 - 2014-07-04 01:18 - 01677440 _____ (Skype Technologies S.A.) C:\Users\Philipp\Downloads\SkypeSetup.exe
2014-07-04 00:55 - 2014-04-27 00:50 - 00000000 ____D () C:\Users\Philipp\Documents\Stronghold Legends
2014-07-04 00:53 - 2014-04-27 00:26 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-07-04 00:52 - 2014-04-28 00:55 - 00000000 ____D () C:\Users\Philipp\Documents\Studium
2014-07-03 12:53 - 2014-07-03 12:53 - 00000687 _____ () C:\awh275D.tmp
2014-07-02 21:38 - 2014-07-02 21:38 - 00000687 _____ () C:\awh119C.tmp
2014-07-02 15:10 - 2014-07-02 15:10 - 00911360 _____ () C:\Users\Philipp\Downloads\energy-2.ppt
2014-07-02 00:13 - 2014-07-01 21:45 - 00000000 ____D () C:\Users\Philipp\Documents\Matlab
2014-07-02 00:07 - 2014-07-02 00:07 - 00000000 ____D () C:\Users\Philipp\AppData\Roaming\Subversion
2014-07-02 00:06 - 2014-07-02 00:06 - 00000000 ____D () C:\Users\Philipp\AppData\Roaming\MathWorks
2014-07-02 00:06 - 2014-07-02 00:06 - 00000000 ____D () C:\Users\Philipp\AppData\Local\MathWorks
2014-07-02 00:02 - 2014-07-02 00:02 - 00001303 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MATLAB R2014a.lnk
2014-07-02 00:02 - 2014-07-02 00:02 - 00001291 _____ () C:\Users\Public\Desktop\MATLAB R2014a.lnk
2014-07-02 00:02 - 2014-07-02 00:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MATLAB
2014-07-02 00:01 - 2014-07-02 00:01 - 00000000 ____D () C:\ProgramData\MathWorks
2014-07-01 23:29 - 2014-07-01 23:29 - 00000000 ____D () C:\Program Files\MATLAB
2014-07-01 03:35 - 2014-06-30 19:09 - 00000000 ____D () C:\Windows\AutoKMS
2014-07-01 03:34 - 2009-07-14 06:45 - 00460696 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-01 03:16 - 2014-06-30 19:01 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-07-01 03:16 - 2014-06-30 18:56 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-07-01 03:02 - 2009-07-14 04:34 - 00000478 _____ () C:\Windows\win.ini
2014-07-01 03:00 - 2014-07-01 03:00 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help
2014-07-01 03:00 - 2014-07-01 03:00 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help
2014-06-30 19:17 - 2014-06-30 19:17 - 00002839 _____ () C:\Users\Philipp\Desktop\OneNote 2013.lnk
2014-06-30 19:13 - 2014-06-30 19:13 - 00003015 _____ () C:\Users\Philipp\Desktop\Word 2013.lnk
2014-06-30 19:08 - 2014-06-30 19:08 - 00000000 ____D () C:\ProgramData\Microsoft Toolkit
2014-06-30 19:07 - 2014-04-28 00:41 - 00117912 _____ () C:\Users\Philipp\AppData\Local\GDIPFONTCACHEV1.DAT
2014-06-30 19:02 - 2014-06-30 19:02 - 00000000 ____D () C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2014-06-30 19:01 - 2014-06-30 19:17 - 00002959 _____ () C:\Users\Philipp\Desktop\Lync 2013.lnk
2014-06-30 19:01 - 2014-06-30 19:17 - 00002937 _____ () C:\Users\Philipp\Desktop\Publisher 2013.lnk
2014-06-30 19:01 - 2014-06-30 19:15 - 00002937 _____ () C:\Users\Philipp\Desktop\PowerPoint 2013.lnk
2014-06-30 19:01 - 2014-06-30 19:15 - 00002864 _____ () C:\Users\Philipp\Desktop\Outlook 2013.lnk
2014-06-30 19:01 - 2014-06-30 19:15 - 00002829 _____ () C:\Users\Philipp\Desktop\Access 2013.lnk
2014-06-30 19:01 - 2014-06-30 19:14 - 00003037 _____ () C:\Users\Philipp\Desktop\Excel 2013.lnk
2014-06-30 19:01 - 2014-06-30 19:01 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-06-30 19:01 - 2009-07-14 20:18 - 00000000 ____D () C:\Windows\ShellNew
2014-06-30 19:01 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-06-30 19:00 - 2014-06-30 19:00 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-30 19:00 - 2014-06-30 19:00 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server
2014-06-30 19:00 - 2014-06-30 18:59 - 00000000 ____D () C:\Program Files\Microsoft SQL Server
2014-06-30 18:59 - 2014-06-30 18:59 - 00000000 ____D () C:\Windows\PCHEALTH
2014-06-30 18:59 - 2014-06-30 18:56 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-06-30 18:58 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\System
2014-06-30 18:57 - 2014-06-30 18:57 - 00000000 ____D () C:\Users\Philipp\AppData\Local\Microsoft Help
2014-06-30 18:57 - 2014-06-30 18:57 - 00000000 ____D () C:\Program Files\Microsoft Analysis Services
2014-06-30 18:57 - 2014-06-30 18:57 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-06-30 18:57 - 2014-06-30 18:57 - 00000000 ____D () C:\Program Files (x86)\Microsoft Analysis Services
2014-06-30 18:55 - 2014-06-30 18:55 - 00000000 __RHD () C:\MSOCache
2014-06-30 18:52 - 2014-06-30 18:49 - 00000000 ____D () C:\ProgramData\TuneUp Software
2014-06-30 18:52 - 2014-06-30 18:46 - 00000000 ____D () C:\Users\Philipp\AppData\Roaming\DAEMON Tools Lite
2014-06-30 18:52 - 2014-06-30 18:46 - 00000000 ____D () C:\ProgramData\DAEMON Tools Lite
2014-06-30 18:52 - 2009-07-14 19:58 - 00699248 _____ () C:\Windows\system32\perfh007.dat
2014-06-30 18:52 - 2009-07-14 19:58 - 00149356 _____ () C:\Windows\system32\perfc007.dat
2014-06-30 18:52 - 2009-07-14 07:13 - 01618896 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-30 18:51 - 2014-06-30 18:51 - 00000000 ____D () C:\Users\Philipp\AppData\Roaming\TuneUp Software
2014-06-30 18:51 - 2014-06-30 18:51 - 00000000 ____D () C:\Users\Philipp\AppData\Local\TuneUp Software
2014-06-30 18:49 - 2014-06-30 18:49 - 00001958 _____ () C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2014-06-30 18:49 - 2014-06-30 18:49 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-06-30 18:46 - 2014-06-30 18:46 - 00283064 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtsoftbus01.sys
2014-06-30 18:46 - 2014-06-30 18:46 - 00000000 ____D () C:\Program Files (x86)\DAEMON Tools Lite
2014-06-30 18:40 - 2014-06-30 18:39 - 00000000 ____D () C:\Users\Philipp\Documents\Office
2014-06-30 14:34 - 2014-04-28 12:35 - 00000000 ____D () C:\ProgramData\HP
2014-06-30 14:34 - 2014-04-28 12:35 - 00000000 ____D () C:\Program Files (x86)\HP
2014-06-27 11:06 - 2014-06-27 11:06 - 00126112 _____ (Spotify Ltd) C:\Users\Philipp\Downloads\SpotifySetup.exe
2014-06-27 11:06 - 2014-06-27 11:06 - 00001821 _____ () C:\Users\Philipp\Desktop\Spotify.lnk
2014-06-27 11:06 - 2014-06-27 11:06 - 00001807 _____ () C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2014-06-26 09:43 - 2014-06-26 09:43 - 25755856 _____ (Microsoft Corporation) C:\Users\Philipp\Downloads\wordview_de-de.exe
2014-06-26 09:43 - 2014-06-26 09:43 - 00000000 ____D () C:\Program Files (x86)\MSECache
2014-06-25 20:45 - 2014-06-25 20:38 - 00000000 ____D () C:\ProgramData\BlueStacksSetup
2014-06-25 20:40 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Public\Libraries
2014-06-25 20:39 - 2014-06-25 20:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks
2014-06-25 20:39 - 2014-06-25 20:39 - 00000000 ____D () C:\ProgramData\BlueStacks
2014-06-25 20:39 - 2014-06-25 20:39 - 00000000 ____D () C:\Program Files (x86)\BlueStacks
2014-06-25 20:38 - 2014-06-25 20:38 - 00000000 ____D () C:\Users\Philipp\AppData\Local\Bluestacks
2014-06-25 20:38 - 2014-06-25 20:37 - 12851944 _____ (BlueStack Systems Inc.) C:\Users\Philipp\Downloads\BlueStacks-SplitInstaller_native_c.exe
2014-06-25 01:04 - 2014-06-25 01:04 - 00000075 _____ () C:\Users\Philipp\Downloads\Downloads.rar
2014-06-22 17:53 - 2014-06-22 17:48 - 00000000 ____D () C:\Users\Public\Documents\Wondershare
2014-06-22 17:49 - 2014-06-22 17:49 - 00000000 ____D () C:\ProgramData\PDFEditor
2014-06-22 17:48 - 2014-06-22 17:48 - 00710144 _____ (Wondershare) C:\Users\Philipp\Downloads\pdf-editor_setup_full1155.exe
2014-06-22 17:40 - 2009-07-14 07:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-06-19 09:57 - 2014-06-19 09:57 - 00000897 _____ () C:\Users\Philipp\Documents\Kosten.txt
2014-06-15 19:45 - 2014-06-15 19:45 - 00286734 _____ () C:\Windows\msxml4-KB973688-enu.LOG
2014-06-15 19:45 - 2014-06-15 19:45 - 00000000 ____D () C:\Program Files (x86)\MSXML 4.0
2014-06-15 19:45 - 2014-06-15 19:44 - 00291980 _____ () C:\Windows\msxml4-KB954430-enu.LOG
2014-06-14 19:59 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-06-12 12:48 - 2014-05-06 22:14 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-06-12 12:29 - 2014-06-12 12:28 - 08101888 _____ () C:\Users\Philipp\Downloads\recovery-clockwork-touch-6.0.3.6-m4.img
2014-06-12 12:29 - 2014-06-12 11:42 - 00000000 ____D () C:\Unlock
2014-06-12 11:47 - 2014-06-12 11:47 - 00083753 _____ () C:\Users\Philipp\Downloads\fastboot-win.zip
2014-06-12 11:43 - 2014-06-12 11:43 - 00000000 ____D () C:\Users\Philipp\AppData\Roaming\HTC
2014-06-12 11:42 - 2014-06-12 11:36 - 00000000 ____D () C:\Users\Philipp\Documents\HTC
2014-06-12 11:41 - 2014-06-12 11:41 - 00000000 ____D () C:\Neuer Ordner
2014-06-12 11:36 - 2014-06-12 11:36 - 00002035 _____ () C:\Users\Public\Desktop\HTC Sync Manager.lnk
2014-06-12 11:36 - 2014-06-12 11:36 - 00000000 ____D () C:\Users\Philipp\AppData\Roaming\Apple Computer
2014-06-12 11:36 - 2014-06-12 11:36 - 00000000 ____D () C:\Users\Philipp\AppData\Local\Apple Computer
2014-06-12 11:36 - 2014-06-12 11:36 - 00000000 ____D () C:\ProgramData\HTC
2014-06-12 11:36 - 2014-06-12 11:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HTC
2014-06-12 11:36 - 2014-06-12 11:28 - 00000000 ____D () C:\Program Files (x86)\HTC
2014-06-12 11:29 - 2014-04-27 00:29 - 00020744 _____ () C:\Windows\DPINST.LOG
2014-06-12 11:28 - 2014-06-12 11:28 - 00000000 ____D () C:\Program Files (x86)\Spirent Communications
2014-06-12 11:26 - 2014-06-12 11:26 - 00000000 ____D () C:\Users\Philipp\AppData\Local\Downloaded Installations
2014-06-12 11:24 - 2014-06-12 11:24 - 00209183 _____ () C:\Users\Philipp\Downloads\htc-one-mini-bootloader-unlock.zip
2014-06-12 11:24 - 2014-06-12 11:22 - 136072080 _____ (HTC) C:\Users\Philipp\Downloads\setup_3.1.13.0_htc.exe
2014-06-11 11:44 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-07-08 14:00

==================== End Of Log ============================
         
--- --- ---
__________________

Alt 09.07.2014, 21:49   #4
bauerph
 
Internet Browser öffnet selbststädnig Tabs und neue Fenster mit Werbung - Standard

Internet Browser öffnet selbststädnig Tabs und neue Fenster mit Werbung



Und zu guter Letzt die log von Addition.txt
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-07-2014
Ran by Philipp at 2014-07-09 21:33:53
Running from C:\Users\Philipp\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Panda Internet Security 2014 (Disabled - Up to date) {86971480-9989-6750-B122-681A86518D59}
AS: Panda Internet Security 2014 (Disabled - Up to date) {3DF6F564-BFB3-68DE-8B92-5368FDD6C7E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Panda Personal Firewall 2014 (Disabled) {BEAC95A5-D3E6-6608-9A7D-C12F7882CA22}

==================== Installed Programs ======================

Adobe Reader XI (11.0.07) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Advanced Archive Password Recovery (HKLM-x32\...\{01011662-76A8-41E8-B1A8-4F8821570AC5}) (Version: 4.54.48.1338 - Elcomsoft Co. Ltd.)
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.8.11.3116 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{80194F84-21CE-44CF-A46E-38D8CE448856}) (Version: 0.8.11.3116 - BlueStack Systems, Inc.)
Cisco AnyConnect Secure Mobility Client  (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 3.1.05160 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (x32 Version: 3.1.05160 - Cisco Systems, Inc.) Hidden
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version:  - Valve)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Definition Update for Microsoft Office 2013 (KB2760587) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{AD09282B-E878-4C2C-914D-E67475E4729C}) (Version:  - Microsoft)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.3.22 - DivX, LLC)
Free IP Switcher (HKLM-x32\...\Free IP Switcher) (Version: hxxp://www.eusing.com/ipswitch/free_ip_switcher.htm - Eusing Software)
Free PDF to Word Doc Converter v1.1 (HKLM-x32\...\Free PDF to Word Doc Converter_is1) (Version: 1.1 - www.hellopdf.com)
GamersGoMakers Demo version 1.00 (HKLM-x32\...\{002C48A1-8B64-42C0-8A6A-57C4391E67D8}_is1) (Version: 1.00 - gnifrebel games)
GameSpy Arcade (HKLM-x32\...\GameSpy Arcade) (Version:  - )
Genesis (HKCU\...\genesis_07021837) (Version:  - ) <==== ATTENTION
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
HP Officejet 4630 series - Grundlegende Software für das Gerät (HKLM\...\{CCF92FFE-5341-4263-9048-472D9E3C5703}) (Version: 32.0.1180.44630 - Hewlett-Packard Co.)
HP Officejet 4630 series Hilfe (HKLM-x32\...\{08B9332C-26DB-4EF3-85D6-6DC62B937681}) (Version: 31.0.0 - Hewlett Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HTC Driver Installer (HKLM-x32\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.11.0.001 - HTC Corporation)
HTC Sync Manager (HKLM-x32\...\{231D0C79-98A6-4693-A366-36DE7D7346EC}) (Version: 3.1.13.0 - HTC)
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217055FF}) (Version: 7.0.550 - Oracle)
MATLAB R2014a (HKLM\...\Matlab R2014a) (Version: 8.3 - The MathWorks, Inc.)
MegaTrainer eXperience V1.1.0.4 (HKLM-x32\...\MegaTrainer eXperience_is1) (Version:  - )
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Access MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft DCF MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Excel MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Groove MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Lync MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office 32-bit Components 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Korrekturhilfen 2013 - Deutsch (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - English (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - Italiano (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft OneNote MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Word MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Network System Driver (HKLM-x32\...\inethnfd) (Version: 1.0.0.3001 - ) <==== ATTENTION
NVIDIA Grafiktreiber 327.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.02 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.133.889 - NVIDIA Corporation) Hidden
NVIDIA Optimus 1.14.17 (Version: 1.14.17 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 327.02 (Version: 327.02 - NVIDIA Corporation) Hidden
NVIDIA Update 1.14.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.14.17 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.14.17 - NVIDIA Corporation) Hidden
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Panda Internet Security 2014 (HKLM-x32\...\{7926EFB6-7CB4-4A9D-AB01-095F67F9D519}) (Version: 19.01.01 - Panda Security)
Panda Internet Security 2014 (x32 Version: 19.01.01 - Panda Security) Hidden
Password Depot 7 - Panda Secure Vault Edition (HKLM-x32\...\{A6144BFB-45FB-4DDB-BC4F-AB10E9FF0395}_is1) (Version: 7.1.0 - AceBIT GmbH)
PDF24 Creator 6.3.2 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
RAR Password Recovery v1.1 RC17 (remove only) (HKLM-x32\...\Intelore - RAR Password Recovery) (Version:  - )
Spotify (HKCU\...\Spotify) (Version: 0.9.11.27.g2b1a638c - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
Stronghold Legends (HKLM-x32\...\Steam App 40980) (Version:  - FireFly Studios)
Studie zur Verbesserung von HP Officejet 4630 series (HKLM\...\{9D3B1C22-1F19-4BCD-A03F-DA75E38E3456}) (Version: 32.0.1180.44630 - Hewlett-Packard Co.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 14.0.19.0 - Synaptics Incorporated)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
Update for Microsoft Excel 2013 (KB2881014) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D8C78DED-3543-449A-8E3E-9391643EBB0E}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2881014) 64-Bit Edition (HKLM\...\{90150000-0016-0407-1000-0000000FF1CE}_Office15.PROPLUS_{D8C78DED-3543-449A-8E3E-9391643EBB0E}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2881014) 64-Bit Edition (HKLM\...\{90150000-0018-0407-1000-0000000FF1CE}_Office15.PROPLUS_{D8C78DED-3543-449A-8E3E-9391643EBB0E}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2881014) 64-Bit Edition (HKLM\...\{90150000-001B-0407-1000-0000000FF1CE}_Office15.PROPLUS_{D8C78DED-3543-449A-8E3E-9391643EBB0E}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2881014) 64-Bit Edition (HKLM\...\{90150000-00C1-0407-1000-0000000FF1CE}_Office15.PROPLUS_{D8C78DED-3543-449A-8E3E-9391643EBB0E}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2850074) 64-Bit Edition (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.PROPLUS_{CE9A9D7C-B6FB-4F6C-8BDE-9A1ADBBAC1EE}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760344) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{EF77B4A6-DFEC-4010-A87D-9B6BF87FABEC}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760544) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{62857CDD-2985-4939-91BA-19ED0B0031A5}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2768012) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{0814662C-FD28-4DE0-ACE5-EE50D1D6C8FB}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817302) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{E79EFFDB-192A-4D9E-A2DB-C0F774E6EC32}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817302) 64-Bit Edition (HKLM\...\{90150000-0016-0407-1000-0000000FF1CE}_Office15.PROPLUS_{E79EFFDB-192A-4D9E-A2DB-C0F774E6EC32}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2826040) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{C4AEA56A-0759-4D08-9FAB-31A92137D0B8}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2837644) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D692E9FF-84BF-4F44-A0EA-D58ECE0D538E}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2863843) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{290D80DE-03AB-47EC-9402-108AF4CE4F66}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2878313) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{98821750-2C79-4A07-9AE9-D2536FD9491D}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880457) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{EC2AF602-2730-4B05-9438-06CDE43153F2}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{24584DD4-C680-4FEB-A464-D760C7A5B041}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 64-Bit Edition (HKLM\...\{90150000-006E-0407-1000-0000000FF1CE}_Office15.PROPLUS_{24584DD4-C680-4FEB-A464-D760C7A5B041}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{24584DD4-C680-4FEB-A464-D760C7A5B041}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880464) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{88B29AA5-71EE-4692-91E2-E89407F0B783}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880476) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D3FC5B59-0F86-4B9A-94DF-FC213DF4FA63}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880476) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D3FC5B59-0F86-4B9A-94DF-FC213DF4FA63}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880478) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{8116ED50-F1E7-49E1-9D8D-421497D34B0F}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880991) 64-Bit Edition (HKLM\...\{90150000-001F-0407-1000-0000000FF1CE}_Office15.PROPLUS_{B386BAA9-7D92-450E-B43E-BD96B01ADEC0}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880991) 64-Bit Edition (HKLM\...\{90150000-001F-0409-1000-0000000FF1CE}_Office15.PROPLUS_{F6CE638B-5A06-4EDD-A1FA-BFA827D14071}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880991) 64-Bit Edition (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}_Office15.PROPLUS_{927B47DF-91B2-4EBF-9B66-43B2C95E41BF}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880991) 64-Bit Edition (HKLM\...\{90150000-001F-0410-1000-0000000FF1CE}_Office15.PROPLUS_{7BD6AF81-49D4-482A-8CDD-90B4031627F2}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{885C981B-F1E3-430A-A099-31CA9D28C251}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 64-Bit Edition (HKLM\...\{90150000-0016-0407-1000-0000000FF1CE}_Office15.PROPLUS_{885C981B-F1E3-430A-A099-31CA9D28C251}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 64-Bit Edition (HKLM\...\{90150000-0090-0407-1000-0000000FF1CE}_Office15.PROPLUS_{885C981B-F1E3-430A-A099-31CA9D28C251}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2881018) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{F0B3B3E0-40AC-4339-83F7-735DD302ADDE}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2881018) 64-Bit Edition (HKLM\...\{90150000-00BA-0407-1000-0000000FF1CE}_Office15.PROPLUS_{F0B3B3E0-40AC-4339-83F7-735DD302ADDE}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2881018) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{F0B3B3E0-40AC-4339-83F7-735DD302ADDE}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2881018) 64-Bit Edition (HKLM\...\{90150000-00C1-0407-1000-0000000FF1CE}_Office15.PROPLUS_{F0B3B3E0-40AC-4339-83F7-735DD302ADDE}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2880458) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D2CD59AB-CA83-44D4-AEF8-E49A3FE8FD7F}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2880458) 64-Bit Edition (HKLM\...\{90150000-00A1-0407-1000-0000000FF1CE}_Office15.PROPLUS_{D2CD59AB-CA83-44D4-AEF8-E49A3FE8FD7F}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2880458) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D2CD59AB-CA83-44D4-AEF8-E49A3FE8FD7F}) (Version:  - Microsoft)
Update for Microsoft Outlook 2013 (KB2880470) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{34A169EC-990A-4DAE-AC65-9F981158B7DB}) (Version:  - Microsoft)
Update for Microsoft Outlook 2013 (KB2880470) 64-Bit Edition (HKLM\...\{90150000-001A-0407-1000-0000000FF1CE}_Office15.PROPLUS_{34A169EC-990A-4DAE-AC65-9F981158B7DB}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2881000) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D3F7B995-360E-406A-B74B-5EA682159985}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2881000) 64-Bit Edition (HKLM\...\{90150000-0018-0407-1000-0000000FF1CE}_Office15.PROPLUS_{D3F7B995-360E-406A-B74B-5EA682159985}) (Version:  - Microsoft)
Update for Microsoft Publisher 2013 (KB2726952) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{03B2C707-503D-4979-8322-CA92C45AD6B4}) (Version:  - Microsoft)
Update for Microsoft Publisher 2013 (KB2726952) 64-Bit Edition (HKLM\...\{90150000-0019-0407-1000-0000000FF1CE}_Office15.PROPLUS_{03B2C707-503D-4979-8322-CA92C45AD6B4}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{8E5CD68A-CDF8-4930-88DF-B7778B1871A9}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 64-Bit Edition (HKLM\...\{90150000-006E-0407-1000-0000000FF1CE}_Office15.PROPLUS_{8E5CD68A-CDF8-4930-88DF-B7778B1871A9}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2878319) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{BC51FE30-3A56-4802-8D9E-E9BC05B56B49}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2881005) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{125BAFEC-EB26-45C3-B97A-475162C6BDC0}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2881005) 64-Bit Edition (HKLM\...\{90150000-001A-0407-1000-0000000FF1CE}_Office15.PROPLUS_{125BAFEC-EB26-45C3-B97A-475162C6BDC0}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2881005) 64-Bit Edition (HKLM\...\{90150000-001B-0407-1000-0000000FF1CE}_Office15.PROPLUS_{125BAFEC-EB26-45C3-B97A-475162C6BDC0}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2881005) 64-Bit Edition (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.PROPLUS_{125BAFEC-EB26-45C3-B97A-475162C6BDC0}) (Version:  - Microsoft)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
WinRAR archiver (HKLM-x32\...\WinRAR archiver) (Version:  - )
Wondershare PDF Editor OCR (HKLM-x32\...\{408133BA-3665-4EF5-9DC4-E6A475DA8119}_is1) (Version: 3.6.0.9 - Wondershare Software Co.,Ltd.)
Wondershare PDF Editor(Build 3.8.0) (HKLM-x32\...\{75BAE677-F65A-45A4-9931-363FE0CF5E58}_is1) (Version: 3.8.0.11 - Wondershare Software Co.,Ltd.)

==================== Restore Points  =========================

03-07-2014 23:38:29 Gerätetreiber-Paketinstallation: Anchorfree HSS VPN Adapter Netzwerkadapter
03-07-2014 23:41:13 Gerätetreiber-Paketinstallation: Anchorfree Inc Netzwerkdienst
03-07-2014 23:51:33 Removed Skype™ 6.16
03-07-2014 23:52:10 Removed Skype Click to Call
04-07-2014 11:57:14 Windows Update
08-07-2014 10:25:53 Windows Update
09-07-2014 18:25:15 Revo Uninstaller's restore point - µTorrent
09-07-2014 18:25:59 Revo Uninstaller's restore point - µTorrent
09-07-2014 18:47:04 zoek.exe restore point

==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {058009E5-6F67-4694-A24D-29B5FA95647E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {3AB74056-283F-4137-AD76-7401BC22D3F0} - \globalUpdateUpdateTaskMachineUA No Task File <==== ATTENTION
Task: {46F363B0-6212-4DB1-8CBC-3CF2832665D1} - \globalUpdateUpdateTaskMachineCore No Task File <==== ATTENTION
Task: {60DEDF45-9D41-437B-ABC2-18AB6A5E2638} - System32\Tasks\HPCustParticipation HP Officejet 4630 series => C:\Program Files\HP\HP Officejet 4630 series\Bin\HPCustPartic.exe [2013-08-13] (Hewlett-Packard Co.)
Task: {6F9DEA73-1AC6-4C94-A7BD-008E999E2F2C} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2014-06-30] ()
Task: {6FAE5414-351E-496A-B17F-25D7ADB25DF9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-06] (Google Inc.)
Task: {70E70A88-0A78-4C5C-9A26-32E4709F81EE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-06] (Google Inc.)
Task: {CE0F5724-4EBA-4D5A-9C8A-E444E8F21EDB} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {DEA1207A-4000-4594-A8C6-F89072DDEB77} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-04-25 17:20 - 2013-08-30 00:43 - 00097568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2012-12-07 17:26 - 2012-12-07 17:26 - 00167424 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
2014-05-27 12:43 - 2014-05-27 12:43 - 00821600 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
2012-01-10 21:12 - 2012-01-10 21:12 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-07-02 20:37 - 2014-07-02 20:38 - 03227648 _____ () C:\Users\Philipp\AppData\Local\Genesis_07021837\Genesis_07021837.exe
2014-01-10 07:26 - 2014-01-10 07:26 - 01861968 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
2014-03-12 22:53 - 2014-03-12 22:53 - 00063376 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
2014-05-27 12:42 - 2014-05-27 12:42 - 00031080 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DbAccess.dll
2014-05-27 12:42 - 2014-05-27 12:42 - 00607376 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\sqlite3.dll
2014-05-27 12:43 - 2014-05-27 12:43 - 00059752 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NAdvLog.dll
2014-05-27 12:42 - 2014-05-27 12:42 - 00036216 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NFileCacheDBAccess.dll
2014-05-27 12:43 - 2014-05-27 12:43 - 00080248 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\ninstallerhelper.dll
2014-05-27 12:44 - 2014-05-27 12:44 - 00129376 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\zlib1.dll
2014-05-27 12:45 - 2014-05-27 12:45 - 00223592 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DevConnMon.dll
2014-07-04 15:52 - 2007-02-14 13:55 - 00165424 _____ () C:\Program Files (x86)\Panda Security\Panda Internet Security 2014\MiniCrypto.dll
2014-07-04 15:52 - 2004-05-19 11:33 - 00507904 _____ () C:\Program Files (x86)\Panda Security\Panda Internet Security 2014\libxml2.dll
2014-07-04 15:52 - 2007-02-14 13:55 - 00099888 _____ () C:\Program Files (x86)\Panda Security\Panda Internet Security 2014\APIcr.dll
2014-01-10 07:28 - 2014-01-10 07:28 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
2014-07-06 21:03 - 2014-06-05 15:58 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\libglesv2.dll
2014-07-06 21:03 - 2014-06-05 15:58 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\libegl.dll
2014-07-06 21:03 - 2014-06-05 15:58 - 04217672 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\pdf.dll
2014-07-06 21:03 - 2014-06-05 15:58 - 00414536 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll
2014-07-06 21:03 - 2014-06-05 15:58 - 01732424 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ffmpegsumo.dll
2014-07-06 21:03 - 2014-06-05 15:58 - 14612296 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PskSvcRetail => ""="Service"

==================== EXE Association (whitelisted) =============


==================== MSCONFIG/TASK MANAGER disabled items =========


==================== Faulty Device Manager Devices =============

Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Unknown Device
Description: Unknown Device
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard-USB-Hostcontroller)
Service: 
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation. 

Name: Ethernet-Controller
Description: Ethernet-Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/09/2014 09:15:53 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (07/09/2014 08:36:35 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (07/07/2014 02:07:15 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/07/2014 02:07:03 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/07/2014 02:06:51 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/07/2014 00:59:43 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: WebProxy.exe, Version: 9.4.0.0, Zeitstempel: 0x51d517b2
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea8e7
Ausnahmecode: 0xc0000264
Fehleroffset: 0x000a2525
ID des fehlerhaften Prozesses: 0x724
Startzeit der fehlerhaften Anwendung: 0xWebProxy.exe0
Pfad der fehlerhaften Anwendung: WebProxy.exe1
Pfad des fehlerhaften Moduls: WebProxy.exe2
Berichtskennung: WebProxy.exe3

Error: (07/04/2014 01:41:31 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: hsswd.exe, Version: 0.0.0.0, Zeitstempel: 0x51087583
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea8e7
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0003332f
ID des fehlerhaften Prozesses: 0x1db8
Startzeit der fehlerhaften Anwendung: 0xhsswd.exe0
Pfad der fehlerhaften Anwendung: hsswd.exe1
Pfad des fehlerhaften Moduls: hsswd.exe2
Berichtskennung: hsswd.exe3

Error: (07/04/2014 01:22:38 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Skype.exe, Version 6.16.0.105 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 16c4

Startzeit: 01cf9715699baafd

Endzeit: 22

Anwendungspfad: C:\Program Files (x86)\Skype\Phone\Skype.exe

Berichts-ID:

Error: (07/02/2014 00:26:31 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: AutoKMS.exe, Version: 2.5.0.0, Zeitstempel: 0x52ea7aea
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18409, Zeitstempel: 0x5315a05a
Ausnahmecode: 0xe0434352
Fehleroffset: 0x000000000000940d
ID des fehlerhaften Prozesses: 0x64c
Startzeit der fehlerhaften Anwendung: 0xAutoKMS.exe0
Pfad der fehlerhaften Anwendung: AutoKMS.exe1
Pfad des fehlerhaften Moduls: AutoKMS.exe2
Berichtskennung: AutoKMS.exe3

Error: (07/02/2014 00:26:28 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: AutoKMS.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.Runtime.InteropServices.COMException
Stapel:
   bei ..(System.String, System.String, ., System.String)
   bei ...ctor()
   bei ..(.)
   bei ..()


System errors:
=============
Error: (07/09/2014 09:15:53 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "BlueStacks Android Service" wurde mit folgendem Fehler beendet: 
%%1064

Error: (07/09/2014 09:14:49 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Panda On-Access Anti-Malware Service" wurde mit folgendem Fehler beendet: 
%%1

Error: (07/09/2014 09:04:53 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.

Error: (07/09/2014 09:04:53 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.

Error: (07/09/2014 09:04:52 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.

Error: (07/09/2014 09:04:51 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.

Error: (07/09/2014 09:04:50 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.

Error: (07/09/2014 08:38:16 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Windows Search" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (07/09/2014 08:38:16 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Windows Search erreicht.

Error: (07/09/2014 08:38:16 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1053WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}


Microsoft Office Sessions:
=========================
Error: (07/09/2014 09:15:53 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (07/09/2014 08:36:35 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (07/07/2014 02:07:15 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Philipp\Downloads\SoftonicDownloader_fuer_malwarebytes-anti-malware.exe

Error: (07/07/2014 02:07:03 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Philipp\Downloads\SoftonicDownloader_fuer_malwarebytes-anti-malware.exe

Error: (07/07/2014 02:06:51 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Philipp\Downloads\SoftonicDownloader_fuer_malwarebytes-anti-malware.exe

Error: (07/07/2014 00:59:43 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: WebProxy.exe9.4.0.051d517b2ntdll.dll6.1.7601.18247521ea8e7c0000264000a252572401cf97c193695f4eC:\PROGRAM FILES (X86)\PANDA SECURITY\PANDA INTERNET SECURITY 2014\WebProxy.exeC:\Windows\SysWOW64\ntdll.dll36ffb85c-0561-11e4-afeb-d0dd6a91861f

Error: (07/04/2014 01:41:31 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: hsswd.exe0.0.0.051087583ntdll.dll6.1.7601.18247521ea8e7c00000050003332f1db801cf9717dff07d00C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exeC:\Windows\SysWOW64\ntdll.dll8f2ede2f-030b-11e4-bbb6-c4963e5d421c

Error: (07/04/2014 01:22:38 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Skype.exe6.16.0.10516c401cf9715699baafd22C:\Program Files (x86)\Skype\Phone\Skype.exe

Error: (07/02/2014 00:26:31 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: AutoKMS.exe2.5.0.052ea7aeaKERNELBASE.dll6.1.7601.184095315a05ae0434352000000000000940d64c01cf957b29daf265C:\Windows\AutoKMS\AutoKMS.exeC:\Windows\system32\KERNELBASE.dllbfbf9cd6-016e-11e4-9c31-e1294b0b781f

Error: (07/02/2014 00:26:28 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: AutoKMS.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.Runtime.InteropServices.COMException
Stapel:
   bei ..(System.String, System.String, ., System.String)
   bei ...ctor()
   bei ..(.)
   bei ..()


==================== Memory info =========================== 

Percentage of memory in use: 44%
Total physical RAM: 3766.71 MB
Available physical RAM: 2101.82 MB
Total Pagefile: 7531.6 MB
Available Pagefile: 5311.89 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:451.66 GB) (Free:358.95 GB) NTFS
Drive e: (MATHWORKS_R2014A) (CDROM) (Total:7.33 GB) (Free:0 GB) CDFS
Drive f: (SYSTEM RESERVED) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 06ED9DA9)
Partition 1: (Not Active) - (Size=14 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=452 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         

Alt 09.07.2014, 22:29   #5
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
Internet Browser öffnet selbststädnig Tabs und neue Fenster mit Werbung - Standard

Internet Browser öffnet selbststädnig Tabs und neue Fenster mit Werbung



Ist Dein Office legal erworben? Ich glaube nicht...

Code:
ATTFilter
2014-06-30 19:09 - 2014-07-01 03:35 - 00000000 ____D () C:\Windows\AutoKMS
2014-06-30 19:08 - 2014-06-30 19:08 - 00000000 ____D () C:\ProgramData\Microsoft Toolkit
         
Unsere Regeln sind Dir bekannt?
http://www.trojaner-board.de/95394-c...-software.html

__________________
Gruß
deeprybka

Lob, Kritik, Wünsche?

Spende fürs trojaner-board?
_______________________________________________
„Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Alt 10.07.2014, 13:19   #6
bauerph
 
Internet Browser öffnet selbststädnig Tabs und neue Fenster mit Werbung - Standard

Internet Browser öffnet selbststädnig Tabs und neue Fenster mit Werbung



Entschuldigung. Ich kenn mich damit nicht so gut aus. Habe das Office von einem Arbeitskollegen empfohlen bekommen. Soll ich es deinstallieren um weitere Hilfe eurerseits zu bekommen?

Alt 10.07.2014, 13:32   #7
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
Internet Browser öffnet selbststädnig Tabs und neue Fenster mit Werbung - Standard

Internet Browser öffnet selbststädnig Tabs und neue Fenster mit Werbung



Ja, grundsätzlich alle Cracks...
__________________
Gruß
deeprybka

Lob, Kritik, Wünsche?

Spende fürs trojaner-board?
_______________________________________________
„Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Alt 10.07.2014, 13:34   #8
bauerph
 
Internet Browser öffnet selbststädnig Tabs und neue Fenster mit Werbung - Standard

Internet Browser öffnet selbststädnig Tabs und neue Fenster mit Werbung



Ok wird erledigt

Alt 10.07.2014, 13:41   #9
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
Internet Browser öffnet selbststädnig Tabs und neue Fenster mit Werbung - Standard

Internet Browser öffnet selbststädnig Tabs und neue Fenster mit Werbung



Gibst dann Bescheid wenn Du fertig bist...
__________________
Gruß
deeprybka

Lob, Kritik, Wünsche?

Spende fürs trojaner-board?
_______________________________________________
„Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Antwort

Themen zu Internet Browser öffnet selbststädnig Tabs und neue Fenster mit Werbung
.dll, 4d36e972-e325-11ce-bfc1-08002be10318, adobe, bluestacks, browser, device driver, excel, explorer, fehler, genesis, google, helper, home, homepage, hotspot, iexplore.exe, internet, mozilla, officejet, onedrive, problem, registry, scan, security, services.exe, software, spotify web helper, svchost.exe, system, temp, vcredist, vonteera, werbung, windows, öffnet



Ähnliche Themen: Internet Browser öffnet selbststädnig Tabs und neue Fenster mit Werbung


  1. Firefox lädt ständig - ununterbrochen neu/Werbung/neue Tabs/neue Fenster
    Log-Analyse und Auswertung - 28.10.2015 (11)
  2. Mozilla Firefox öffnet ständig Werbung und neue Tabs mit Werbung
    Log-Analyse und Auswertung - 21.07.2015 (10)
  3. Internet öffnet immer neue tabs mit Werbung
    Plagegeister aller Art und deren Bekämpfung - 28.12.2014 (19)
  4. Win7 64bit: Firefox neue Tabs mit Werbung, Umleitung von Seitenaurufen, Popup Fenster
    Log-Analyse und Auswertung - 21.11.2014 (10)
  5. Web-Browser Google Chrome öffnet ständig Werbe-Fenster und neue Tabs
    Plagegeister aller Art und deren Bekämpfung - 15.10.2014 (11)
  6. Internet Explorer öffnet immer neue Tabs mit Werbung
    Plagegeister aller Art und deren Bekämpfung - 29.08.2014 (17)
  7. Hijacker-Virus/Trojaner, Firefox öffnet neue Tabs und Fenster
    Log-Analyse und Auswertung - 19.05.2014 (15)
  8. Windows 7 Ultimate: Google Chrome öffnet von alleine neue Fenster mit Werbung oder neue Tabs
    Plagegeister aller Art und deren Bekämpfung - 29.04.2014 (19)
  9. Browser öffnet automatisch neue Tabs
    Plagegeister aller Art und deren Bekämpfung - 29.01.2014 (11)
  10. Chrome öffnet Tabs und manchmal neue Fenster mit Werbung
    Log-Analyse und Auswertung - 17.11.2013 (10)
  11. Browser öffnet neue Fenster mit Werbung und Outlook stürzt ab
    Log-Analyse und Auswertung - 30.07.2012 (35)
  12. Firefox öffnet immer neue Fenster mit jeweils 5 Tabs
    Log-Analyse und Auswertung - 17.09.2011 (16)
  13. Internet-Browser öffnet ständig neue Fenster
    Log-Analyse und Auswertung - 23.08.2011 (23)
  14. Firefox bzw. Internet Explorer öffnet Tabs/Fenster mit Werbung
    Plagegeister aller Art und deren Bekämpfung - 04.08.2011 (13)
  15. Browser öffnet automatisch neue Tabs
    Plagegeister aller Art und deren Bekämpfung - 09.08.2010 (47)
  16. Firefox öffnet neue Tabs mit Werbung
    Log-Analyse und Auswertung - 03.05.2010 (24)
  17. Firefox öffnet ständig neue Fenster mit mehreren Tabs
    Log-Analyse und Auswertung - 03.01.2010 (16)

Zum Thema Internet Browser öffnet selbststädnig Tabs und neue Fenster mit Werbung - Hallo liebes Trojaner-Board-Team. Seit ungefähr einer Woche bombardiert mich mein Browser (Google Chrome) mit nerviger Werbung. Hab schon zwei verschiedene Antivirenprogramme durchlaufen lassen und auch das Programm Malwarebytes. Leider ohne - Internet Browser öffnet selbststädnig Tabs und neue Fenster mit Werbung...
Archiv
Du betrachtest: Internet Browser öffnet selbststädnig Tabs und neue Fenster mit Werbung auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.