| |
| |||||||
Log-Analyse und Auswertung: Unerwünschte, leere Pop-up Fenster erscheinen und Wörter sind unterstrichen und verlinktWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
24.05.2014, 18:13
| #1 |
 |  Unerwünschte, leere Pop-up Fenster erscheinen und Wörter sind unterstrichen und verlinkt Hallo Leute, ich bin mittlerweile relativ selten an meinem PC und habe ihm wenig Beachtung geschenkt. Früher war ich täglich am PC und habe selber viel "rumgebastelt". Ich konnte mir in jeder Situation immer weiterhelfen. Andere fragten mich sogar nach meine Rat bei Problemen. Aber nun ist der knackpunkt gekommen, wo ich nicht wieter weiß. Ich habe früher viele Programme downgeloaded und manche auch wieder gelöscht und bin davon ausgegangen, dass diese nun weg sind... nun ja anscheinend ist dies nicht der Fall. Mein Problem: Es öffnet sich immer wieder ein und die selbe Seite, wenn ich neue Tabs öffne (nicht immer): hxxp://cdn.cloudwm.com/uploads/19/pop/pop.html?url=http%3A%2F%2F20d625b48e.se%2F%3Fplacement%3D400298%26redirect%26test Außerdem sind an meinem Computer immer sehr viele Werbetafeln. Wörter sind unterstrichen und fährt man mit der Maus entlang, dann öffnen sich kleine Fenster. Jetzt ist mir bewusst, dass so etwas nicht normal ist, sondern sogar schädlich. Ich möchte gerne wieder einen "gesunden" PC haben, deswegen bin ich hier. Ich habe, in vorrigen Threads bereits gelesen, dass man ein paar Tools benutzen kann um raus zu finden was zu tun ist. Habe bereits Malwarebytes runtergeladen mit Logfile. FRST mit Logfile, JRT mit Logfile & ComboFix mit Logfile. Vielleicht kann ja einer helfen. Geändert von DJSpeedy (24.05.2014 um 18:18 Uhr) |
|
24.05.2014, 18:20
| #2 | |
| /// TB-Ausbilder   | Unerwünschte, leere Pop-up Fenster erscheinen und Wörter sind unterstrichen und verlinkt Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen. Bitte beachte folgende Hinweise:
Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:  So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
Danke für deine Mitarbeit! Zitat:
Poste mal alle Logdateien, die du hast, dann sehen wir weiter... |
|
24.05.2014, 18:27
| #3 |
| | Unerwünschte, leere Pop-up Fenster erscheinen und Wörter sind unterstrichen und verlinkt zum Thema illegale Tools...
__________________ich habe noch ein paar drauf, die unter anderenm nicht mehr genutzt werden. habe nur nie deinstalliert  sollte es ein problem geben, dann bitte bescheid geben Logfile von Farbar Recovery: FRST Additions Logfile: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23-05-2014
Ran by Lars at 2014-05-24 11:18:12
Running from C:\Users\Lars\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
==================== Installed Programs ======================
µTorrent (HKCU\...\uTorrent) (Version: 3.3.1.30017 - BitTorrent Inc.)
3DMark06 (HKLM-x32\...\{7F3AD00A-1819-4B15-BB7D-08B3586336D7}) (Version: 1.2.1 - Futuremark Corporation)
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.7.0.1530 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.7.0.1530 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Reader X (10.1.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.10 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.5 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.5.9.620 - Adobe Systems, Inc.)
AIO_CDB_ProductContext (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
AIO_CDB_Software (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
AIO_Scan (x32 Version: 130.0.421.000 - Hewlett-Packard) Hidden
Amazon Cloud Player (HKCU\...\Amazon Amazon Cloud Player) (Version: 2.4.0.33 - Amazon Services LLC)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - ATI Technologies Inc.) Hidden
AMD Fuel (Version: 2011.0126.1749.31909 - Ihr Firmenname) Hidden
Apple Application Support (HKLM-x32\...\{D9DAD0FF-495A-472B-9F10-BAE430A26682}) (Version: 3.0.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.14.3.0 - Asmedia Technology)
ATI AVIVO64 Codecs (Version: 11.6.0.10126 - ATI Technologies Inc.) Hidden
ATI Catalyst Install Manager (HKLM\...\{7DE8BAC9-CAF4-FFAD-081A-6D74412E28A6}) (Version: 3.0.812.0 - ATI Technologies, Inc.)
Audio Recorder for Free (HKLM-x32\...\Audio Recorder for Free) (Version: - Audio-Tool.net)
Aureon 5.1 PCI (HKLM\...\C-Media PCI Audio Driver) (Version: - )
Auslogics BoostSpeed (HKLM-x32\...\{7216871F-869E-437C-B9BF-2A13F2DCE63F}_is1) (Version: version 4.4 - Auslogics Software Pty Ltd)
Biet-O-Matic v2.14.12 (HKLM-x32\...\Biet-O-Matic v2.14.12) (Version: 2.14.12 - BOM Development Team)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2011.0126.1749.31909 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2011.0126.1749.31909 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2011.0126.1749.31909 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2011.0126.1748.31909 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2011.0126.1748.31909 - ATI) Hidden
CCC Help Czech (x32 Version: 2011.0126.1748.31909 - ATI) Hidden
CCC Help Danish (x32 Version: 2011.0126.1748.31909 - ATI) Hidden
CCC Help Dutch (x32 Version: 2011.0126.1748.31909 - ATI) Hidden
CCC Help English (x32 Version: 2011.0126.1748.31909 - ATI) Hidden
CCC Help Finnish (x32 Version: 2011.0126.1748.31909 - ATI) Hidden
CCC Help French (x32 Version: 2011.0126.1748.31909 - ATI) Hidden
CCC Help German (x32 Version: 2011.0126.1748.31909 - ATI) Hidden
CCC Help Greek (x32 Version: 2011.0126.1748.31909 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2011.0126.1748.31909 - ATI) Hidden
CCC Help Italian (x32 Version: 2011.0126.1748.31909 - ATI) Hidden
CCC Help Japanese (x32 Version: 2011.0126.1748.31909 - ATI) Hidden
CCC Help Korean (x32 Version: 2011.0126.1748.31909 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2011.0126.1748.31909 - ATI) Hidden
CCC Help Polish (x32 Version: 2011.0126.1748.31909 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2011.0126.1748.31909 - ATI) Hidden
CCC Help Russian (x32 Version: 2011.0126.1748.31909 - ATI) Hidden
CCC Help Spanish (x32 Version: 2011.0126.1748.31909 - ATI) Hidden
CCC Help Swedish (x32 Version: 2011.0126.1748.31909 - ATI) Hidden
CCC Help Thai (x32 Version: 2011.0126.1748.31909 - ATI) Hidden
CCC Help Turkish (x32 Version: 2011.0126.1748.31909 - ATI) Hidden
ccc-core-static (x32 Version: 2011.0126.1749.31909 - Ihr Firmenname) Hidden
ccc-utility64 (Version: 2011.0126.1749.31909 - ATI) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 3.04 - Piriform)
Codec Pack Packages (HKCU\...\Codec Pack Packages) (Version: - ) <==== ATTENTION
Copy (x32 Version: 130.0.428.000 - Hewlett-Packard) Hidden
CPUID CPU-Z 1.61.3 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DC-Bass Source 1.3.0 (HKLM-x32\...\DC-Bass Source) (Version: - )
DENON DJ ASIO Driver (HKLM-x32\...\{E4EC27CD-229E-481E-84F1-7AB83AC479BE}) (Version: 2.2.2 - DENON_DJ)
Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 130.0.465.000 - Hewlett-Packard) Hidden
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.8 - DivX, LLC)
DocProc (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
eMule (HKLM-x32\...\eMule) (Version: - )
EPSON AL-C1600 (HKLM\...\EPSON AL-C1600) (Version: - )
EPU-4 Engine (HKLM-x32\...\{8F66047B-1AF3-40D9-80D7-106E2EDC2C2A}) (Version: 1.03.03 - )
F300 (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
F300_Help (x32 Version: 82.0.242.000 - Hewlett-Packard) Hidden
F300Trb (x32 Version: 82.0.242.000 - Hewlett-Packard) Hidden
Fax (x32 Version: 130.0.418.000 - Hewlett-Packard) Hidden
Fences 2 (HKLM-x32\...\Fences 22.01) (Version: 2.01 - Stardock Corporation)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
GfK Internet-Monitor (HKLM-x32\...\39992AD7-103F-4308-8BB7-3F65F543604D) (Version: 12.6.186 - GfK)
GfK Proxy Service (HKLM-x32\...\NuragoProxyService) (Version: - )
GIMP 2.6.11 (HKLM-x32\...\WinGimp-2.0_is1) (Version: 2.6.11 - The GIMP Team)
GMX ProfiFax (HKLM-x32\...\GMX ProfiFax) (Version: 2.00.236 - 1&1 Mail & Media GmbH)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.114 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HashCheck Shell Extension (x86-32) (HKLM-x32\...\HashCheck Shell Extension) (Version: 2.1.11.1 - Kai Liu)
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP)
HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. B (HKLM\...\{B61ED343-0B14-4241-999C-490CB1A20DA4}) (Version: 13.0 - HP)
HP Smart Web Printing 4.51 (HKLM\...\HP Smart Web Printing) (Version: 4.51 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Update (HKLM-x32\...\{7059BDA7-E1DB-442C-B7A1-6144596720A4}) (Version: 4.000.011.006 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
HPPhotoGadget (x32 Version: 130.0.282.000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabelContent1 (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPPhotosmartEssential (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HydraVision (x32 Version: 4.2.184.0 - ATI Technologies Inc.) Hidden
iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)
iTunes (HKLM\...\{9D20916D-C1E9-4E39-9723-13D200D87C40}) (Version: 11.2.0.114 - Apple Inc.)
Java 7 Update 13 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417013FF}) (Version: 7.0.130 - Oracle)
Java(TM) 6 Update 24 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216024FF}) (Version: 6.0.240 - Oracle)
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
K-Lite Codec Pack (64-bit) v4.5.0 (HKLM\...\KLiteCodecPack64_is1) (Version: 4.5.0 - )
K-Lite Codec Pack 7.0.0 (Full) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 7.0.0 - )
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
League of Legends (HKLM-x32\...\{92606477-9366-4D3B-8AE3-6BE4B29727AB}) (Version: 1.3 - Riot Games)
Logitech GamePanel Software 3.03.133 (HKLM\...\{6CC95B76-D380-46B2-9022-9353938E48BA}) (Version: 3.03.133 - Logitech Inc.)
Logitech GamePanel Software 3.06.109 (HKLM\...\{A1E85B9A-AFAD-4D38-AF01-6B020DD5213A}) (Version: 3.06.109 - Logitech Inc.)
Lumac (HKLM-x32\...\InstallShield_{5DE11949-2B11-4F13-BAD5-1C237122CFDB}) (Version: 1.1.92.0 - Firstload)
Lumac (x32 Version: 1.1.92.0 - Firstload) Hidden
MAGIX Media Manager 2004 silver (HKLM-x32\...\MAGIX Media Manager 2004 silver) (Version: 2.0.7.0 - MAGIX AG)
MAGIX Online Druck Service (HKLM-x32\...\MAGIX Online Druck Service) (Version: - Silverwire Software GmbH)
MAGIX ringtone maker (HKLM-x32\...\MAGIX ringtone maker) (Version: 1.0.0.4 - MAGIX AG)
MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0407-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.0.4035.0328 - Microsoft Corporation)
Microsoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft XML Parser (x32 Version: 8.0.7820.0 - Microsoft Corporation) Hidden
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 25.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 25.0.1 (x86 de)) (Version: 25.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 25.0.1 - Mozilla)
Mp3tag v2.59a (HKLM-x32\...\Mp3tag) (Version: v2.59a - Florian Heidenreich)
MSI Afterburner 2.1.0 (HKLM-x32\...\Afterburner) (Version: 2.1.0 - MSI Co., LTD)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Native Instruments Audio 2 DJ (HKLM-x32\...\Native Instruments Audio 2 DJ) (Version: - Native Instruments)
Native Instruments Audio 2 DJ Driver (HKLM-x32\...\Native Instruments Audio 2 DJ Driver) (Version: - Native Instruments)
Native Instruments Audio 2 DJ Driver (Version: 3.1.0.761 - Native Instruments) Hidden
Native Instruments Audio 4 DJ (HKLM-x32\...\Native Instruments Audio 4 DJ) (Version: - Native Instruments)
Native Instruments Audio 4 DJ Driver (HKLM-x32\...\Native Instruments Audio 4 DJ Driver) (Version: - Native Instruments)
Native Instruments Audio 4 DJ Driver (Version: 3.1.0.761 - Native Instruments) Hidden
Native Instruments Audio 8 DJ (HKLM-x32\...\Native Instruments Audio 8 DJ) (Version: - Native Instruments)
Native Instruments Audio 8 DJ Driver (HKLM-x32\...\Native Instruments Audio 8 DJ Driver) (Version: - Native Instruments)
Native Instruments Audio 8 DJ Driver (Version: 3.1.0.761 - Native Instruments) Hidden
Native Instruments Controller Editor (HKLM-x32\...\Native Instruments Controller Editor) (Version: 1.6.2.1863 - Native Instruments)
Native Instruments Controller Editor (Version: 1.6.2.1863 - Native Instruments) Hidden
Native Instruments Maschine Controller (HKLM-x32\...\Native Instruments Maschine Controller) (Version: - Native Instruments)
Native Instruments Maschine Controller (Version: 3.0.1.648 - Native Instruments) Hidden
Native Instruments Service Center (HKLM-x32\...\Native Instruments Service Center) (Version: - Native Instruments)
Native Instruments Service Center (Version: 2.2.6.676 - Native Instruments) Hidden
Native Instruments Traktor 2 (HKLM-x32\...\Native Instruments Traktor 2) (Version: 2.6.8.382 - Native Instruments)
Native Instruments Traktor 2 (Version: 2.6.8.382 - Native Instruments) Hidden
Native Instruments Traktor Audio 10 (HKLM-x32\...\Native Instruments Traktor Audio 10) (Version: - Native Instruments)
Native Instruments Traktor Audio 10 Driver (HKLM-x32\...\Native Instruments Traktor Audio 10 Driver) (Version: - Native Instruments)
Native Instruments Traktor Audio 10 Driver (Version: 3.1.0.761 - Native Instruments) Hidden
Native Instruments Traktor Audio 2 (HKLM-x32\...\Native Instruments Traktor Audio 2) (Version: - Native Instruments)
Native Instruments Traktor Audio 2 Driver (HKLM-x32\...\Native Instruments Traktor Audio 2 Driver) (Version: - Native Instruments)
Native Instruments Traktor Audio 2 Driver (Version: 3.1.0.761 - Native Instruments) Hidden
Native Instruments Traktor Audio 2 MK2 Driver (HKLM-x32\...\Native Instruments Traktor Audio 2 MK2 Driver) (Version: - Native Instruments)
Native Instruments Traktor Audio 2 MK2 Driver (Version: 3.1.3.804 - Native Instruments) Hidden
Native Instruments Traktor Audio 6 (HKLM-x32\...\Native Instruments Traktor Audio 6) (Version: - Native Instruments)
Native Instruments Traktor Audio 6 Driver (HKLM-x32\...\Native Instruments Traktor Audio 6 Driver) (Version: - Native Instruments)
Native Instruments Traktor Audio 6 Driver (Version: 3.1.0.761 - Native Instruments) Hidden
Native Instruments Traktor Kontrol F1 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol F1 Driver) (Version: - Native Instruments)
Native Instruments Traktor Kontrol F1 Driver (Version: 3.0.2.664 - Native Instruments) Hidden
Native Instruments Traktor Kontrol S2 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol S2 Driver) (Version: - Native Instruments)
Native Instruments Traktor Kontrol S2 Driver (Version: 3.1.0.761 - Native Instruments) Hidden
Native Instruments Traktor Kontrol S2 MK2 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol S2 MK2 Driver) (Version: - Native Instruments)
Native Instruments Traktor Kontrol S2 MK2 Driver (Version: 3.1.2.795 - Native Instruments) Hidden
Native Instruments Traktor Kontrol S4 (HKLM-x32\...\Native Instruments Traktor Kontrol S4) (Version: - Native Instruments)
Native Instruments Traktor Kontrol S4 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol S4 Driver) (Version: - Native Instruments)
Native Instruments Traktor Kontrol S4 Driver (Version: 3.1.0.761 - Native Instruments) Hidden
Native Instruments Traktor Kontrol S4 MK2 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol S4 MK2 Driver) (Version: - Native Instruments)
Native Instruments Traktor Kontrol S4 MK2 Driver (Version: 3.1.2.795 - Native Instruments) Hidden
Native Instruments Traktor Kontrol X1 (HKLM-x32\...\Native Instruments Traktor Kontrol X1) (Version: - Native Instruments)
Native Instruments Traktor Kontrol X1 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol X1 Driver) (Version: - Native Instruments)
Native Instruments Traktor Kontrol X1 Driver (Version: 3.0.1.648 - Native Instruments) Hidden
Native Instruments Traktor Kontrol X1 MK2 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol X1 MK2 Driver) (Version: - Native Instruments)
Native Instruments Traktor Kontrol X1 MK2 Driver (Version: 3.1.1.780 - Native Instruments) Hidden
Native Instruments Traktor Kontrol Z1 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol Z1 Driver) (Version: - Native Instruments)
Native Instruments Traktor Kontrol Z1 Driver (Version: 3.1.1.780 - Native Instruments) Hidden
Native Instruments Traktor Kontrol Z2 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol Z2 Driver) (Version: - Native Instruments)
Native Instruments Traktor Kontrol Z2 Driver (Version: 3.1.0.761 - Native Instruments) Hidden
Nero 8 (HKLM-x32\...\{9EDBB857-8028-49CD-B9C9-0B4D10CD1031}) (Version: 8.10.290 - Nero AG)
neroxml (x32 Version: 1.0.0 - Nero AG) Hidden
Network64 (Version: 130.0.572.000 - Hewlett-Packard) Hidden
Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden
Notepad++ (HKLM-x32\...\Notepad++) (Version: 5.6.8 - )
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
OpenSource Flash Video Splitter 1.0.0.5 (HKLM-x32\...\OpenSource Flash Video Splitter) (Version: 1.0.0.5 - )
Opticon USB Drivers Installer (HKLM-x32\...\Opticon USB Installer) (Version: - )
Panel Client 3.2 (HKLM-x32\...\Panel Client_is1) (Version: - GfK Panel Services Deutschland GmbH)
Photo Gallery (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Pidgin (HKLM-x32\...\Pidgin) (Version: 2.10.9 - )
Platform (x32 Version: 1.39 - VIA Technologies, Inc.) Hidden
PowerISO (HKLM-x32\...\PowerISO) (Version: - )
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Razer Game Booster (HKLM-x32\...\Razer Game Booster_is1) (Version: 4.2.45.0 - Razer Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.52.203.2012 - Realtek)
Remote Mouse version 2.54 (HKLM-x32\...\{01E4BC6D-3ACC-45E1-8928-C2FF626F63F3}_is1) (Version: 2.54 - Remote Mouse)
Remote Panel Program (HKLM-x32\...\{13AA13C1-E4B9-4048-B4A6-9C9B86D44F57}) (Version: - )
RocketDock 1.3.5 (HKLM-x32\...\RocketDock_is1) (Version: - Punk Software)
Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
SmartWebPrinting (x32 Version: 130.0.457.000 - Hewlett-Packard) Hidden
SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
SpeedCommander 13 (x64) (HKLM\...\SpeedCommander 13 (x64)) (Version: 13.40.6300 - SWE Sven Ritter)
Status (x32 Version: 130.0.469.000 - Hewlett-Packard) Hidden
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.27614 - TeamViewer)
TECHNO4EVER Player 1.1.3 (HKLM-x32\...\{9AF19FCD-2362-493D-A127-C47BB284A636}) (Version: 1.1.3 - TECHNO4EVER Radio- und Mediengesellschaft mbH)
TERA (HKLM-x32\...\{A2F166A0-F031-4E27-A057-C69733219434}_is1) (Version: 7 - Gameforge Productions GmbH)
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 130.0.422.000 - Hewlett-Packard) Hidden
UnloadSupport (x32 Version: 11.0.0 - Hewlett-Packard) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{EA54F104-79D2-48CC-9ABC-91A63C43D353}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2880505) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{2720451F-5D04-43EC-AB1F-26D948FD971B}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VIA Plattform-Geräte-Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.39 - VIA Technologies, Inc.)
Vista Game Explorer Editor (HKLM-x32\...\VGEE) (Version: Beta 2.14a - Ryan Richter)
Visual C++ 9.0 CRT (x86) WinSXS MSM (x32 Version: 9.0 - Microsoft Corporation) Hidden
VLC media player 2.1.4 (HKLM\...\VLC media player) (Version: 2.1.4 - VideoLAN)
Warcraft III (HKLM-x32\...\Warcraft III) (Version: - Blizzard Entertainment)
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
Windows Cleaner (HKLM-x32\...\Vtools_WindowsCleaner_is1) (Version: 1.0.0 - Vtools)
Windows Live Communications Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Family Safety (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
winKeyLock version 1.0.1.3 (HKLM-x32\...\winKeyLock_is1) (Version: 1.0.1 - winKeyLock)
WinRAR 4.00 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.00.0 - win.rar GmbH)
WMV9/VC-1 Video Playback (Version: 1.00.0000 - ATI Technologies Inc.) Hidden
Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.2) (Version: 1.3.2 - Xvid Team)
==================== Restore Points =========================
24-05-2014 08:27:27 Windows Update
==================== Hosts content: ==========================
2009-07-14 04:34 - 2014-03-22 18:04 - 00000994 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {1B2905D8-9584-4CD3-AB59-90BF090161E7} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-16] (Adobe Systems Incorporated)
Task: {24B654B2-B7EA-45CB-9CF7-95ACD67C5C7D} - System32\Tasks\Amazon Music Helper => C:\Users\Lars\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe [2014-05-08] ()
Task: {3370000F-E1FF-4575-A340-672AE206A346} - System32\Tasks\ASUS\ASUS SIX Engine => C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe [2012-01-03] (ASUSTek Computer Inc.)
Task: {3AF57CFF-0CF4-4755-BF98-509EC78AC5C8} - \DigitalSite No Task File <==== ATTENTION
Task: {3FB27DB5-FE54-4244-A9CB-9027EF2FF08C} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2013-11-20] (Apple Inc.)
Task: {54EDCEFE-8B33-42F8-9464-EEAD4AAE47B2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-07] (Google Inc.)
Task: {6E3A13BA-8055-4948-94A4-C385C5873545} - \bench-sys No Task File <==== ATTENTION
Task: {812530AD-22BA-4413-AFF6-517EC59FC1C2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-07] (Google Inc.)
Task: {A1D60D55-A6B8-401B-BC05-2938E02DF2F2} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => d:\program files\windows defender\MpCmdRun.exe
Task: {A3AE5A93-2948-485B-A93D-82B057BF782B} - \BitGuard No Task File <==== ATTENTION
Task: {B29A0C2F-3D50-434C-AC1C-80205D088FD1} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {C4E8B14A-4159-4C58-BDAD-281DBBFC97E8} - System32\Tasks\Microsoft\Windows Defender\MpIdleTask => d:\program files\windows defender\MpCmdRun.exe
Task: {CE2A5F4A-6D53-4AA9-B75E-33053699DC04} - System32\Tasks\Razer_Game_Booster_AutoUpdate => C:\Program Files (x86)\Razer\Razer Game Booster\AutoUpdate.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2013-02-07 14:55 - 2011-03-02 13:40 - 00164864 _____ () C:\Program Files\WinRAR\rarext.dll
2014-03-03 21:50 - 2014-02-20 18:25 - 03293672 _____ () C:\Program Files (x86)\GfK Internet-Monitor\GfK-Reporting.exe
2014-03-03 21:50 - 2014-02-20 18:25 - 01356264 _____ () C:\Program Files (x86)\GfK Internet-Monitor\GfK-Updater.exe
2013-12-13 10:11 - 2014-05-08 19:26 - 03145536 _____ () C:\Users\Lars\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
2013-02-07 15:09 - 2011-12-06 03:58 - 00078448 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\QsApoApi64.dll
2013-02-07 15:09 - 2011-12-06 03:58 - 00386160 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\Dts2ApoApi64.dll
2014-01-29 18:05 - 2014-01-29 18:05 - 00402872 _____ () C:\Program Files (x86)\Universal Updater\UpdaterService.exe
2011-01-26 19:00 - 2011-01-26 19:00 - 00079872 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Services.dll
2004-03-22 00:37 - 2004-03-22 00:37 - 00744448 _____ () C:\Program Files (x86)\winKeyLock\winKeyLock.exe
2013-02-07 15:10 - 2009-01-15 15:55 - 00565248 _____ () C:\Program Files (x86)\ASUS\EPU-4 Engine\pngio.dll
2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-01-20 14:16 - 2014-01-20 14:16 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-03-28 11:32 - 2012-11-08 13:19 - 00474360 _____ () C:\Program Files (x86)\GfK Internet-Monitor\UpdateHelper.dll
2013-02-08 01:00 - 2007-05-28 23:13 - 00145920 _____ () C:\Program Files (x86)\Auslogics\Auslogics BoostSpeed\madBasic_.bpl
2013-02-08 01:00 - 2007-05-28 23:13 - 00316928 _____ () C:\Program Files (x86)\Auslogics\Auslogics BoostSpeed\madExcept_.bpl
2013-02-08 01:00 - 2007-05-28 23:13 - 00041984 _____ () C:\Program Files (x86)\Auslogics\Auslogics BoostSpeed\madDisAsm_.bpl
2013-02-08 01:00 - 2008-04-08 05:11 - 00053248 _____ () C:\Program Files (x86)\Auslogics\Auslogics BoostSpeed\armaccess.dll
2013-09-14 01:51 - 2013-09-14 01:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\zlib1.dll
2013-09-14 01:50 - 2013-09-14 01:50 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\libxml2.dll
2014-01-05 21:57 - 2013-11-19 22:34 - 00152576 _____ () C:\Program Files (x86)\Remote Mouse\FileS.dll
2014-02-08 12:00 - 2012-11-20 17:13 - 00264192 _____ () C:\Program Files (x86)\Razer\Razer Game Booster\D3DX8Wrapper.dll
2014-02-08 12:00 - 2013-11-12 10:57 - 00098304 _____ () C:\Program Files (x86)\Razer\Razer Game Booster\EasyHook32.dll
2014-05-24 10:21 - 2014-05-14 01:40 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\libglesv2.dll
2014-05-24 10:21 - 2014-05-14 01:40 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\libegl.dll
2014-05-24 10:21 - 2014-05-14 01:40 - 04217672 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\pdf.dll
2014-05-24 10:21 - 2014-05-14 01:40 - 00414536 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ppGoogleNaClPluginChrome.dll
2014-05-24 10:21 - 2014-05-14 01:40 - 01732424 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ffmpegsumo.dll
2014-05-08 09:40 - 2014-02-20 17:32 - 00256512 _____ () C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekfcceehmjiicgpkeblpbcpglgdklklh\13.4.568_0\plugin\npgacela_private.dll
2014-05-08 09:40 - 2014-02-20 17:32 - 00261608 _____ () C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekfcceehmjiicgpkeblpbcpglgdklklh\13.4.568_0\plugin\npgacela.dll
2014-05-24 10:21 - 2014-05-14 01:40 - 13695816 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\PepperFlash\pepflashplayer.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\Windows\system32\Drivers\nglfsegm.sys:changelist
AlternateDataStreams: C:\Windows\system32\Drivers\qqczqvzb.sys:changelist
AlternateDataStreams: C:\Windows\system32\Drivers\xrehzkvs.sys:changelist
AlternateDataStreams: C:\ProgramData\TEMP:373E1720
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"
==================== EXE Association (whitelisted) =============
==================== Disabled items from MSCONFIG ==============
==================== Faulty Device Manager Devices =============
Name: Logitech GamePanel-Geräte (QVGA)
Description: Logitech GamePanel-Geräte (QVGA)
Class Guid: {997b5d8d-c442-4f2e-baf3-9c8e671e9e21}
Manufacturer: Logitech Inc
Service: WUDFRd
Problem: : Windows cannot initialize the device driver for this hardware. (Code 37)
Resolution: The driver returned failure from its DriverEntry routine. Uninstall the driver, and then click "Scan for hardware changes" to reinstall or upgrade the driver.
Name: Logitech GamePanel-Geräte (Mono)
Description: Logitech GamePanel-Geräte (Mono)
Class Guid: {997b5d8d-c442-4f2e-baf3-9c8e671e9e21}
Manufacturer: Logitech Inc
Service: WUDFRd
Problem: : Windows cannot initialize the device driver for this hardware. (Code 37)
Resolution: The driver returned failure from its DriverEntry routine. Uninstall the driver, and then click "Scan for hardware changes" to reinstall or upgrade the driver.
Name: Microsoft-ISATAP-Adapter
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (05/24/2014 10:18:03 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/24/2014 10:08:33 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/24/2014 10:04:55 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: taskeng.exe, Version: 6.1.7601.17514, Zeitstempel: 0x4ce79d2c
Name des fehlerhaften Moduls: msvcrt.dll, Version: 7.0.7601.17744, Zeitstempel: 0x4eeb033f
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000027de
ID des fehlerhaften Prozesses: 0x7e4
Startzeit der fehlerhaften Anwendung: 0xtaskeng.exe0
Pfad der fehlerhaften Anwendung: taskeng.exe1
Pfad des fehlerhaften Moduls: taskeng.exe2
Berichtskennung: taskeng.exe3
Error: (05/24/2014 09:59:58 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/24/2014 09:58:05 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: taskeng.exe, Version: 6.1.7601.17514, Zeitstempel: 0x4ce79d2c
Name des fehlerhaften Moduls: msvcrt.dll, Version: 7.0.7601.17744, Zeitstempel: 0x4eeb033f
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000027de
ID des fehlerhaften Prozesses: 0xa04
Startzeit der fehlerhaften Anwendung: 0xtaskeng.exe0
Pfad der fehlerhaften Anwendung: taskeng.exe1
Pfad des fehlerhaften Moduls: taskeng.exe2
Berichtskennung: taskeng.exe3
Error: (05/22/2014 01:47:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: taskeng.exe, Version: 6.1.7601.17514, Zeitstempel: 0x4ce79d2c
Name des fehlerhaften Moduls: msvcrt.dll, Version: 7.0.7601.17744, Zeitstempel: 0x4eeb033f
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000027de
ID des fehlerhaften Prozesses: 0x1a98
Startzeit der fehlerhaften Anwendung: 0xtaskeng.exe0
Pfad der fehlerhaften Anwendung: taskeng.exe1
Pfad des fehlerhaften Moduls: taskeng.exe2
Berichtskennung: taskeng.exe3
Error: (05/22/2014 09:47:00 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: taskeng.exe, Version: 6.1.7601.17514, Zeitstempel: 0x4ce79d2c
Name des fehlerhaften Moduls: msvcrt.dll, Version: 7.0.7601.17744, Zeitstempel: 0x4eeb033f
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000027de
ID des fehlerhaften Prozesses: 0xe50
Startzeit der fehlerhaften Anwendung: 0xtaskeng.exe0
Pfad der fehlerhaften Anwendung: taskeng.exe1
Pfad des fehlerhaften Moduls: taskeng.exe2
Berichtskennung: taskeng.exe3
Error: (05/22/2014 05:47:00 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: taskeng.exe, Version: 6.1.7601.17514, Zeitstempel: 0x4ce79d2c
Name des fehlerhaften Moduls: msvcrt.dll, Version: 7.0.7601.17744, Zeitstempel: 0x4eeb033f
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000027de
ID des fehlerhaften Prozesses: 0xfd0
Startzeit der fehlerhaften Anwendung: 0xtaskeng.exe0
Pfad der fehlerhaften Anwendung: taskeng.exe1
Pfad des fehlerhaften Moduls: taskeng.exe2
Berichtskennung: taskeng.exe3
Error: (05/22/2014 01:47:00 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: taskeng.exe, Version: 6.1.7601.17514, Zeitstempel: 0x4ce79d2c
Name des fehlerhaften Moduls: msvcrt.dll, Version: 7.0.7601.17744, Zeitstempel: 0x4eeb033f
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000027de
ID des fehlerhaften Prozesses: 0x1738
Startzeit der fehlerhaften Anwendung: 0xtaskeng.exe0
Pfad der fehlerhaften Anwendung: taskeng.exe1
Pfad des fehlerhaften Moduls: taskeng.exe2
Berichtskennung: taskeng.exe3
Error: (05/21/2014 09:47:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: taskeng.exe, Version: 6.1.7601.17514, Zeitstempel: 0x4ce79d2c
Name des fehlerhaften Moduls: msvcrt.dll, Version: 7.0.7601.17744, Zeitstempel: 0x4eeb033f
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000027de
ID des fehlerhaften Prozesses: 0x1790
Startzeit der fehlerhaften Anwendung: 0xtaskeng.exe0
Pfad der fehlerhaften Anwendung: taskeng.exe1
Pfad des fehlerhaften Moduls: taskeng.exe2
Berichtskennung: taskeng.exe3
System errors:
=============
Error: (05/24/2014 10:16:32 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "GfKLSPService" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (05/24/2014 10:16:32 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst GfKLSPService erreicht.
Error: (05/24/2014 10:15:25 AM) (Source: volmgr) (EventID: 46) (User: )
Description: Die Initialisierung des Speicherabbildes ist fehlgeschlagen.
Error: (05/24/2014 10:05:10 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "GfKLSPService" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (05/24/2014 10:05:10 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst GfKLSPService erreicht.
Error: (05/24/2014 10:04:25 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 24.05.2014 um 10:02:45 unerwartet heruntergefahren.
Error: (05/24/2014 10:03:11 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {3EB3C877-1F16-487C-9050-104DBCD66683}
Error: (05/24/2014 09:58:16 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "GfKLSPService" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (05/24/2014 09:58:16 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst GfKLSPService erreicht.
Error: (05/22/2014 03:50:02 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {3EB3C877-1F16-487C-9050-104DBCD66683}
Microsoft Office Sessions:
=========================
CodeIntegrity Errors:
===================================
Date: 2013-03-02 17:26:16.370
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\cmudax3.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-03-02 17:26:16.338
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\cmudax3.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Memory info ===========================
Percentage of memory in use: 21%
Total physical RAM: 16366.12 MB
Available physical RAM: 12807.04 MB
Total Pagefile: 32730.41 MB
Available Pagefile: 28598.96 MB
Total Virtual: 8192 MB
Available Virtual: 8191.79 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:931.41 GB) (Free:62.82 GB) NTFS
Drive e: () (Fixed) (Total:372.6 GB) (Free:38.19 GB) NTFS
Drive g: () (Fixed) (Total:1397.26 GB) (Free:759.88 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: ED9E570F)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (Size: 373 GB) (Disk ID: 1E521E51)
Partition 1: (Active) - (Size=373 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (Size: 1397 GB) (Disk ID: 6B26A4FC)
Partition 1: (Not Active) - (Size=-698723990528) - (Type=07 NTFS)
==================== End Of Log ============================
Logfile von FRST: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 23-05-2014 Ran by Lars (administrator) on LARS-PC on 24-05-2014 11:17:42 Running from C:\Users\Lars\Downloads Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: German Standard Internet Explorer Version 10 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe (Advanced Micro Devices) C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe (Logitech Inc.) C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler.exe (Logitech Inc.) C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe () C:\Program Files (x86)\GfK Internet-Monitor\GfK-Reporting.exe () C:\Program Files (x86)\GfK Internet-Monitor\GfK-Updater.exe (Auslogics) C:\Program Files (x86)\Auslogics\Auslogics BoostSpeed\BoostSpeed.exe (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe (Nero AG) C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe (Nero AG) C:\Program Files (x86)\Common Files\Nero\Lib\NMBgMonitor.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler64.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe () C:\Users\Lars\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe (RemoteMouse.net) C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe (Microsoft Corporation) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe (Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe (PowerISO Computing, Inc.) C:\Program Files (x86)\PowerISO\PWRISOVM.EXE (Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe (Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe (Razer Inc.) C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe () C:\Program Files (x86)\Universal Updater\UpdaterService.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe (VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Nero AG) C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe (Nero AG) C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe (Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe (Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe (Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (GfK) C:\Program Files (x86)\GfK Internet-Monitor\Chrome Extension\GfK-Chrome-Helper.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Razer Inc.) C:\Program Files (x86)\Razer\Razer Game Booster\main.exe () C:\Program Files (x86)\winKeyLock\winKeyLock.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation) HKLM\...\Run: [Launch LgDeviceAgent] => C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe [415816 2010-08-03] (Logitech Inc.) HKLM\...\Run: [Launch LCDMon] => C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe [2412616 2010-08-03] (Logitech Inc.) HKLM\...\Run: [Launch LGDCore] => C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe [4725320 2010-08-03] (Logitech Inc.) HKLM\...\Run: [CmPCIaudio] => C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\cmicnfg3.cpl,CMICtrlWnd HKLM\...\Run: [Fences] => C:\Program Files (x86)\Stardock\Fences\Fences.exe [4017368 2012-10-29] (Stardock Corporation) HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5015040 2012-02-09] (VIA) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-01-26] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated) HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.) HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54840 2007-05-08] (Hewlett-Packard) HKLM-x32\...\Run: [hpqSRMon] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard) HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [180224 2009-03-15] (PowerISO Computing, Inc.) HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.) HKLM-x32\...\Run: [TvApp] => "C:\Program Files (x86)\TvApp\TvApp.exe" nogui HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-05-14] (Apple Inc.) HKLM-x32\...\Runonce: [RemoveLSP] - cmd.exe /C rmdir /S /Q "C:\Program Files (x86)\GfKLSPService" [X] HKU\.DEFAULT\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1 HKU\.DEFAULT\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1 HKU\.DEFAULT\...\Policies\Explorer: [NoResolveSearch] 1 HKU\.DEFAULT\...\Policies\Explorer: [NoInternetOpenWith] 1 HKU\S-1-5-21-1005217006-152471606-131910131-1000\...\Run: [Auslogics BoostSpeed 4] => C:\Program Files (x86)\Auslogics\Auslogics BoostSpeed\boostspeed.exe [362096 2009-03-16] (Auslogics) HKU\S-1-5-21-1005217006-152471606-131910131-1000\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files (x86)\Common Files\Nero\Lib\NMBgMonitor.exe [202024 2007-10-23] (Nero AG) HKU\S-1-5-21-1005217006-152471606-131910131-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-11-20] (Apple Inc.) HKU\S-1-5-21-1005217006-152471606-131910131-1000\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-11-20] (Apple Inc.) HKU\S-1-5-21-1005217006-152471606-131910131-1000\...\Run: [Amazon Cloud Player] => C:\Users\Lars\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe [3145536 2014-05-08] () HKU\S-1-5-21-1005217006-152471606-131910131-1000\...\Run: [Remote Mouse] => C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe [1200640 2014-03-30] (RemoteMouse.net) HKU\S-1-5-21-1005217006-152471606-131910131-1000\...\Run: [msnmsgr] => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [4272840 2014-03-31] (Microsoft Corporation) HKU\S-1-5-21-1005217006-152471606-131910131-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20922016 2014-02-10] (Skype Technologies S.A.) HKU\S-1-5-21-1005217006-152471606-131910131-1000\...\Policies\Explorer: [NoInternetOpenWith] 1 HKU\S-1-5-21-1005217006-152471606-131910131-1000\...\Policies\Explorer: [RestrictRun] 0 Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.) Startup: C:\Users\Lars\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Fences.lnk ShortcutTarget: Fences.lnk -> C:\Program Files (x86)\Stardock\Fences\Fences.exe (Stardock Corporation) GroupPolicy: Group Policy on Chrome detected <======= ATTENTION ==================== Internet (Whitelisted) ==================== SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = SearchScopes: HKLM - {758B870D-DF78-4A6A-9955-DEDDCACF94DC} URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage} SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage} SearchScopes: HKCU - {41F23684-D0B3-4D6C-AC19-5D82E79E82CD} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=744028&p={searchTerms} SearchScopes: HKCU - {758B870D-DF78-4A6A-9955-DEDDCACF94DC} URL = BHO: GfK Internet-Monitor - {4BEEA052-726D-4A6E-B65D-A6BD07C263F3} - C:\Program Files (x86)\GfK Internet-Monitor\x64\Gacela2.dll (GfK) BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.) BHO-x32: GfK Internet-Monitor - {4BEEA052-726D-4A6E-B65D-A6BD07C263F3} - C:\Program Files (x86)\GfK Internet-Monitor\Gacela2.dll (GfK) BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.) BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.) Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 FireFox: ======== FF ProfilePath: C:\Users\Lars\AppData\Roaming\Mozilla\Firefox\Profiles\1ipdivd3.default FF Homepage: hxxp://search.easylifeapp.com/?zy=k FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll () FF Plugin: @java.com/DTPlugin,version=10.13.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.13.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=2.1.1 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.3 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.4 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll () FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll No File FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll No File FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKCU: @phonostar.de/phonostar-Player - C:\Program Files (x86)\phonostar-Player\npphonostarDetectNP.dll No File FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll (Sun Microsystems, Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.) FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml FF Extension: SNT - C:\Users\Lars\AppData\Roaming\Mozilla\Firefox\Profiles\1ipdivd3.default\Extensions\b3bawn@iao-ee.co.uk [2014-05-24] FF Extension: HD Streamer - C:\Users\Lars\AppData\Roaming\Mozilla\Firefox\Profiles\1ipdivd3.default\Extensions\hd_streamer@iMedia [2014-05-24] FF Extension: greatsaver - C:\Users\Lars\AppData\Roaming\Mozilla\Firefox\Profiles\1ipdivd3.default\Extensions\rfpgtz@oosjo.com [2014-05-24] FF Extension: LastPass - C:\Users\Lars\AppData\Roaming\Mozilla\Firefox\Profiles\1ipdivd3.default\Extensions\support@lastpass.com [2013-04-26] FF Extension: YoutubeAdblocker - C:\Users\Lars\AppData\Roaming\Mozilla\Firefox\Profiles\1ipdivd3.default\Extensions\y8tzhoay@obxgpp.co.uk [2014-05-24] FF Extension: Flashblock - C:\Users\Lars\AppData\Roaming\Mozilla\Firefox\Profiles\1ipdivd3.default\Extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a} [2013-11-16] FF Extension: Personas Plus - C:\Users\Lars\AppData\Roaming\Mozilla\Firefox\Profiles\1ipdivd3.default\Extensions\personas@christopher.beard.xpi [2013-02-08] FF Extension: Address Bar Search - C:\Users\Lars\AppData\Roaming\Mozilla\Firefox\Profiles\1ipdivd3.default\Extensions\{badea1ae-72ed-4f6a-8c37-4db9a4ac7bc9}.xpi [2013-10-25] FF Extension: Adblock Plus - C:\Users\Lars\AppData\Roaming\Mozilla\Firefox\Profiles\1ipdivd3.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-10-26] FF Extension: Download Statusbar - C:\Users\Lars\AppData\Roaming\Mozilla\Firefox\Profiles\1ipdivd3.default\Extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}.xpi [2013-02-08] FF Extension: Tab Mix Plus - C:\Users\Lars\AppData\Roaming\Mozilla\Firefox\Profiles\1ipdivd3.default\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2013-09-21] FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013-02-25] FF HKLM-x32\...\Firefox\Extensions: [gacela2@nurago.com] - C:\Program Files (x86)\GfK Internet-Monitor FF Extension: GfK Internet-Monitor - C:\Program Files (x86)\GfK Internet-Monitor [2013-03-28] FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013-02-25] Chrome: ======= CHR HomePage: hxxp://websearch.searchsunmy.info/?pid=377&r=2013/12/25&hid=1764838136908533383&lg=EN&cc=DE&unqvl=45 CHR StartupUrls: "", "hxxp://www.delta-homes.com/?utm_source=b&utm_medium=wpm0226&utm_campaign=installer&utm_content=hp&from=wpm0226&uid=ST1000DM005XHD103SJ_S246J9EC419309&ts=1393433864" CHR Extension: (GfK Internet-Monitor) - C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekfcceehmjiicgpkeblpbcpglgdklklh [2014-05-08] CHR Extension: (AdBlock) - C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-12-13] CHR Extension: (Google Wallet) - C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-02] CHR Extension: (HD Streamer) - C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\Extensions\oleglodmkonbpfmlffapjfednjopbeeh [2014-04-29] CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ==================== Services (Whitelisted) ================= R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [354304 2011-01-26] (Advanced Micro Devices, Inc.) R2 AMD Reservation Manager; C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe [194496 2010-06-17] (Advanced Micro Devices) R2 GfK-Reporting-Service; C:\Program Files (x86)\GfK Internet-Monitor\GfK-Reporting.exe [3293672 2014-02-20] () R2 GfK-Update-Service; C:\Program Files (x86)\GfK Internet-Monitor\GfK-Updater.exe [1356264 2014-02-20] () R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation) R2 Nero BackItUp Scheduler 3; C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe [853288 2007-09-20] (Nero AG) R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation) R3 NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [382248 2007-10-23] (Nero AG) R2 RzKLService; C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe [105448 2014-02-25] (Razer Inc.) R2 UniversalUpdater; C:\Program Files (x86)\Universal Updater\UpdaterService.exe [402872 2014-01-29] () R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27760 2011-11-11] (VIA Technologies, Inc.) ==================== Drivers (Whitelisted) ==================== R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-23] () S3 CM1063264; C:\Windows\System32\drivers\CM10664.sys [984064 2007-04-13] (C-Media Inc) R3 cmuda3; C:\Windows\System32\drivers\cmudax3.sys [828416 2007-04-12] (C-Media Inc) R3 LGPBTDD; C:\Windows\System32\Drivers\LGPBTDD.sys [30728 2009-07-01] (Logitech Inc.) R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation) R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-17] () R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation) R1 wStLib64; C:\Windows\System32\drivers\wStLib64.sys [61112 2014-03-20] (StdLib) S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [X] S3 MSICDSetup; \??\D:\CDriver64.sys [X] U4 SR; S3 VGPU; System32\drivers\rdvgkmd.sys [X] S3 WinRing0_1_2_0; \??\C:\Program Files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys [X] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-05-24 11:17 - 2014-05-24 11:17 - 00023568 _____ () C:\Users\Lars\Downloads\FRST.txt 2014-05-24 11:15 - 2014-05-24 11:17 - 00000000 ____D () C:\FRST 2014-05-24 11:14 - 2014-05-24 11:15 - 02067456 _____ (Farbar) C:\Users\Lars\Downloads\FRST64.exe 2014-05-24 10:21 - 2014-05-24 10:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2014-05-24 10:15 - 2014-05-24 10:15 - 00004284 _____ () C:\Windows\PFRO.log 2014-05-24 09:57 - 2014-05-24 10:15 - 00000168 _____ () C:\Windows\setupact.log 2014-05-24 09:57 - 2014-05-24 09:57 - 00000000 _____ () C:\Windows\setuperr.log 2014-05-20 17:59 - 2014-05-20 18:00 - 00000000 ____D () C:\Program Files (x86)\winKeyLock 2014-05-20 17:59 - 2014-05-20 17:59 - 00000963 _____ () C:\Users\Lars\Desktop\winKeyLock.lnk 2014-05-20 17:59 - 2014-05-20 17:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\winKeyLock 2014-05-20 17:58 - 2014-05-20 17:58 - 00645904 _____ (winKeyLock ) C:\Users\Lars\Downloads\InstallWinKeyLock1.0.1.exe 2014-05-20 10:57 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll 2014-05-20 10:56 - 2014-05-24 10:13 - 00000000 ____D () C:\AdwCleaner 2014-05-20 10:52 - 2014-05-20 10:52 - 00961360 _____ (Chip Digital GmbH) C:\Users\Lars\Desktop\AdwCleaner.exe 2014-05-20 09:02 - 2014-05-20 09:04 - 00000000 ____D () C:\Users\Lars\Desktop\Vertrag VF Oli Kamera 2014-05-20 08:48 - 2014-05-24 09:56 - 00000668 _____ () C:\aaw7boot.log 2014-05-16 09:06 - 2014-05-16 09:07 - 00000000 ____D () C:\Users\Lars\Downloads\__MACOSX 2014-05-16 09:06 - 2014-05-16 09:06 - 00000000 ____D () C:\Users\Lars\Downloads\FATSUMO_PROMO 2014-05-16 08:13 - 2014-05-16 08:13 - 00000000 ___SD () C:\Windows\system32\CompatTel 2014-05-16 08:12 - 2014-05-16 08:12 - 00001783 _____ () C:\Users\Public\Desktop\iTunes.lnk 2014-05-16 08:12 - 2014-05-16 08:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2014-05-16 08:11 - 2014-05-16 08:12 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2014-05-16 08:11 - 2014-05-16 08:12 - 00000000 ____D () C:\Program Files\iTunes 2014-05-16 08:11 - 2014-05-16 08:12 - 00000000 ____D () C:\Program Files (x86)\iTunes 2014-05-16 08:11 - 2014-05-16 08:11 - 00000000 ____D () C:\Program Files\iPod 2014-05-16 07:51 - 2014-05-06 07:14 - 19274752 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-05-16 07:51 - 2014-05-06 07:14 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-05-16 07:51 - 2014-05-06 05:48 - 14367232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-05-16 07:51 - 2014-05-06 05:48 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-05-16 07:51 - 2014-05-06 05:37 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-05-16 07:51 - 2014-05-06 05:26 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-05-16 07:46 - 2014-05-09 08:14 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-05-16 07:46 - 2014-05-09 08:11 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-05-16 07:46 - 2014-03-25 04:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2014-05-16 07:46 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2014-05-16 07:45 - 2014-04-12 04:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2014-05-16 07:45 - 2014-04-12 04:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2014-05-16 07:45 - 2014-04-12 04:19 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2014-05-16 07:45 - 2014-04-12 04:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2014-05-16 07:45 - 2014-04-12 04:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2014-05-16 07:45 - 2014-04-12 04:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2014-05-16 07:45 - 2014-04-12 04:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2014-05-16 07:45 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2014-05-16 07:45 - 2014-04-12 04:10 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2014-05-16 07:45 - 2014-03-04 11:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2014-05-16 07:45 - 2014-03-04 11:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2014-05-16 07:45 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll 2014-05-16 07:45 - 2014-03-04 11:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2014-05-16 07:45 - 2014-03-04 11:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2014-05-16 07:45 - 2014-03-04 11:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2014-05-16 07:45 - 2014-03-04 11:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2014-05-16 07:45 - 2014-03-04 11:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2014-05-16 07:45 - 2014-03-04 11:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll 2014-05-16 07:45 - 2014-03-04 11:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe 2014-05-16 07:45 - 2014-03-04 11:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll 2014-05-16 07:45 - 2014-03-04 11:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll 2014-05-16 07:45 - 2014-03-04 11:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll 2014-05-16 07:45 - 2014-03-04 11:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll 2014-05-16 07:45 - 2014-03-04 11:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll 2014-05-16 07:45 - 2014-03-04 11:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2014-05-16 07:45 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2014-05-16 07:45 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2014-05-16 07:45 - 2014-03-04 11:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2014-05-16 07:45 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll 2014-05-16 07:45 - 2014-03-04 11:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2014-05-16 07:45 - 2014-03-04 11:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2014-05-16 07:45 - 2014-03-04 11:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2014-05-16 07:45 - 2014-03-04 11:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2014-05-16 07:45 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll 2014-05-16 07:45 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll 2014-05-16 07:45 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll 2014-05-16 07:45 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll 2014-05-16 07:45 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll 2014-05-16 07:45 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll 2014-05-16 07:45 - 2014-03-04 11:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2014-05-16 07:45 - 2014-03-04 11:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2014-05-09 22:54 - 2014-05-24 10:02 - 00000000 ____D () C:\ProgramData\Lavasoft 2014-05-09 22:54 - 2014-05-24 10:02 - 00000000 ____D () C:\Program Files (x86)\Lavasoft 2014-05-09 12:30 - 2014-05-09 12:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mp3tag 2014-05-09 12:21 - 2014-05-09 12:21 - 00001026 _____ () C:\Users\Lars\Desktop\MP3Gain.lnk 2014-05-09 11:53 - 2014-05-09 11:53 - 00001002 _____ () C:\Users\Public\Desktop\Traktor 2.lnk 2014-05-09 11:53 - 2014-05-09 11:53 - 00000000 __HDC () C:\ProgramData\{0495C70B-87F4-4A64-87B3-4FB0BA1F60D2} 2014-05-09 11:49 - 2014-05-09 11:49 - 00000000 __HDC () C:\ProgramData\{4682E4CB-7209-4099-8AA1-580ABCCCE731} 2014-05-09 11:49 - 2014-05-09 11:49 - 00000000 __HDC () C:\ProgramData\{033B4844-E9C3-45D2-88D9-34DDF3F91100} 2014-05-09 11:48 - 2014-05-09 11:48 - 00000000 __HDC () C:\ProgramData\{D2030082-F62A-402A-9456-8009276FD896} 2014-05-09 11:48 - 2014-05-09 11:48 - 00000000 __HDC () C:\ProgramData\{B3478C15-588A-4968-AD66-76AA98803A28} 2014-05-09 11:48 - 2014-05-09 11:48 - 00000000 __HDC () C:\ProgramData\{0CC85DFF-E70A-4AB0-968A-F1F98F4D0C67} 2014-05-09 11:47 - 2014-05-09 11:47 - 00000000 __HDC () C:\ProgramData\{662EAAEC-9E9A-4C69-A658-884E51E909BB} 2014-05-09 11:47 - 2014-05-09 11:47 - 00000000 __HDC () C:\ProgramData\{5EE4F9B1-7274-48A2-9C25-C287604C3058} 2014-05-09 11:46 - 2014-05-09 11:46 - 00000000 __HDC () C:\ProgramData\{EB21323D-3F46-4EF0-B849-B096B7705C69} 2014-05-09 11:46 - 2014-05-09 11:46 - 00000000 __HDC () C:\ProgramData\{9B09061B-0A4F-42DA-9987-7D3F452DCB09} 2014-05-09 11:46 - 2014-05-09 11:46 - 00000000 __HDC () C:\ProgramData\{9597097D-B8DC-4754-AF2D-CB61CCFC861A} 2014-05-09 11:46 - 2014-05-09 11:46 - 00000000 __HDC () C:\ProgramData\{219191E6-6846-4329-889D-7956C487D9A6} 2014-05-09 11:45 - 2014-05-09 11:45 - 00000000 __HDC () C:\ProgramData\{B7C85E99-2AC6-455D-B4D1-752A56403757} 2014-05-09 11:45 - 2014-05-09 11:45 - 00000000 __HDC () C:\ProgramData\{AF79C86B-2321-4D47-A168-2A24BA2B6A73} 2014-05-09 11:45 - 2014-05-09 11:45 - 00000000 __HDC () C:\ProgramData\{9F570B21-E27A-40BE-A508-292899A7D042} 2014-05-09 11:44 - 2014-05-09 11:44 - 00001094 _____ () C:\Users\Public\Desktop\Controller Editor.lnk 2014-05-09 11:44 - 2014-05-09 11:44 - 00000000 __HDC () C:\ProgramData\{BD26D777-CA21-4BDD-A581-6BCFE4F0F941} 2014-05-09 11:44 - 2014-05-09 11:44 - 00000000 __HDC () C:\ProgramData\{57B31BE2-3175-4425-9722-D2AC5F68C7BD} 2014-05-09 11:11 - 2014-05-09 11:11 - 00001069 _____ () C:\Users\Lars\Desktop\DENON DJ ASIO Driver.lnk 2014-05-09 11:11 - 2014-05-09 11:11 - 00000000 ____D () C:\Users\Lars\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DENON_DJ 2014-05-09 11:11 - 2014-05-09 11:11 - 00000000 ____D () C:\Program Files (x86)\DENON_DJ 2014-04-26 14:54 - 2014-04-26 14:54 - 00000802 _____ () C:\Users\Public\Desktop\MAGIX Media Manager 2004 silver.lnk 2014-04-26 14:54 - 2014-04-26 14:54 - 00000000 ____D () C:\Users\Lars\Documents\My MAGIX Online Druck Service Files 2014-04-26 14:54 - 2014-04-26 14:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX Online Druck Service 2014-04-26 14:54 - 2014-04-26 14:54 - 00000000 ____D () C:\Program Files (x86)\MAGIX Online Druck Service 2014-04-26 14:54 - 2014-04-26 14:54 - 00000000 _____ () C:\Windows\ringtonemaker.INI 2014-04-26 14:54 - 2004-06-01 17:20 - 00339968 _____ (PoINT Software & Systems GmbH) C:\Windows\SysWOW64\DLLAV32.dll 2014-04-26 14:54 - 2004-05-30 01:17 - 00180224 _____ (PoINT Software & Systems GmbH) C:\Windows\SysWOW64\DLLRES32.dll 2014-04-26 14:54 - 2004-05-30 01:17 - 00151552 _____ (PoINT Software & Systems GmbH) C:\Windows\SysWOW64\DLLDEV32.dll 2014-04-26 14:54 - 2004-05-30 01:17 - 00126976 _____ (PoINT Software & Systems GmbH) C:\Windows\SysWOW64\DLLDRV32.dll 2014-04-26 14:54 - 2004-05-30 01:17 - 00049152 _____ (PoINT Software & Systems GmbH) C:\Windows\SysWOW64\DLLIO32.dll 2014-04-26 14:54 - 2004-05-30 01:17 - 00036864 _____ (PoINT Software & Systems GmbH) C:\Windows\SysWOW64\DLLPNT32.dll 2014-04-26 14:54 - 2004-05-30 01:17 - 00028672 _____ (PoINT Software & Systems GmbH) C:\Windows\SysWOW64\STRING32.dll 2014-04-26 14:54 - 2004-03-11 16:49 - 00014182 _____ () C:\Windows\SysWOW64\DLLAV32.lib 2014-04-26 14:54 - 2003-04-18 16:29 - 00044544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml4a.dll 2014-04-26 14:54 - 2003-03-14 10:35 - 00040960 _____ (PoINT Software & Systems GmbH) C:\Windows\SysWOW64\DLLRD32.dll 2014-04-26 14:54 - 2003-03-14 10:33 - 00114688 _____ (PoINT Software & Systems GmbH) C:\Windows\SysWOW64\DLLCDA32.dll 2014-04-26 14:54 - 2003-03-14 10:33 - 00061440 _____ (PoINT Software & Systems GmbH) C:\Windows\SysWOW64\DLLCDF32.dll 2014-04-26 14:54 - 2003-03-14 10:33 - 00053248 _____ (PoINT Software & Systems GmbH) C:\Windows\SysWOW64\DLLPRJ32.dll 2014-04-26 14:54 - 2003-03-14 10:33 - 00045056 _____ (PoINT Software & Systems GmbH) C:\Windows\SysWOW64\DLLIMG32.dll 2014-04-26 14:54 - 2003-03-14 10:32 - 00081920 _____ (PoINT Software & Systems GmbH) C:\Windows\SysWOW64\DLLCPY32.dll 2014-04-26 14:54 - 2003-03-14 10:32 - 00065536 _____ (PoINT Software & Systems GmbH) C:\Windows\SysWOW64\DLLPTL32.dll 2014-04-26 14:54 - 2003-03-14 10:32 - 00057344 _____ (PoINT Software & Systems GmbH) C:\Windows\SysWOW64\DLLTPO32.dll 2014-04-26 14:54 - 2003-03-14 10:32 - 00049152 _____ (PoINT Software & Systems GmbH) C:\Windows\SysWOW64\DLLPRF32.dll 2014-04-26 14:54 - 2003-03-14 10:32 - 00032768 _____ (PoINT Software & Systems GmbH) C:\Windows\SysWOW64\DLLMSC32.dll 2014-04-26 14:54 - 2003-03-14 10:32 - 00032768 _____ (PoINT Software & Systems GmbH) C:\Windows\SysWOW64\DLLISO32.dll 2014-04-26 14:54 - 2003-03-14 10:32 - 00032768 _____ (PoINT Software & Systems GmbH) C:\Windows\SysWOW64\DLLDIR32.dll 2014-04-26 14:54 - 2003-03-14 10:32 - 00024576 _____ (PoINT Software & Systems GmbH) C:\Windows\SysWOW64\TTIC32.dll 2014-04-26 14:54 - 2003-03-14 10:32 - 00024576 _____ (PoINT Software & Systems GmbH) C:\Windows\SysWOW64\TTI32.dll 2014-04-26 14:54 - 2003-03-14 10:32 - 00024576 _____ (PoINT Software & Systems GmbH) C:\Windows\SysWOW64\DLLIX.dll 2014-04-26 14:52 - 2014-04-26 14:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX 2014-04-26 14:52 - 2014-04-26 14:54 - 00000000 ____D () C:\MAGIX 2014-04-26 14:52 - 2014-04-26 14:52 - 00000779 _____ () C:\Users\Public\Desktop\MAGIX ringtone maker.lnk 2014-04-26 14:52 - 2014-04-26 14:52 - 00000024 _____ () C:\Windows\magix.ini 2014-04-26 14:52 - 2014-04-26 14:52 - 00000000 ____D () C:\Windows\SysWOW64\MAGIX 2014-04-26 14:52 - 2004-09-14 14:56 - 00184320 _____ (MAGIX AG) C:\Windows\SysWOW64\mgxoschk.dll 2014-04-26 14:52 - 2004-08-13 12:33 - 00001208 _____ () C:\Windows\mgxoschk.ini 2014-04-26 14:52 - 2002-09-21 00:33 - 01089536 _____ (eHelp Corporation.) C:\Windows\SysWOW64\ROBOEX32.DLL 2014-04-26 14:52 - 1999-01-28 14:44 - 00049152 _____ (Blue Sky Software Corporation.) C:\Windows\SysWOW64\INETWH32.dll 2014-04-26 14:52 - 1998-10-15 17:28 - 00085504 _____ (Blue Sky Software Corporation.) C:\Windows\SysWOW64\HtmlWH.dll ==================== One Month Modified Files and Folders ======= 2014-05-24 11:17 - 2014-05-24 11:17 - 00023568 _____ () C:\Users\Lars\Downloads\FRST.txt 2014-05-24 11:17 - 2014-05-24 11:15 - 00000000 ____D () C:\FRST 2014-05-24 11:17 - 2013-03-28 11:32 - 00000000 ____D () C:\Program Files (x86)\GfK Internet-Monitor 2014-05-24 11:17 - 2013-02-25 16:39 - 00000000 ____D () C:\Users\Lars\AppData\Roaming\Skype 2014-05-24 11:15 - 2014-05-24 11:14 - 02067456 _____ (Farbar) C:\Users\Lars\Downloads\FRST64.exe 2014-05-24 10:49 - 2013-09-21 08:41 - 00000000 ____D () C:\Users\Lars\AppData\Roaming\Mp3tag 2014-05-24 10:49 - 2013-05-11 10:10 - 00000000 ____D () C:\Users\Lars\Desktop\neue Musik 2014-05-24 10:48 - 2013-11-24 10:38 - 00000000 ____D () C:\Users\Lars\AppData\Roaming\vlc 2014-05-24 10:44 - 2013-02-09 01:54 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-05-24 10:31 - 2009-07-14 06:45 - 00021248 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-05-24 10:31 - 2009-07-14 06:45 - 00021248 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-05-24 10:30 - 2013-02-07 13:57 - 02007704 _____ () C:\Windows\WindowsUpdate.log 2014-05-24 10:26 - 2013-02-07 15:07 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-05-24 10:25 - 2010-11-21 08:50 - 00702964 _____ () C:\Windows\system32\perfh007.dat 2014-05-24 10:25 - 2010-11-21 08:50 - 00150604 _____ () C:\Windows\system32\perfc007.dat 2014-05-24 10:25 - 2009-07-14 07:13 - 01629436 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-05-24 10:21 - 2014-05-24 10:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2014-05-24 10:21 - 2013-02-07 15:07 - 00000000 ____D () C:\Program Files (x86)\Google 2014-05-24 10:19 - 2013-11-15 20:02 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-05-24 10:18 - 2013-03-28 11:32 - 00000000 ____D () C:\Program Files (x86)\GfKLSPService 2014-05-24 10:17 - 2014-03-01 16:48 - 00000000 ____D () C:\Users\Lars\Tracing 2014-05-24 10:16 - 2013-02-07 15:07 - 00001102 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-05-24 10:15 - 2014-05-24 10:15 - 00004284 _____ () C:\Windows\PFRO.log 2014-05-24 10:15 - 2014-05-24 09:57 - 00000168 _____ () C:\Windows\setupact.log 2014-05-24 10:15 - 2013-02-07 14:45 - 00000000 ____D () C:\Users\Lars 2014-05-24 10:15 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-05-24 10:13 - 2014-05-20 10:56 - 00000000 ____D () C:\AdwCleaner 2014-05-24 10:09 - 2013-10-01 20:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YTD Video Downloader 2014-05-24 10:02 - 2014-05-09 22:54 - 00000000 ____D () C:\ProgramData\Lavasoft 2014-05-24 10:02 - 2014-05-09 22:54 - 00000000 ____D () C:\Program Files (x86)\Lavasoft 2014-05-24 09:57 - 2014-05-24 09:57 - 00000000 _____ () C:\Windows\setuperr.log 2014-05-24 09:56 - 2014-05-20 08:48 - 00000668 _____ () C:\aaw7boot.log 2014-05-22 12:05 - 2013-08-17 21:52 - 00000000 ____D () C:\Users\Lars\Desktop\XTreme 6.1 2014-05-20 18:00 - 2014-05-20 17:59 - 00000000 ____D () C:\Program Files (x86)\winKeyLock 2014-05-20 17:59 - 2014-05-20 17:59 - 00000963 _____ () C:\Users\Lars\Desktop\winKeyLock.lnk 2014-05-20 17:59 - 2014-05-20 17:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\winKeyLock 2014-05-20 17:58 - 2014-05-20 17:58 - 00645904 _____ (winKeyLock ) C:\Users\Lars\Downloads\InstallWinKeyLock1.0.1.exe 2014-05-20 11:01 - 2013-03-09 18:46 - 00001079 _____ () C:\Users\Lars\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2014-05-20 11:01 - 2013-02-08 00:58 - 00001061 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2014-05-20 10:52 - 2014-05-20 10:52 - 00961360 _____ (Chip Digital GmbH) C:\Users\Lars\Desktop\AdwCleaner.exe 2014-05-20 09:04 - 2014-05-20 09:02 - 00000000 ____D () C:\Users\Lars\Desktop\Vertrag VF Oli Kamera 2014-05-16 09:10 - 2013-09-19 19:33 - 00000000 ____D () C:\Users\Lars\Downloads\Primeval New World 2014-05-16 09:07 - 2014-05-16 09:06 - 00000000 ____D () C:\Users\Lars\Downloads\__MACOSX 2014-05-16 09:06 - 2014-05-16 09:06 - 00000000 ____D () C:\Users\Lars\Downloads\FATSUMO_PROMO 2014-05-16 08:44 - 2013-05-14 22:44 - 17938608 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe 2014-05-16 08:44 - 2013-02-09 01:54 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-05-16 08:44 - 2013-02-09 01:54 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-05-16 08:44 - 2013-02-09 01:54 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-05-16 08:40 - 2013-12-13 10:11 - 00000000 ____D () C:\Users\Lars\AppData\Local\Amazon Cloud Player 2014-05-16 08:39 - 2013-12-13 10:11 - 00001604 _____ () C:\Windows\System32\Tasks\Amazon Music Helper 2014-05-16 08:16 - 2013-02-07 14:51 - 00000000 ___RD () C:\Users\Lars\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2014-05-16 08:16 - 2013-02-07 14:51 - 00000000 ___RD () C:\Users\Lars\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools 2014-05-16 08:13 - 2014-05-16 08:13 - 00000000 ___SD () C:\Windows\system32\CompatTel 2014-05-16 08:13 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions 2014-05-16 08:12 - 2014-05-16 08:12 - 00001783 _____ () C:\Users\Public\Desktop\iTunes.lnk 2014-05-16 08:12 - 2014-05-16 08:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2014-05-16 08:12 - 2014-05-16 08:11 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2014-05-16 08:12 - 2014-05-16 08:11 - 00000000 ____D () C:\Program Files\iTunes 2014-05-16 08:12 - 2014-05-16 08:11 - 00000000 ____D () C:\Program Files (x86)\iTunes 2014-05-16 08:11 - 2014-05-16 08:11 - 00000000 ____D () C:\Program Files\iPod 2014-05-16 07:51 - 2013-02-08 01:03 - 00000000 ____D () C:\ProgramData\Microsoft Help 2014-05-16 07:50 - 2013-09-12 17:45 - 00000000 ____D () C:\Windows\system32\MRT 2014-05-16 07:48 - 2013-02-08 12:34 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-05-16 07:35 - 2013-02-14 15:59 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk 2014-05-11 07:36 - 2013-09-21 09:36 - 00000141 _____ () C:\Users\Lars\AppData\Roaming\WB.CFG 2014-05-09 15:21 - 2013-02-07 15:07 - 00004102 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2014-05-09 15:21 - 2013-02-07 15:07 - 00003850 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2014-05-09 12:30 - 2014-05-09 12:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mp3tag 2014-05-09 12:30 - 2013-09-21 08:41 - 00000979 _____ () C:\Users\Public\Desktop\Mp3tag.lnk 2014-05-09 12:30 - 2013-09-21 08:41 - 00000000 ____D () C:\Program Files (x86)\Mp3tag 2014-05-09 12:21 - 2014-05-09 12:21 - 00001026 _____ () C:\Users\Lars\Desktop\MP3Gain.lnk 2014-05-09 11:57 - 2013-02-14 14:13 - 00000000 ____D () C:\Users\Lars\Documents\Native Instruments 2014-05-09 11:53 - 2014-05-09 11:53 - 00001002 _____ () C:\Users\Public\Desktop\Traktor 2.lnk 2014-05-09 11:53 - 2014-05-09 11:53 - 00000000 __HDC () C:\ProgramData\{0495C70B-87F4-4A64-87B3-4FB0BA1F60D2} 2014-05-09 11:51 - 2013-02-14 12:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments 2014-05-09 11:49 - 2014-05-09 11:49 - 00000000 __HDC () C:\ProgramData\{4682E4CB-7209-4099-8AA1-580ABCCCE731} 2014-05-09 11:49 - 2014-05-09 11:49 - 00000000 __HDC () C:\ProgramData\{033B4844-E9C3-45D2-88D9-34DDF3F91100} 2014-05-09 11:49 - 2013-02-14 12:30 - 00000000 ____D () C:\Program Files\Native Instruments 2014-05-09 11:48 - 2014-05-09 11:48 - 00000000 __HDC () C:\ProgramData\{D2030082-F62A-402A-9456-8009276FD896} 2014-05-09 11:48 - 2014-05-09 11:48 - 00000000 __HDC () C:\ProgramData\{B3478C15-588A-4968-AD66-76AA98803A28} 2014-05-09 11:48 - 2014-05-09 11:48 - 00000000 __HDC () C:\ProgramData\{0CC85DFF-E70A-4AB0-968A-F1F98F4D0C67} 2014-05-09 11:47 - 2014-05-09 11:47 - 00000000 __HDC () C:\ProgramData\{662EAAEC-9E9A-4C69-A658-884E51E909BB} 2014-05-09 11:47 - 2014-05-09 11:47 - 00000000 __HDC () C:\ProgramData\{5EE4F9B1-7274-48A2-9C25-C287604C3058} 2014-05-09 11:46 - 2014-05-09 11:46 - 00000000 __HDC () C:\ProgramData\{EB21323D-3F46-4EF0-B849-B096B7705C69} 2014-05-09 11:46 - 2014-05-09 11:46 - 00000000 __HDC () C:\ProgramData\{9B09061B-0A4F-42DA-9987-7D3F452DCB09} 2014-05-09 11:46 - 2014-05-09 11:46 - 00000000 __HDC () C:\ProgramData\{9597097D-B8DC-4754-AF2D-CB61CCFC861A} 2014-05-09 11:46 - 2014-05-09 11:46 - 00000000 __HDC () C:\ProgramData\{219191E6-6846-4329-889D-7956C487D9A6} 2014-05-09 11:45 - 2014-05-09 11:45 - 00000000 __HDC () C:\ProgramData\{B7C85E99-2AC6-455D-B4D1-752A56403757} 2014-05-09 11:45 - 2014-05-09 11:45 - 00000000 __HDC () C:\ProgramData\{AF79C86B-2321-4D47-A168-2A24BA2B6A73} 2014-05-09 11:45 - 2014-05-09 11:45 - 00000000 __HDC () C:\ProgramData\{9F570B21-E27A-40BE-A508-292899A7D042} 2014-05-09 11:44 - 2014-05-09 11:44 - 00001094 _____ () C:\Users\Public\Desktop\Controller Editor.lnk 2014-05-09 11:44 - 2014-05-09 11:44 - 00000000 __HDC () C:\ProgramData\{BD26D777-CA21-4BDD-A581-6BCFE4F0F941} 2014-05-09 11:44 - 2014-05-09 11:44 - 00000000 __HDC () C:\ProgramData\{57B31BE2-3175-4425-9722-D2AC5F68C7BD} 2014-05-09 11:44 - 2013-02-14 12:30 - 00000000 ____D () C:\Program Files\Common Files\Native Instruments 2014-05-09 11:11 - 2014-05-09 11:11 - 00001069 _____ () C:\Users\Lars\Desktop\DENON DJ ASIO Driver.lnk 2014-05-09 11:11 - 2014-05-09 11:11 - 00000000 ____D () C:\Users\Lars\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DENON_DJ 2014-05-09 11:11 - 2014-05-09 11:11 - 00000000 ____D () C:\Program Files (x86)\DENON_DJ 2014-05-09 08:14 - 2014-05-16 07:46 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-05-09 08:11 - 2014-05-16 07:46 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-05-06 07:14 - 2014-05-16 07:51 - 19274752 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-05-06 07:14 - 2014-05-16 07:51 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-05-06 05:48 - 2014-05-16 07:51 - 14367232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-05-06 05:48 - 2014-05-16 07:51 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-05-06 05:37 - 2014-05-16 07:51 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-05-06 05:26 - 2014-05-16 07:51 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-05-02 23:38 - 2013-02-08 01:06 - 00000000 ____D () C:\Users\Lars\AppData\Roaming\TS3Client 2014-05-02 22:34 - 2013-05-21 01:53 - 00007607 _____ () C:\Users\Lars\AppData\Local\Resmon.ResmonCfg 2014-04-26 14:54 - 2014-04-26 14:54 - 00000802 _____ () C:\Users\Public\Desktop\MAGIX Media Manager 2004 silver.lnk 2014-04-26 14:54 - 2014-04-26 14:54 - 00000000 ____D () C:\Users\Lars\Documents\My MAGIX Online Druck Service Files 2014-04-26 14:54 - 2014-04-26 14:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX Online Druck Service 2014-04-26 14:54 - 2014-04-26 14:54 - 00000000 ____D () C:\Program Files (x86)\MAGIX Online Druck Service 2014-04-26 14:54 - 2014-04-26 14:54 - 00000000 _____ () C:\Windows\ringtonemaker.INI 2014-04-26 14:54 - 2014-04-26 14:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX 2014-04-26 14:54 - 2014-04-26 14:52 - 00000000 ____D () C:\MAGIX 2014-04-26 14:52 - 2014-04-26 14:52 - 00000779 _____ () C:\Users\Public\Desktop\MAGIX ringtone maker.lnk 2014-04-26 14:52 - 2014-04-26 14:52 - 00000024 _____ () C:\Windows\magix.ini 2014-04-26 14:52 - 2014-04-26 14:52 - 00000000 ____D () C:\Windows\SysWOW64\MAGIX ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2013-02-26 19:00 ==================== End Of Log ============================ Logfile von JRT: JRT Logfile: Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Ultimate x64
Ran by Lars on 24.05.2014 at 16:12:04,69
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1005217006-152471606-131910131-1000\Software\sweetim
~~~ Files
Successfully deleted: [File] "C:\Users\Lars\appdata\locallow\microsoft\silverlight\outofbrowser\index\portal.qtrax.com"
~~~ Folders
Successfully deleted: [Folder] "C:\ProgramData\ytd video downloader"
Successfully deleted: [Folder] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ytd video downloader"
Successfully deleted: [Folder] "C:\Users\Lars\music\qtrax media library"
Successfully deleted: [Empty Folder] C:\Users\Lars\appdata\local\{1099E58A-8336-4E2F-A3D3-AD113BFE6F06}
Successfully deleted: [Empty Folder] C:\Users\Lars\appdata\local\{138C42C6-0244-402C-A386-B7A032FF811D}
Successfully deleted: [Empty Folder] C:\Users\Lars\appdata\local\{2E01058F-F99F-41A7-9D49-22452CFC0F99}
Successfully deleted: [Empty Folder] C:\Users\Lars\appdata\local\{4447315A-214C-4252-A6A2-52D5ECF8FA65}
Successfully deleted: [Empty Folder] C:\Users\Lars\appdata\local\{64D643C1-DA8B-457F-9FB5-1E3DAD12733C}
Successfully deleted: [Empty Folder] C:\Users\Lars\appdata\local\{87F651C4-C306-4F8A-87D5-A018C2F88F99}
Successfully deleted: [Empty Folder] C:\Users\Lars\appdata\local\{9CF457CC-AC65-4643-B98F-AC788405EBF3}
Successfully deleted: [Empty Folder] C:\Users\Lars\appdata\local\{A02E3B5A-D0E1-4D71-B3BF-E1802E1B5BAD}
Successfully deleted: [Empty Folder] C:\Users\Lars\appdata\local\{A55B7F39-B126-411C-A6B9-9DE661C72AF5}
Successfully deleted: [Empty Folder] C:\Users\Lars\appdata\local\{AC612CF9-3287-4431-A7BC-F163FBB9D74C}
Successfully deleted: [Empty Folder] C:\Users\Lars\appdata\local\{B56B9355-9D16-483A-87AD-A3B334B7A5C3}
Successfully deleted: [Empty Folder] C:\Users\Lars\appdata\local\{BF15DFD4-61A0-4063-8EDC-9D649AD423F8}
Successfully deleted: [Empty Folder] C:\Users\Lars\appdata\local\{C9B852F4-9550-46B7-BCB2-44FBC387C0DC}
Successfully deleted: [Empty Folder] C:\Users\Lars\appdata\local\{CA5003A3-C883-416E-AA41-E03830435F73}
Successfully deleted: [Empty Folder] C:\Users\Lars\appdata\local\{F73BBEF2-78C6-4C67-8558-F369DA905753}
~~~ FireFox
Successfully deleted the following from C:\Users\Lars\AppData\Roaming\mozilla\firefox\profiles\1ipdivd3.default\prefs.js
user_pref("browser.startup.homepage", "hxxp://search.easylifeapp.com/?zy=k");
user_pref("extensions.LOHi64S1y.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"warnalert11.com\")
user_pref("extensions.N6yO5tA.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"warnalert11.com\")>-
user_pref("extensions.tQmox.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"warnalert11.com\")>-1|
user_pref("extensions.tQmox.url", "hxxp://jobfirstnet.in/sync2/?q=hfZ9ofV9CShEAen0rHC6tMqLDe49CNU0mwkMCMlNhd9FrHwGrTkGrTnHrdkMBzqUojw9rdkGqda5rTwGqSh7hfs0pihPBMn0rjrFrTw6pjU8r
Emptied folder: C:\Users\Lars\AppData\Roaming\mozilla\firefox\profiles\1ipdivd3.default\minidumps [113 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 24.05.2014 at 16:19:50,46
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
habe schon einige Malware Dateien und anderes gelöscht. Ich war etwas übereifrig und dachte ich pack das alleine, aber mit diesen Logfiles kann ich nichts anfangen.. sorry  |
|
24.05.2014, 18:39
| #4 |
| /// TB-Ausbilder | Unerwünschte, leere Pop-up Fenster erscheinen und Wörter sind unterstrichen und verlinkt Was ist mit den anderen Logdateien, von denen du gesprochen hast? Bitte auch posten... |
|
24.05.2014, 18:44
| #5 |
| | Unerwünschte, leere Pop-up Fenster erscheinen und Wörter sind unterstrichen und verlinkt ESET ist gerade noch am arbeiten... seit 3h & 15 minuten sucht der bereits.. das kann noch dauern... ADWCleaner habe ich hier: AdwCleaner Logfile: Code:
ATTFilter # AdwCleaner v3.210 - Bericht erstellt am 20/05/2014 um 11:01:22
# Aktualisiert 19/05/2014 von Xplode
# Betriebssystem : Windows 7 Ultimate Service Pack 1 (64 bits)
# Benutzername : Lars - LARS-PC
# Gestartet von : C:\Users\Lars\AppData\Local\Temp\OCS\Downloads\fc14996dfa99adfc7baae624196888c5\f8b34e3b5e6e337aa6491ee3f713f8f5\adwcleaner_3.209.exe
# Option : Löschen
***** [ Dienste ] *****
Dienst Gelöscht : EnablerService
Dienst Gelöscht : winzipersvc
Dienst Gelöscht : Wpm
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\ProgramData\IePluginService
Ordner Gelöscht : C:\ProgramData\QuickSet
Ordner Gelöscht : C:\ProgramData\SNT
Ordner Gelöscht : C:\ProgramData\WPM
Ordner Gelöscht : C:\ProgramData\surf and keep
Ordner Gelöscht : C:\ProgramData\YoutubeAdblocker
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZipper
Ordner Gelöscht : C:\Program Files (x86)\Addon Enabler
Ordner Gelöscht : C:\Program Files (x86)\Bench
Ordner Gelöscht : C:\Program Files (x86)\Conduit
Ordner Gelöscht : C:\Program Files (x86)\GreenTree Applications
Ordner Gelöscht : C:\Program Files (x86)\HD Streamer
Ordner Gelöscht : C:\Program Files (x86)\MyPC Backup
Ordner Gelöscht : C:\Program Files (x86)\SNT
Ordner Gelöscht : C:\Program Files (x86)\Storimbo
Ordner Gelöscht : C:\Program Files (x86)\SupTab
Ordner Gelöscht : C:\Program Files (x86)\WinZip Registry Optimizer
Ordner Gelöscht : C:\Program Files (x86)\WinZipper
Ordner Gelöscht : C:\Program Files (x86)\surf and keep
Ordner Gelöscht : C:\Program Files (x86)\YoutubeAdblocker
Ordner Gelöscht : C:\Program Files (x86)\Common Files\Spigot
Ordner Gelöscht : C:\Program Files\Conduit
Ordner Gelöscht : C:\Users\Lars\AppData\Local\Conduit
Ordner Gelöscht : C:\Users\Lars\AppData\Local\HD Streamer
Ordner Gelöscht : C:\Users\Lars\AppData\Local\lollipop
Ordner Gelöscht : C:\Users\Lars\AppData\Local\Mobogenie
Ordner Gelöscht : C:\Users\Lars\AppData\Local\Temp\OCS
Ordner Gelöscht : C:\Users\Lars\AppData\LocalLow\Delta
Ordner Gelöscht : C:\Users\Lars\AppData\Roaming\0D0S1L2Z1P1B0T1P1B2Z
Ordner Gelöscht : C:\Users\Lars\AppData\Roaming\Babylon
Ordner Gelöscht : C:\Users\Lars\AppData\Roaming\digitalsite
Ordner Gelöscht : C:\Users\Lars\AppData\Roaming\file scout
Ordner Gelöscht : C:\Users\Lars\AppData\Roaming\OpenCandy
Ordner Gelöscht : C:\Users\Lars\AppData\Roaming\SupTab
Ordner Gelöscht : C:\Users\Lars\AppData\Roaming\Systweak
Ordner Gelöscht : C:\Users\Lars\AppData\Roaming\ValueApps
Ordner Gelöscht : C:\Users\Lars\AppData\Roaming\WinZipper
Ordner Gelöscht : C:\Users\Lars\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard
Ordner Gelöscht : C:\Users\Lars\Documents\Mobogenie
Ordner Gelöscht : C:\Users\Lars\Documents\Optimizer Pro
Ordner Gelöscht : C:\Users\Lars\AppData\Roaming\Mozilla\Firefox\Profiles\1ipdivd3.default\Extensions\quick_start@gmail.com
Datei Gelöscht : C:\Users\Lars\AppData\Roaming\Mozilla\Firefox\Profiles\1ipdivd3.default\Extensions\pricepeep@getpricepeep.com.xpi
Datei Gelöscht : C:\END
Datei Gelöscht : C:\Windows\System32\roboot64.exe
Datei Gelöscht : C:\Users\Lars\daemonprocess.txt
Datei Gelöscht : C:\Users\Lars\AppData\Roaming\LiveSupport.exe_log.txt
Datei Gelöscht : C:\Users\Lars\AppData\Roaming\regsvr32.exe_log.txt
Datei Gelöscht : C:\Users\Lars\AppData\Roaming\Mozilla\Firefox\Profiles\1ipdivd3.default\bProtector_extensions.rdf
Datei Gelöscht : C:\Users\Lars\AppData\Roaming\Mozilla\Firefox\Profiles\1ipdivd3.default\bprotector_extensions.sqlite
Datei Gelöscht : C:\Users\Lars\AppData\Roaming\Mozilla\Firefox\Profiles\1ipdivd3.default\bprotector_prefs.js
Datei Gelöscht : C:\Users\Lars\AppData\Roaming\Mozilla\Firefox\Profiles\1ipdivd3.default\invalidprefs.js
Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\avg-secure-search.xml
Datei Gelöscht : C:\Users\Lars\AppData\Roaming\Mozilla\Firefox\Profiles\1ipdivd3.default\searchplugins\Babylon.xml
Datei Gelöscht : C:\Users\Lars\AppData\Roaming\Mozilla\Firefox\Profiles\1ipdivd3.default\searchplugins\delta.xml
Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\searchplugins\delta-homes.xml
Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\searchplugins\nationzoom.xml
Datei Gelöscht : C:\Users\Lars\AppData\Roaming\Mozilla\Firefox\Profiles\1ipdivd3.default\searchplugins\Web Search.xml
Datei Gelöscht : C:\Users\Lars\AppData\Roaming\Mozilla\Firefox\Profiles\1ipdivd3.default\searchplugins\WebSearch.xml
Datei Gelöscht : C:\Users\Lars\AppData\Roaming\Mozilla\Firefox\Profiles\1ipdivd3.default\user.js
Datei Gelöscht : C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\Extensions\ep.crx
Datei Gelöscht : C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx
Datei Gelöscht : C:\Users\Lars\AppData\Local\Google\Chrome\user data\default\local storage\hxxp_pricegong.conduitapps.com_0.localstorage
Datei Gelöscht : C:\Users\Lars\AppData\Local\Google\Chrome\user data\default\local storage\hxxp_pricegong.conduitapps.com_0.localstorage-journal
Datei Gelöscht : C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_sb.scorecardresearch.com_0.localstorage
Datei Gelöscht : C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_sb.scorecardresearch.com_0.localstorage-journal
Datei Gelöscht : C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_storage.conduit.com_0.localstorage
Datei Gelöscht : C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_storage.conduit.com_0.localstorage-journal
Datei Gelöscht : C:\Windows\Tasks\bench-sys.job
Datei Gelöscht : C:\Windows\System32\Tasks\bench-sys
Datei Gelöscht : C:\Windows\System32\Tasks\BitGuard
Datei Gelöscht : C:\Windows\Tasks\DigitalSite.job
Datei Gelöscht : C:\Windows\System32\Tasks\DigitalSite
***** [ Verknüpfungen ] *****
Verknüpfung Desinfiziert : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
Verknüpfung Desinfiziert : C:\Users\Lars\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
Verknüpfung Desinfiziert : C:\Users\Lars\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
***** [ Registrierungsdatenbank ] *****
Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{21EAF666-26B3-4a3c-ABD0-CA2F5A326744}]
Wert Gelöscht : [x64] HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{21EAF666-26B3-4a3c-ABD0-CA2F5A326744}]
Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [quick_start@gmail.com]
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\hbcennhacfaagdopikcegfcobcadeocj
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\ogfjmhfnldnajmfaofeiaepghjenbgjo
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\pfndaklgolladniicklehhancnlgocpp
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\*\shell\filescout
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\AddonsFramework.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\ButtonSite.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\NCTAudioCDGrabber2.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\ScriptHost.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PCProxy.DataContainer
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\LatestDLMgr_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\LatestDLMgr_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\speedupmypc_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\speedupmypc_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mobilegeni daemon]
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\YoutubeAdblocker.YoutubeAdblocker
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\YoutubeAdblocker.YoutubeAdblocker.1.0
Schlüssel Gelöscht : HKCU\Software\58558b8dbd6abd40
Schlüssel Gelöscht : HKLM\SOFTWARE\58558b8dbd6abd40
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CrossriderApp0038532.BHO
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CrossriderApp0038532.BHO.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CrossriderApp0038532.Sandbox
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CrossriderApp0038532.Sandbox.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{18B9B16E-716F-43DF-A6AD-512C7D2EB983}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{19975B78-1907-4DD6-A437-4C48120F46A4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{562B9316-C08A-444A-9482-62080DD851AE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{562B9317-C08A-444A-9482-62080DD851AE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{9DC8FA51-B596-4F77-802C-5B295919C205}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3E28F712-0D6C-4EE3-AC8C-8F060F5D7C33}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{533403E2-6E21-4615-9E28-43F4E97E977B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5EB0259D-AB79-4AE6-A6E6-24FFE21C3DA4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{6CE321DA-DC11-45C6-A0FC-4E8A7D978ABC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{6EEBC7FF-67DA-4B90-9251-C2C5696E4B48}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{74137531-80F7-406F-9543-7D11385FA8C8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{832599B2-55BF-4437-8F3E-030CF5AEB262}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{B1A429DB-FB06-4645-B7C0-0CC405EAD3CD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CADAF6BE-BF50-4669-8BFD-C27BD4E6181B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{DD67706E-819E-4EBD-BF8D-6D6147CC7A49}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E6062A33-016E-4BDA-A6F1-890D989F8656}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F62A4AF9-58B4-4FEC-89CC-D717A547D8E8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{65B31E28-C534-5B46-55EB-9AAB46858685}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{045F91B3-695F-423A-98C7-8DE3C47AA020}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1348BD1B-C32A-41A7-9BD4-5377AA1AB925}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2BEF239C-752E-4001-8048-F256E0D8CD93}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{395AFE6E-8308-48DB-89BE-ED5F4AA3D3EC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{43B390F0-6BA2-45CA-ABF2-5DB0CEE9B49D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{49C00A51-6E59-41FE-B3FA-2D2157FAD67B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{6DFF5DBA-AE3A-46DB-B301-ECFFC6DB2982}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{94CADA2E-1D3F-419F-8A3D-06C58EDF53C8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9E52EB8B-8DD9-4605-AD36-D352BCD482F2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A1440EC3-F0FA-407A-B811-DE6668C06D29}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B9A84AD0-5777-46FD-8B8F-1EBD06750FBC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{BBBE01ED-0F1E-44DB-88C1-5CC1AEE3B462}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C1995F88-1C7F-40D7-B0FA-6F107F6308B8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C815E3DA-0823-49B0-9270-D1771D58B317}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DE34CD67-F1C8-4001-9A23-B8A68F63F377}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E4A994B0-5550-4680-A4C6-B9470B888069}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EE95078D-518C-4FD2-8093-FD1D4E33D3CA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F9EB11AB-9384-4736-9B33-993940F88895}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E6062A33-016E-4BDA-A6F1-890D989F8656}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{65B31E28-C534-5B46-55EB-9AAB46858685}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{82E1477C-B154-48D3-9891-33D83C26BCD3}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5682CA62-1A80-40AE-82A0-B67833CE75FF}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{82E1477C-B154-48D3-9891-33D83C26BCD3}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{93DBF2BB-A2B3-4683-A92E-57E60751F346}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{E6062A33-016E-4BDA-A6F1-890D989F8656}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{65B31E28-C534-5B46-55EB-9AAB46858685}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{93DBF2BB-A2B3-4683-A92E-57E60751F346}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{E6062A33-016E-4BDA-A6F1-890D989F8656}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{65B31E28-C534-5B46-55EB-9AAB46858685}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{045F91B3-695F-423A-98C7-8DE3C47AA020}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{1348BD1B-C32A-41A7-9BD4-5377AA1AB925}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{1B97A696-5576-43AC-A73B-E1D2C78F21E8}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2BEF239C-752E-4001-8048-F256E0D8CD93}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{395AFE6E-8308-48DB-89BE-ED5F4AA3D3EC}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{43B390F0-6BA2-45CA-ABF2-5DB0CEE9B49D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{49C00A51-6E59-41FE-B3FA-2D2157FAD67B}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{6DFF5DBA-AE3A-46DB-B301-ECFFC6DB2982}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{75BF416E-4326-45B5-8A2D-AE32D05B930B}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{94CADA2E-1D3F-419F-8A3D-06C58EDF53C8}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{9E52EB8B-8DD9-4605-AD36-D352BCD482F2}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A1440EC3-F0FA-407A-B811-DE6668C06D29}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{B9A84AD0-5777-46FD-8B8F-1EBD06750FBC}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{BBBE01ED-0F1E-44DB-88C1-5CC1AEE3B462}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C1995F88-1C7F-40D7-B0FA-6F107F6308B8}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C815E3DA-0823-49B0-9270-D1771D58B317}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D54C859C-6066-4F31-8FE0-2AAEDCAE67D7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{DE34CD67-F1C8-4001-9A23-B8A68F63F377}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E4A994B0-5550-4680-A4C6-B9470B888069}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{EE95078D-518C-4FD2-8093-FD1D4E33D3CA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{F9EB11AB-9384-4736-9B33-993940F88895}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E6062A33-016E-4BDA-A6F1-890D989F8656}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{65B31E28-C534-5B46-55EB-9AAB46858685}
Wert Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{93DBF2BB-A2B3-4683-A92E-57E60751F346}
Daten Wiederhergestellt : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command
Schlüssel Gelöscht : HKCU\Software\BabSolution
Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\DataMngr
[#] Schlüssel Gelöscht : HKCU\Software\DataMngr_Toolbar
Schlüssel Gelöscht : HKCU\Software\Delta
Schlüssel Gelöscht : HKCU\Software\dsiteproducts
Schlüssel Gelöscht : HKCU\Software\filescout
Schlüssel Gelöscht : HKCU\Software\IGearSettings
Schlüssel Gelöscht : HKCU\Software\Iminent
Schlüssel Gelöscht : HKCU\Software\InstallCore
Schlüssel Gelöscht : HKCU\Software\installedbrowserextensions
Schlüssel Gelöscht : HKCU\Software\InstalledThirdPartyPrograms
Schlüssel Gelöscht : HKCU\Software\LiveSupport
Schlüssel Gelöscht : HKCU\Software\lollipop
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\RegisteredApplicationsEx
Schlüssel Gelöscht : HKCU\Software\SmartBar
Schlüssel Gelöscht : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKCU\Software\AppDataLow\SProtector
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Crossrider
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Feven 1.5
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Search Settings
Schlüssel Gelöscht : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Schlüssel Gelöscht : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Schlüssel Gelöscht : HKLM\Software\Babylon
Schlüssel Gelöscht : HKLM\Software\Bench
Schlüssel Gelöscht : HKLM\Software\DataMngr
Schlüssel Gelöscht : HKLM\Software\Delta
Schlüssel Gelöscht : HKLM\Software\delta-homesSoftware
Schlüssel Gelöscht : HKLM\Software\Feven 1.5
Schlüssel Gelöscht : HKLM\Software\hdcode
Schlüssel Gelöscht : HKLM\Software\Iminent
Schlüssel Gelöscht : HKLM\Software\nationzoomSoftware
Schlüssel Gelöscht : HKLM\Software\SP Global
Schlüssel Gelöscht : HKLM\Software\SProtector
Schlüssel Gelöscht : HKLM\Software\SupTab
Schlüssel Gelöscht : HKLM\Software\supWPM
Schlüssel Gelöscht : HKLM\Software\systweak
Schlüssel Gelöscht : HKLM\Software\Uniblue
Schlüssel Gelöscht : HKLM\Software\V9
Schlüssel Gelöscht : HKLM\Software\winzipersvc
Schlüssel Gelöscht : HKLM\Software\Wpm
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\DigitalSite
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4820778D-AB0D-6D18-C316-52A6A0E1D507}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\HD Streamer
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\winzipper
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\DivX\Install\Setup\WizardLayout\ConduitToolbar
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\HD Streamer
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\InstalledThirdPartyPrograms
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1
Daten Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~2\websea~1\psupport.dll
***** [ Browser ] *****
-\\ Internet Explorer v0.0.0.0
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Search Bar]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [SearchAssistant]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [Default]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
-\\ Mozilla Firefox v25.0.1 (de)
[ Datei : C:\Users\Lars\AppData\Roaming\Mozilla\Firefox\Profiles\1ipdivd3.default\prefs.js ]
Zeile gelöscht : user_pref("browser.search.defaultenginename", "delta-homes");
Zeile gelöscht : user_pref("browser.search.defaultenginename,S", "WebSearch");
Zeile gelöscht : user_pref("browser.search.defaulturl", "hxxp://websearch.searchsunmy.info/?pid=377&r=2013/12/25&hid=1764838136908533383&lg=EN&cc=DE&unqvl=45&l=1&q=");
Zeile gelöscht : user_pref("browser.search.order.1", "WebSearch");
Zeile gelöscht : user_pref("browser.search.order.1,S", "WebSearch");
Zeile gelöscht : user_pref("browser.search.selectedEngine,S", "WebSearch");
Zeile gelöscht : user_pref("extensions.crossrider.bic", "13f624d4447e0b1cdd658fca7c4587f0");
Zeile gelöscht : user_pref("extensions.delta.admin", false);
Zeile gelöscht : user_pref("extensions.delta.aflt", "babsst");
Zeile gelöscht : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
Zeile gelöscht : user_pref("extensions.delta.autoRvrt", "false");
Zeile gelöscht : user_pref("extensions.delta.dfltLng", "de");
Zeile gelöscht : user_pref("extensions.delta.excTlbr", false);
Zeile gelöscht : user_pref("extensions.delta.ffxUnstlRst", true);
Zeile gelöscht : user_pref("extensions.delta.id", "3ced9fa1000000000000c860009e0b08");
Zeile gelöscht : user_pref("extensions.delta.instlDay", "15969");
Zeile gelöscht : user_pref("extensions.delta.instlRef", "sst");
Zeile gelöscht : user_pref("extensions.delta.newTab", false);
Zeile gelöscht : user_pref("extensions.delta.prdct", "delta");
Zeile gelöscht : user_pref("extensions.delta.prtnrId", "delta");
Zeile gelöscht : user_pref("extensions.delta.rvrt", "false");
Zeile gelöscht : user_pref("extensions.delta.smplGrp", "none");
Zeile gelöscht : user_pref("extensions.delta.tlbrId", "base");
Zeile gelöscht : user_pref("extensions.delta.tlbrSrchUrl", "");
Zeile gelöscht : user_pref("extensions.delta.vrsn", "1.8.24.6");
Zeile gelöscht : user_pref("extensions.delta.vrsnTs", "1.8.24.68:37:02");
Zeile gelöscht : user_pref("extensions.delta.vrsni", "1.8.24.6");
Zeile gelöscht : user_pref("extensions.delta_i.babExt", "");
Zeile gelöscht : user_pref("extensions.delta_i.babTrack", "affID=119357&tsp=5012");
Zeile gelöscht : user_pref("extensions.delta_i.srcExt", "ss");
Zeile gelöscht : user_pref("extensions.ffxtlbr@delta.com.install-event-fired", true);
Zeile gelöscht : user_pref("extensions.helperbar.Country", "Germany");
Zeile gelöscht : user_pref("extensions.helperbar.DockingPositionDown", false);
Zeile gelöscht : user_pref("extensions.helperbar.LastHiddenTime", 22711266);
Zeile gelöscht : user_pref("extensions.helperbar.SmartbarDisabled", true);
Zeile gelöscht : user_pref("extensions.helperbar.SmartbarStateMinimaized", false);
Zeile gelöscht : user_pref("extensions.helperbar.UserID", "ff6c8ad7-ec72-41dd-99ce-51a4390124a3");
Zeile gelöscht : user_pref("extensions.helperbar.Visibility", true);
Zeile gelöscht : user_pref("extensions.webbooster@iminent.com.install-event-fired", true);
Zeile gelöscht : user_pref("iminent.webbooster.scripts.minibar.ROOTEXTENSION", "chrome://iminentwebbooster/content/minibar");
Zeile gelöscht : user_pref("iminent.webbooster.scripts.minibar.Services.BHPCode", "01");
Zeile gelöscht : user_pref("iminent.webbooster.scripts.minibar.Services.DefaultEvent", "000");
Zeile gelöscht : user_pref("iminent.webbooster.scripts.minibar.Services.DefaultWebSite", "000");
Zeile gelöscht : user_pref("iminent.webbooster.scripts.minibar.Services.IminentClientCode", "11");
Zeile gelöscht : user_pref("iminent.webbooster.scripts.minibar.Services.SmartFavCode", "02");
Zeile gelöscht : user_pref("iminent.webbooster.scripts.minibar.ShowThankyouPixel", "0");
Zeile gelöscht : user_pref("iminent.webbooster.scripts.minibar.registerToolbarEvent134", "1371498496367");
-\\ Google Chrome v34.0.1847.137
[ Datei : C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Gelöscht [Search Provider] : hxxp://websearch.searchsunmy.info/?l=1&q={searchTerms}&pid=377&r=2013/12/25&hid=1764838136908533383&lg=EN&cc=DE&unqvl=45
Gelöscht [Search Provider] : hxxp://search.delta-homes.com/web/?utm_source=b&utm_medium=wpm0226&utm_campaign=installer&utm_content=ds&from=wpm0226&uid=ST1000DM005XHD103SJ_S246J9EC419309&ts=1393433864&type=default&q={searchTerms}
Gelöscht [Search Provider] : hxxp://search.delta-homes.com/web/?utm_source=b&utm_medium=wpm0226&utm_campaign=installer&utm_content=ds&from=wpm0226&uid=ST1000DM005XHD103SJ_S246J9EC419309&ts=1393433864&type=default&q={searchTerms}
Gelöscht [Search Provider] : hxxp://search.delta-homes.com/web/?utm_source=b&utm_medium=wpm0226&utm_campaign=installer&utm_content=ds&from=wpm0226&uid=ST1000DM005XHD103SJ_S246J9EC419309&ts=1393433864&type=default&q={searchTerms}
Gelöscht [Search Provider] : hxxp://search.delta-homes.com/web/?utm_source=b&utm_medium=wpm0226&utm_campaign=installer&utm_content=ds&from=wpm0226&uid=ST1000DM005XHD103SJ_S246J9EC419309&ts=1393433864&type=default&q={searchTerms}
Gelöscht [Startup_urls] : hxxp://www.delta-homes.com/?utm_source=b&utm_medium=wpm0226&utm_campaign=installer&utm_content=hp&from=wpm0226&uid=ST1000DM005XHD103SJ_S246J9EC419309&ts=1393433864
Gelöscht [Homepage] : hxxp://websearch.searchsunmy.info/?pid=377&r=2013/12/25&hid=1764838136908533383&lg=EN&cc=DE&unqvl=45
Gelöscht [Extension] : hbcennhacfaagdopikcegfcobcadeocj
Gelöscht [Extension] : icdlfehblmklkikfigmjhbmmpmkmpooj
Gelöscht [Extension] : ifohbjbgfchkkfhphahclmkpgejiplfo
Gelöscht [Extension] : mhkaekfpcppmmioggniknbnbdbcigpkk
Gelöscht [Extension] : ogfjmhfnldnajmfaofeiaepghjenbgjo
Gelöscht [Extension] : pfndaklgolladniicklehhancnlgocpp
*************************
AdwCleaner[R0].txt - [44992 octets] - [20/05/2014 10:56:35]
AdwCleaner[S0].txt - [40497 octets] - [20/05/2014 11:01:22]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [40558 octets] ##########
Malwarebyte finde ich gerade nicht... ich glaube sogar, dass ich vergessen habe die Logfile zu speichern. kann den test gerne nochmal iwederholen das waren alle die ich bisher genutzt habe... bin erst seit 15 Uhr dran kannst du mir die nächsten schritte erklären? ESET braucht wohl noch paar minuten... 72% hat er |
|
24.05.2014, 18:54
| #6 | |
| /// TB-Ausbilder | Unerwünschte, leere Pop-up Fenster erscheinen und Wörter sind unterstrichen und verlinktZitat:
Anscheinend bist du Experte und weißt was zu tun ist... oder du führst einfach mal blind alle Tools aus, von denen du was "gehört" hast, in der Hoffnung, dein Problem würde sich in Luft auflösen...  |
|
24.05.2014, 19:38
| #7 |
| | Unerwünschte, leere Pop-up Fenster erscheinen und Wörter sind unterstrichen und verlinkt also Experte würde ich nicht sagen, ich kenne mich ziemlich gut aus und suche halt die "Herausforderung" leider komme ich an manchen Stellen auch nicht weiter und suche mir die Hilfe bei "Google" viele user hatten höchstwahrscheinlich mal dasselbe Problem wie ich und wussten nicht weiter. google hat mich zu 2 Threads bei euch geführt. ich habe mir beide gründlich durchgelesen und gesehen, dass ihr den beiden geholfen habt mit genau diesen programmen die ich nun genutzt habe... ich kann nur nichts mit diesen logfiles anfangen... was sagen die mir? wie erkenne ich was richtig und was falsch ist? daher habe ich heute diesen Thread erstellt ich gebe zu ich bin manchmal ziemlich schnell, aber ich muss dazu sagen... ich habe mir jede Beschreibung der Programme durchgelesen und wusste somit was ich mache. ist ja auch jetzt egal... ich hoffe du kannst mir helfen... ich hoffe ich habe kein Schaden angerichtet... zumindest läuft der PC noch und einige Datein sind bereits durch die Programme gelöscht... nun mache ich nichts wieter... bitte sag mir was ich nun machen soll. mein Motto ist: "Learning by Doing" scheinbar war das hier ein "Fehlgriff" Logfile Combofix: Code:
ATTFilter Combofix Logfile: Code:
ATTFilter C:\AdwCleaner\Quarantine\C\Program Files (x86)\YoutubeAdblocker\UqR.dll.vir Variante von Win32/AdWare.MultiPlug.N Anwendung
C:\AdwCleaner\Quarantine\C\Program Files (x86)\YoutubeAdblocker\UqR.x64.dll.vir Variante von Win64/Adware.MultiPlug.A Anwendung
C:\AdwCleaner\Quarantine\C\ProgramData\YoutubeAdblocker\viPX.exe.vir Variante von Win32/AdWare.MultiPlug.K.gen Anwendung
C:\Program Files (x86)\Vtools\Windows Cleaner\WindowsCleaner.exe Variante von Win32/AdWare.PCErrorFix.A Anwendung
C:\Users\Lars\AppData\Roaming\Apple Computer\MobileSync\Backup\0ab4a4c543c7fae001fed414d82909d2e9baf9d7\7320d23c4d2ec60d8a0fd27569fb11d3d9ebab4d Variante von Win32/Injector.AZOS Trojaner
C:\Windows\System32\dfrg\upd.exe Win32/HafoCoin.AE Trojaner
C:\Windows\SysWOW64\dfrg\upd.exe Win32/HafoCoin.AE Trojaner
|
|
25.05.2014, 12:43
| #8 |
| /// TB-Ausbilder | Unerwünschte, leere Pop-up Fenster erscheinen und Wörter sind unterstrichen und verlinkt FRST neu ausführen, dann sehen wir weiter:
|
|
26.05.2014, 17:05
| #9 |
| | Unerwünschte, leere Pop-up Fenster erscheinen und Wörter sind unterstrichen und verlinkt FRST.txt FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-05-2014 02 Ran by Lars (administrator) on LARS-PC on 26-05-2014 18:00:09 Running from C:\Users\Lars\Desktop\Adware Tools Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: German Standard Internet Explorer Version 10 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (Advanced Micro Devices) C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe () C:\Program Files (x86)\GfK-ProxyService\GfK-ProxyService.exe () C:\Program Files (x86)\GfK Internet-Monitor\GfK-Reporting.exe () C:\Program Files (x86)\GfK Internet-Monitor\GfK-Updater.exe (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe (Logitech Inc.) C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe (Logitech Inc.) C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe (Auslogics) C:\Program Files (x86)\Auslogics\Auslogics BoostSpeed\BoostSpeed.exe (Nero AG) C:\Program Files (x86)\Common Files\Nero\Lib\NMBgMonitor.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe () C:\Users\Lars\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe (RemoteMouse.net) C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe () C:\Program Files (x86)\GfK-ProxyService\GfK-ProxyWatchdog.exe (Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (Nero AG) C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe (VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe (PowerISO Computing, Inc.) C:\Program Files (x86)\PowerISO\PWRISOVM.EXE (Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe (Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe (Razer Inc.) C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe (VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe (Nero AG) C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe (Nero AG) C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe (Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe (Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (GfK) C:\Program Files (x86)\GfK Internet-Monitor\Chrome Extension\GfK-Chrome-Helper.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation) HKLM\...\Run: [Launch LgDeviceAgent] => C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe [415816 2010-08-03] (Logitech Inc.) HKLM\...\Run: [Launch LCDMon] => C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe [2412616 2010-08-03] (Logitech Inc.) HKLM\...\Run: [Launch LGDCore] => C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe [4725320 2010-08-03] (Logitech Inc.) HKLM\...\Run: [CmPCIaudio] => C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\cmicnfg3.cpl,CMICtrlWnd HKLM\...\Run: [Fences] => C:\Program Files (x86)\Stardock\Fences\Fences.exe [4017368 2012-10-29] (Stardock Corporation) HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5015040 2012-02-09] (VIA) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-01-26] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated) HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.) HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54840 2007-05-08] (Hewlett-Packard) HKLM-x32\...\Run: [hpqSRMon] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard) HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [180224 2009-03-15] (PowerISO Computing, Inc.) HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.) HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-05-14] (Apple Inc.) HKU\.DEFAULT\...\Run: [GfK-Proxy-Service] => C:\Program Files (x86)\GfK-ProxyService\GfK-ProxyWatchdog.exe [21480 2014-02-20] () HKU\.DEFAULT\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1 HKU\.DEFAULT\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1 HKU\.DEFAULT\...\Policies\Explorer: [NoResolveSearch] 1 HKU\.DEFAULT\...\Policies\Explorer: [NoInternetOpenWith] 1 HKU\S-1-5-21-1005217006-152471606-131910131-1000\...\Run: [Auslogics BoostSpeed 4] => C:\Program Files (x86)\Auslogics\Auslogics BoostSpeed\boostspeed.exe [362096 2009-03-16] (Auslogics) HKU\S-1-5-21-1005217006-152471606-131910131-1000\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files (x86)\Common Files\Nero\Lib\NMBgMonitor.exe [202024 2007-10-23] (Nero AG) HKU\S-1-5-21-1005217006-152471606-131910131-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-11-20] (Apple Inc.) HKU\S-1-5-21-1005217006-152471606-131910131-1000\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-11-20] (Apple Inc.) HKU\S-1-5-21-1005217006-152471606-131910131-1000\...\Run: [Amazon Cloud Player] => C:\Users\Lars\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe [3145536 2014-05-08] () HKU\S-1-5-21-1005217006-152471606-131910131-1000\...\Run: [Remote Mouse] => C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe [1200640 2014-03-30] (RemoteMouse.net) HKU\S-1-5-21-1005217006-152471606-131910131-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20922016 2014-02-10] (Skype Technologies S.A.) HKU\S-1-5-21-1005217006-152471606-131910131-1000\...\Run: [GfK-Proxy-Service] => C:\Program Files (x86)\GfK-ProxyService\GfK-ProxyWatchdog.exe [21480 2014-02-20] () HKU\S-1-5-21-1005217006-152471606-131910131-1000\...\Policies\Explorer: [NoInternetOpenWith] 1 Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.) Startup: C:\Users\Lars\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Fences.lnk ShortcutTarget: Fences.lnk -> C:\Program Files (x86)\Stardock\Fences\Fences.exe (Stardock Corporation) GroupPolicy: Group Policy on Chrome detected <======= ATTENTION ==================== Internet (Whitelisted) ==================== ProxyEnable: Internet Explorer proxy is enabled. ProxyServer: http=127.0.0.1:7777 HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe SearchScopes: HKLM - {758B870D-DF78-4A6A-9955-DEDDCACF94DC} URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage} SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage} SearchScopes: HKCU - {41F23684-D0B3-4D6C-AC19-5D82E79E82CD} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=744028&p={searchTerms} SearchScopes: HKCU - {758B870D-DF78-4A6A-9955-DEDDCACF94DC} URL = BHO: GfK Internet-Monitor - {4BEEA052-726D-4A6E-B65D-A6BD07C263F3} - C:\Program Files (x86)\GfK Internet-Monitor\x64\Gacela2.dll (GfK) BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.) BHO-x32: GfK Internet-Monitor - {4BEEA052-726D-4A6E-B65D-A6BD07C263F3} - C:\Program Files (x86)\GfK Internet-Monitor\Gacela2.dll (GfK) BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.) BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.) Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 FireFox: ======== FF ProfilePath: C:\Users\Lars\AppData\Roaming\Mozilla\Firefox\Profiles\1ipdivd3.default FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll () FF Plugin: @java.com/DTPlugin,version=10.13.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.13.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=2.1.1 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.3 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.4 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll () FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll No File FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll No File FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKCU: @phonostar.de/phonostar-Player - C:\Program Files (x86)\phonostar-Player\npphonostarDetectNP.dll No File FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll (Sun Microsystems, Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.) FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml FF Extension: HD Streamer - C:\Users\Lars\AppData\Roaming\Mozilla\Firefox\Profiles\1ipdivd3.default\Extensions\hd_streamer@iMedia [2014-05-24] FF Extension: LastPass - C:\Users\Lars\AppData\Roaming\Mozilla\Firefox\Profiles\1ipdivd3.default\Extensions\support@lastpass.com [2013-04-26] FF Extension: Flashblock - C:\Users\Lars\AppData\Roaming\Mozilla\Firefox\Profiles\1ipdivd3.default\Extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a} [2013-11-16] FF Extension: Personas Plus - C:\Users\Lars\AppData\Roaming\Mozilla\Firefox\Profiles\1ipdivd3.default\Extensions\personas@christopher.beard.xpi [2013-02-08] FF Extension: Address Bar Search - C:\Users\Lars\AppData\Roaming\Mozilla\Firefox\Profiles\1ipdivd3.default\Extensions\{badea1ae-72ed-4f6a-8c37-4db9a4ac7bc9}.xpi [2013-10-25] FF Extension: Adblock Plus - C:\Users\Lars\AppData\Roaming\Mozilla\Firefox\Profiles\1ipdivd3.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-10-26] FF Extension: Download Statusbar - C:\Users\Lars\AppData\Roaming\Mozilla\Firefox\Profiles\1ipdivd3.default\Extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}.xpi [2013-02-08] FF Extension: Tab Mix Plus - C:\Users\Lars\AppData\Roaming\Mozilla\Firefox\Profiles\1ipdivd3.default\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2013-09-21] FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013-02-25] FF HKLM-x32\...\Firefox\Extensions: [gacela2@nurago.com] - C:\Program Files (x86)\GfK Internet-Monitor FF Extension: GfK Internet-Monitor - C:\Program Files (x86)\GfK Internet-Monitor [2013-03-28] FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013-02-25] Chrome: ======= CHR HomePage: hxxp://websearch.searchsunmy.info/?pid=377&r=2013/12/25&hid=1764838136908533383&lg=EN&cc=DE&unqvl=45 CHR StartupUrls: "", "hxxp://www.delta-homes.com/?utm_source=b&utm_medium=wpm0226&utm_campaign=installer&utm_content=hp&from=wpm0226&uid=ST1000DM005XHD103SJ_S246J9EC419309&ts=1393433864" CHR Extension: (GfK Internet-Monitor) - C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekfcceehmjiicgpkeblpbcpglgdklklh [2014-05-08] CHR Extension: (AdBlock) - C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-12-13] CHR Extension: (Google Wallet) - C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-02] CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ==================== Services (Whitelisted) ================= R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [354304 2011-01-26] (Advanced Micro Devices, Inc.) R2 AMD Reservation Manager; C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe [194496 2010-06-17] (Advanced Micro Devices) R2 GfK-Proxy-Service; C:\Program Files (x86)\GfK-ProxyService\GfK-ProxyService.exe [45544 2014-02-20] () R2 GfK-Reporting-Service; C:\Program Files (x86)\GfK Internet-Monitor\GfK-Reporting.exe [3293672 2014-02-20] () R2 GfK-Update-Service; C:\Program Files (x86)\GfK Internet-Monitor\GfK-Updater.exe [1356264 2014-02-20] () R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation) R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation) R2 Nero BackItUp Scheduler 3; C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe [853288 2007-09-20] (Nero AG) R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation) R3 NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [382248 2007-10-23] (Nero AG) R2 RzKLService; C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe [105448 2014-02-25] (Razer Inc.) R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27760 2011-11-11] (VIA Technologies, Inc.) ==================== Drivers (Whitelisted) ==================== R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-23] () S3 CM1063264; C:\Windows\System32\drivers\CM10664.sys [984064 2007-04-13] (C-Media Inc) R3 cmuda3; C:\Windows\System32\drivers\cmudax3.sys [828416 2007-04-12] (C-Media Inc) R3 LGPBTDD; C:\Windows\System32\Drivers\LGPBTDD.sys [30728 2009-07-01] (Logitech Inc.) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-05-26] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation) R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation) R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-17] () R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation) R1 wStLib64; C:\Windows\System32\drivers\wStLib64.sys [61112 2014-03-20] (StdLib) S3 catchme; \??\C:\ComboFix\catchme.sys [X] S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [X] S3 MSICDSetup; \??\D:\CDriver64.sys [X] U4 SR; S3 VGPU; System32\drivers\rdvgkmd.sys [X] S3 WinRing0_1_2_0; \??\C:\Program Files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys [X] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-05-25 03:58 - 2014-05-25 03:58 - 163006996 _____ () C:\Users\Lars\Downloads\INTP2268w.rar 2014-05-24 23:41 - 2014-05-24 23:41 - 00349160 _____ () C:\Users\Lars\Downloads\MediaPlayerClassic.exe 2014-05-24 19:16 - 2014-05-26 18:00 - 00000000 ____D () C:\Users\Lars\Desktop\Adware Tools 2014-05-24 16:12 - 2014-05-24 16:12 - 00000000 ____D () C:\Windows\ERUNT 2014-05-24 16:04 - 2014-05-24 16:04 - 00001094 _____ () C:\Users\Public\Desktop\Controller Editor.lnk 2014-05-24 16:04 - 2014-05-24 16:04 - 00000000 __HDC () C:\ProgramData\{FA277A43-401F-4EAE-9068-FCDF88DB3EA9} 2014-05-24 15:58 - 2014-05-24 15:58 - 00001002 _____ () C:\Users\Public\Desktop\Traktor 2.lnk 2014-05-24 15:58 - 2014-05-24 15:58 - 00000000 __HDC () C:\ProgramData\{0495C70B-87F4-4A64-87B3-4FB0BA1F60D2} 2014-05-24 15:52 - 2014-05-24 17:23 - 00133962 _____ () C:\Windows\DPINST.LOG 2014-05-24 15:42 - 2014-05-26 17:55 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-05-24 15:42 - 2014-05-24 15:42 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-05-24 15:42 - 2014-05-24 15:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-05-24 15:42 - 2014-05-24 15:42 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-05-24 15:42 - 2014-05-24 15:42 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-05-24 15:42 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-05-24 15:42 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-05-24 15:42 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2014-05-24 11:54 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe 2014-05-24 11:54 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe 2014-05-24 11:54 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe 2014-05-24 11:54 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe 2014-05-24 11:54 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe 2014-05-24 11:54 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe 2014-05-24 11:54 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe 2014-05-24 11:54 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe 2014-05-24 11:51 - 2014-05-24 20:30 - 00000000 ____D () C:\Qoobox 2014-05-24 11:51 - 2014-05-24 12:52 - 00000000 ____D () C:\Windows\erdnt 2014-05-24 11:17 - 2014-05-24 11:47 - 00000000 ____D () C:\Program Files (x86)\GfK-ProxyService 2014-05-24 11:15 - 2014-05-26 18:00 - 00000000 ____D () C:\FRST 2014-05-24 10:21 - 2014-05-24 10:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2014-05-24 10:15 - 2014-05-24 23:07 - 00007754 _____ () C:\Windows\PFRO.log 2014-05-24 09:57 - 2014-05-26 17:52 - 00001568 _____ () C:\Windows\setupact.log 2014-05-24 09:57 - 2014-05-24 09:57 - 00000000 _____ () C:\Windows\setuperr.log 2014-05-20 17:59 - 2014-05-20 18:00 - 00000000 ____D () C:\Program Files (x86)\winKeyLock 2014-05-20 17:59 - 2014-05-20 17:59 - 00000963 _____ () C:\Users\Lars\Desktop\winKeyLock.lnk 2014-05-20 17:59 - 2014-05-20 17:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\winKeyLock 2014-05-20 17:58 - 2014-05-20 17:58 - 00645904 _____ (winKeyLock ) C:\Users\Lars\Downloads\InstallWinKeyLock1.0.1.exe 2014-05-20 10:57 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll 2014-05-20 10:56 - 2014-05-24 19:48 - 00000000 ____D () C:\AdwCleaner 2014-05-20 10:52 - 2014-05-20 10:52 - 00961360 _____ (Chip Digital GmbH) C:\Users\Lars\Desktop\AdwCleaner.exe 2014-05-20 09:02 - 2014-05-20 09:04 - 00000000 ____D () C:\Users\Lars\Desktop\Vertrag VF Oli Kamera 2014-05-20 08:48 - 2014-05-24 09:56 - 00000668 _____ () C:\aaw7boot.log 2014-05-16 08:13 - 2014-05-16 08:13 - 00000000 ___SD () C:\Windows\system32\CompatTel 2014-05-16 08:12 - 2014-05-16 08:12 - 00001783 _____ () C:\Users\Public\Desktop\iTunes.lnk 2014-05-16 08:12 - 2014-05-16 08:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2014-05-16 08:11 - 2014-05-16 08:12 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2014-05-16 08:11 - 2014-05-16 08:12 - 00000000 ____D () C:\Program Files\iTunes 2014-05-16 08:11 - 2014-05-16 08:12 - 00000000 ____D () C:\Program Files (x86)\iTunes 2014-05-16 08:11 - 2014-05-16 08:11 - 00000000 ____D () C:\Program Files\iPod 2014-05-16 07:51 - 2014-05-06 07:14 - 19274752 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-05-16 07:51 - 2014-05-06 07:14 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-05-16 07:51 - 2014-05-06 05:48 - 14367232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-05-16 07:51 - 2014-05-06 05:48 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-05-16 07:51 - 2014-05-06 05:37 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-05-16 07:51 - 2014-05-06 05:26 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-05-16 07:46 - 2014-05-09 08:14 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-05-16 07:46 - 2014-05-09 08:11 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-05-16 07:46 - 2014-03-25 04:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2014-05-16 07:46 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2014-05-16 07:45 - 2014-04-12 04:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2014-05-16 07:45 - 2014-04-12 04:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2014-05-16 07:45 - 2014-04-12 04:19 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2014-05-16 07:45 - 2014-04-12 04:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2014-05-16 07:45 - 2014-04-12 04:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2014-05-16 07:45 - 2014-04-12 04:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2014-05-16 07:45 - 2014-04-12 04:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2014-05-16 07:45 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2014-05-16 07:45 - 2014-04-12 04:10 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2014-05-16 07:45 - 2014-03-04 11:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2014-05-16 07:45 - 2014-03-04 11:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2014-05-16 07:45 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll 2014-05-16 07:45 - 2014-03-04 11:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2014-05-16 07:45 - 2014-03-04 11:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2014-05-16 07:45 - 2014-03-04 11:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2014-05-16 07:45 - 2014-03-04 11:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2014-05-16 07:45 - 2014-03-04 11:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2014-05-16 07:45 - 2014-03-04 11:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll 2014-05-16 07:45 - 2014-03-04 11:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe 2014-05-16 07:45 - 2014-03-04 11:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll 2014-05-16 07:45 - 2014-03-04 11:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll 2014-05-16 07:45 - 2014-03-04 11:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll 2014-05-16 07:45 - 2014-03-04 11:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll 2014-05-16 07:45 - 2014-03-04 11:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll 2014-05-16 07:45 - 2014-03-04 11:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2014-05-16 07:45 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2014-05-16 07:45 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2014-05-16 07:45 - 2014-03-04 11:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2014-05-16 07:45 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll 2014-05-16 07:45 - 2014-03-04 11:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2014-05-16 07:45 - 2014-03-04 11:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2014-05-16 07:45 - 2014-03-04 11:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2014-05-16 07:45 - 2014-03-04 11:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2014-05-16 07:45 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll 2014-05-16 07:45 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll 2014-05-16 07:45 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll 2014-05-16 07:45 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll 2014-05-16 07:45 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll 2014-05-16 07:45 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll 2014-05-16 07:45 - 2014-03-04 11:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2014-05-16 07:45 - 2014-03-04 11:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2014-05-09 22:54 - 2014-05-24 10:02 - 00000000 ____D () C:\ProgramData\Lavasoft 2014-05-09 22:54 - 2014-05-24 10:02 - 00000000 ____D () C:\Program Files (x86)\Lavasoft 2014-05-09 12:30 - 2014-05-09 12:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mp3tag 2014-05-09 12:21 - 2014-05-09 12:21 - 00001026 _____ () C:\Users\Lars\Desktop\MP3Gain.lnk 2014-05-09 11:49 - 2014-05-09 11:49 - 00000000 __HDC () C:\ProgramData\{4682E4CB-7209-4099-8AA1-580ABCCCE731} 2014-05-09 11:49 - 2014-05-09 11:49 - 00000000 __HDC () C:\ProgramData\{033B4844-E9C3-45D2-88D9-34DDF3F91100} 2014-05-09 11:48 - 2014-05-09 11:48 - 00000000 __HDC () C:\ProgramData\{D2030082-F62A-402A-9456-8009276FD896} 2014-05-09 11:48 - 2014-05-09 11:48 - 00000000 __HDC () C:\ProgramData\{B3478C15-588A-4968-AD66-76AA98803A28} 2014-05-09 11:48 - 2014-05-09 11:48 - 00000000 __HDC () C:\ProgramData\{0CC85DFF-E70A-4AB0-968A-F1F98F4D0C67} 2014-05-09 11:47 - 2014-05-09 11:47 - 00000000 __HDC () C:\ProgramData\{662EAAEC-9E9A-4C69-A658-884E51E909BB} 2014-05-09 11:47 - 2014-05-09 11:47 - 00000000 __HDC () C:\ProgramData\{5EE4F9B1-7274-48A2-9C25-C287604C3058} 2014-05-09 11:46 - 2014-05-09 11:46 - 00000000 __HDC () C:\ProgramData\{EB21323D-3F46-4EF0-B849-B096B7705C69} 2014-05-09 11:46 - 2014-05-09 11:46 - 00000000 __HDC () C:\ProgramData\{9B09061B-0A4F-42DA-9987-7D3F452DCB09} 2014-05-09 11:46 - 2014-05-09 11:46 - 00000000 __HDC () C:\ProgramData\{9597097D-B8DC-4754-AF2D-CB61CCFC861A} 2014-05-09 11:46 - 2014-05-09 11:46 - 00000000 __HDC () C:\ProgramData\{219191E6-6846-4329-889D-7956C487D9A6} 2014-05-09 11:45 - 2014-05-09 11:45 - 00000000 __HDC () C:\ProgramData\{B7C85E99-2AC6-455D-B4D1-752A56403757} 2014-05-09 11:45 - 2014-05-09 11:45 - 00000000 __HDC () C:\ProgramData\{AF79C86B-2321-4D47-A168-2A24BA2B6A73} 2014-05-09 11:45 - 2014-05-09 11:45 - 00000000 __HDC () C:\ProgramData\{9F570B21-E27A-40BE-A508-292899A7D042} 2014-05-09 11:44 - 2014-05-09 11:44 - 00000000 __HDC () C:\ProgramData\{57B31BE2-3175-4425-9722-D2AC5F68C7BD} 2014-05-09 11:11 - 2014-05-24 17:23 - 00001069 _____ () C:\Users\Lars\Desktop\DENON DJ ASIO Driver.lnk 2014-05-09 11:11 - 2014-05-09 11:11 - 00000000 ____D () C:\Users\Lars\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DENON_DJ 2014-05-09 11:11 - 2014-05-09 11:11 - 00000000 ____D () C:\Program Files (x86)\DENON_DJ 2014-04-26 14:54 - 2014-04-26 14:54 - 00000802 _____ () C:\Users\Public\Desktop\MAGIX Media Manager 2004 silver.lnk 2014-04-26 14:54 - 2014-04-26 14:54 - 00000000 ____D () C:\Users\Lars\Documents\My MAGIX Online Druck Service Files 2014-04-26 14:54 - 2014-04-26 14:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX Online Druck Service 2014-04-26 14:54 - 2014-04-26 14:54 - 00000000 ____D () C:\Program Files (x86)\MAGIX Online Druck Service 2014-04-26 14:54 - 2014-04-26 14:54 - 00000000 _____ () C:\Windows\ringtonemaker.INI 2014-04-26 14:54 - 2004-06-01 17:20 - 00339968 _____ (PoINT Software & Systems GmbH) C:\Windows\SysWOW64\DLLAV32.dll 2014-04-26 14:54 - 2004-05-30 01:17 - 00180224 _____ (PoINT Software & Systems GmbH) C:\Windows\SysWOW64\DLLRES32.dll 2014-04-26 14:54 - 2004-05-30 01:17 - 00151552 _____ (PoINT Software & Systems GmbH) C:\Windows\SysWOW64\DLLDEV32.dll 2014-04-26 14:54 - 2004-05-30 01:17 - 00126976 _____ (PoINT Software & Systems GmbH) C:\Windows\SysWOW64\DLLDRV32.dll 2014-04-26 14:54 - 2004-05-30 01:17 - 00049152 _____ (PoINT Software & Systems GmbH) C:\Windows\SysWOW64\DLLIO32.dll 2014-04-26 14:54 - 2004-05-30 01:17 - 00036864 _____ (PoINT Software & Systems GmbH) C:\Windows\SysWOW64\DLLPNT32.dll 2014-04-26 14:54 - 2004-05-30 01:17 - 00028672 _____ (PoINT Software & Systems GmbH) C:\Windows\SysWOW64\STRING32.dll 2014-04-26 14:54 - 2004-03-11 16:49 - 00014182 _____ () C:\Windows\SysWOW64\DLLAV32.lib 2014-04-26 14:54 - 2003-04-18 16:29 - 00044544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml4a.dll 2014-04-26 14:54 - 2003-03-14 10:35 - 00040960 _____ (PoINT Software & Systems GmbH) C:\Windows\SysWOW64\DLLRD32.dll 2014-04-26 14:54 - 2003-03-14 10:33 - 00114688 _____ (PoINT Software & Systems GmbH) C:\Windows\SysWOW64\DLLCDA32.dll 2014-04-26 14:54 - 2003-03-14 10:33 - 00061440 _____ (PoINT Software & Systems GmbH) C:\Windows\SysWOW64\DLLCDF32.dll 2014-04-26 14:54 - 2003-03-14 10:33 - 00053248 _____ (PoINT Software & Systems GmbH) C:\Windows\SysWOW64\DLLPRJ32.dll 2014-04-26 14:54 - 2003-03-14 10:33 - 00045056 _____ (PoINT Software & Systems GmbH) C:\Windows\SysWOW64\DLLIMG32.dll 2014-04-26 14:54 - 2003-03-14 10:32 - 00081920 _____ (PoINT Software & Systems GmbH) C:\Windows\SysWOW64\DLLCPY32.dll 2014-04-26 14:54 - 2003-03-14 10:32 - 00065536 _____ (PoINT Software & Systems GmbH) C:\Windows\SysWOW64\DLLPTL32.dll 2014-04-26 14:54 - 2003-03-14 10:32 - 00057344 _____ (PoINT Software & Systems GmbH) C:\Windows\SysWOW64\DLLTPO32.dll 2014-04-26 14:54 - 2003-03-14 10:32 - 00049152 _____ (PoINT Software & Systems GmbH) C:\Windows\SysWOW64\DLLPRF32.dll 2014-04-26 14:54 - 2003-03-14 10:32 - 00032768 _____ (PoINT Software & Systems GmbH) C:\Windows\SysWOW64\DLLMSC32.dll 2014-04-26 14:54 - 2003-03-14 10:32 - 00032768 _____ (PoINT Software & Systems GmbH) C:\Windows\SysWOW64\DLLISO32.dll 2014-04-26 14:54 - 2003-03-14 10:32 - 00032768 _____ (PoINT Software & Systems GmbH) C:\Windows\SysWOW64\DLLDIR32.dll 2014-04-26 14:54 - 2003-03-14 10:32 - 00024576 _____ (PoINT Software & Systems GmbH) C:\Windows\SysWOW64\TTIC32.dll 2014-04-26 14:54 - 2003-03-14 10:32 - 00024576 _____ (PoINT Software & Systems GmbH) C:\Windows\SysWOW64\TTI32.dll 2014-04-26 14:54 - 2003-03-14 10:32 - 00024576 _____ (PoINT Software & Systems GmbH) C:\Windows\SysWOW64\DLLIX.dll 2014-04-26 14:52 - 2014-04-26 14:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX 2014-04-26 14:52 - 2014-04-26 14:54 - 00000000 ____D () C:\MAGIX 2014-04-26 14:52 - 2014-04-26 14:52 - 00000779 _____ () C:\Users\Public\Desktop\MAGIX ringtone maker.lnk 2014-04-26 14:52 - 2014-04-26 14:52 - 00000024 _____ () C:\Windows\magix.ini 2014-04-26 14:52 - 2014-04-26 14:52 - 00000000 ____D () C:\Windows\SysWOW64\MAGIX 2014-04-26 14:52 - 2004-09-14 14:56 - 00184320 _____ (MAGIX AG) C:\Windows\SysWOW64\mgxoschk.dll 2014-04-26 14:52 - 2004-08-13 12:33 - 00001208 _____ () C:\Windows\mgxoschk.ini 2014-04-26 14:52 - 2002-09-21 00:33 - 01089536 _____ (eHelp Corporation.) C:\Windows\SysWOW64\ROBOEX32.DLL 2014-04-26 14:52 - 1999-01-28 14:44 - 00049152 _____ (Blue Sky Software Corporation.) C:\Windows\SysWOW64\INETWH32.dll 2014-04-26 14:52 - 1998-10-15 17:28 - 00085504 _____ (Blue Sky Software Corporation.) C:\Windows\SysWOW64\HtmlWH.dll ==================== One Month Modified Files and Folders ======= 2014-05-26 18:00 - 2014-05-24 19:16 - 00000000 ____D () C:\Users\Lars\Desktop\Adware Tools 2014-05-26 18:00 - 2014-05-24 11:15 - 00000000 ____D () C:\FRST 2014-05-26 17:57 - 2013-02-07 13:57 - 02071593 _____ () C:\Windows\WindowsUpdate.log 2014-05-26 17:55 - 2014-05-24 15:42 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-05-26 17:54 - 2013-03-28 11:32 - 00000000 ____D () C:\Program Files (x86)\GfK Internet-Monitor 2014-05-26 17:54 - 2013-02-25 16:39 - 00000000 ____D () C:\Users\Lars\AppData\Roaming\Skype 2014-05-26 17:52 - 2014-05-24 09:57 - 00001568 _____ () C:\Windows\setupact.log 2014-05-26 17:52 - 2013-02-07 15:07 - 00001102 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-05-26 17:52 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-05-25 12:59 - 2014-02-08 11:55 - 00000000 ____D () C:\Users\Lars\AppData\Roaming\.purple 2014-05-25 12:44 - 2013-02-09 01:54 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-05-25 12:26 - 2013-02-07 15:07 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-05-25 10:29 - 2013-09-19 19:33 - 00000000 ____D () C:\Users\Lars\Downloads\Primeval New World 2014-05-25 10:10 - 2013-09-21 08:41 - 00000000 ____D () C:\Users\Lars\AppData\Roaming\Mp3tag 2014-05-25 10:10 - 2013-05-11 10:10 - 00000000 ____D () C:\Users\Lars\Desktop\neue Musik 2014-05-25 10:08 - 2013-11-24 10:38 - 00000000 ____D () C:\Users\Lars\AppData\Roaming\vlc 2014-05-25 06:30 - 2013-08-17 21:52 - 00000000 ____D () C:\Users\Lars\Desktop\XTreme 6.1 2014-05-25 03:58 - 2014-05-25 03:58 - 163006996 _____ () C:\Users\Lars\Downloads\INTP2268w.rar 2014-05-24 23:41 - 2014-05-24 23:41 - 00349160 _____ () C:\Users\Lars\Downloads\MediaPlayerClassic.exe 2014-05-24 23:16 - 2009-07-14 06:45 - 00021248 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-05-24 23:16 - 2009-07-14 06:45 - 00021248 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-05-24 23:07 - 2014-05-24 10:15 - 00007754 _____ () C:\Windows\PFRO.log 2014-05-24 20:30 - 2014-05-24 11:51 - 00000000 ____D () C:\Qoobox 2014-05-24 20:07 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini 2014-05-24 19:48 - 2014-05-20 10:56 - 00000000 ____D () C:\AdwCleaner 2014-05-24 19:33 - 2013-06-17 21:35 - 00000000 ____D () C:\Users\Lars\AppData\Roaming\uTorrent 2014-05-24 17:23 - 2014-05-24 15:52 - 00133962 _____ () C:\Windows\DPINST.LOG 2014-05-24 17:23 - 2014-05-09 11:11 - 00001069 _____ () C:\Users\Lars\Desktop\DENON DJ ASIO Driver.lnk 2014-05-24 16:12 - 2014-05-24 16:12 - 00000000 ____D () C:\Windows\ERUNT 2014-05-24 16:04 - 2014-05-24 16:04 - 00001094 _____ () C:\Users\Public\Desktop\Controller Editor.lnk 2014-05-24 16:04 - 2014-05-24 16:04 - 00000000 __HDC () C:\ProgramData\{FA277A43-401F-4EAE-9068-FCDF88DB3EA9} 2014-05-24 16:03 - 2013-02-14 12:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments 2014-05-24 16:03 - 2013-02-14 12:30 - 00000000 ____D () C:\Program Files\Native Instruments 2014-05-24 16:03 - 2013-02-14 12:30 - 00000000 ____D () C:\Program Files\Common Files\Native Instruments 2014-05-24 15:58 - 2014-05-24 15:58 - 00001002 _____ () C:\Users\Public\Desktop\Traktor 2.lnk 2014-05-24 15:58 - 2014-05-24 15:58 - 00000000 __HDC () C:\ProgramData\{0495C70B-87F4-4A64-87B3-4FB0BA1F60D2} 2014-05-24 15:42 - 2014-05-24 15:42 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-05-24 15:42 - 2014-05-24 15:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-05-24 15:42 - 2014-05-24 15:42 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-05-24 15:42 - 2014-05-24 15:42 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-05-24 12:52 - 2014-05-24 11:51 - 00000000 ____D () C:\Windows\erdnt 2014-05-24 11:47 - 2014-05-24 11:17 - 00000000 ____D () C:\Program Files (x86)\GfK-ProxyService 2014-05-24 10:25 - 2010-11-21 08:50 - 00702964 _____ () C:\Windows\system32\perfh007.dat 2014-05-24 10:25 - 2010-11-21 08:50 - 00150604 _____ () C:\Windows\system32\perfc007.dat 2014-05-24 10:25 - 2009-07-14 07:13 - 01629436 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-05-24 10:21 - 2014-05-24 10:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2014-05-24 10:21 - 2013-02-07 15:07 - 00000000 ____D () C:\Program Files (x86)\Google 2014-05-24 10:19 - 2013-11-15 20:02 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-05-24 10:17 - 2014-03-01 16:48 - 00000000 ____D () C:\Users\Lars\Tracing 2014-05-24 10:15 - 2013-02-07 14:45 - 00000000 ____D () C:\Users\Lars 2014-05-24 10:02 - 2014-05-09 22:54 - 00000000 ____D () C:\ProgramData\Lavasoft 2014-05-24 10:02 - 2014-05-09 22:54 - 00000000 ____D () C:\Program Files (x86)\Lavasoft 2014-05-24 09:57 - 2014-05-24 09:57 - 00000000 _____ () C:\Windows\setuperr.log 2014-05-24 09:56 - 2014-05-20 08:48 - 00000668 _____ () C:\aaw7boot.log 2014-05-20 18:00 - 2014-05-20 17:59 - 00000000 ____D () C:\Program Files (x86)\winKeyLock 2014-05-20 17:59 - 2014-05-20 17:59 - 00000963 _____ () C:\Users\Lars\Desktop\winKeyLock.lnk 2014-05-20 17:59 - 2014-05-20 17:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\winKeyLock 2014-05-20 17:58 - 2014-05-20 17:58 - 00645904 _____ (winKeyLock ) C:\Users\Lars\Downloads\InstallWinKeyLock1.0.1.exe 2014-05-20 11:01 - 2013-03-09 18:46 - 00001079 _____ () C:\Users\Lars\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2014-05-20 11:01 - 2013-02-08 00:58 - 00001061 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2014-05-20 10:52 - 2014-05-20 10:52 - 00961360 _____ (Chip Digital GmbH) C:\Users\Lars\Desktop\AdwCleaner.exe 2014-05-20 09:04 - 2014-05-20 09:02 - 00000000 ____D () C:\Users\Lars\Desktop\Vertrag VF Oli Kamera 2014-05-16 08:44 - 2013-05-14 22:44 - 17938608 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe 2014-05-16 08:44 - 2013-02-09 01:54 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-05-16 08:44 - 2013-02-09 01:54 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-05-16 08:44 - 2013-02-09 01:54 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-05-16 08:40 - 2013-12-13 10:11 - 00000000 ____D () C:\Users\Lars\AppData\Local\Amazon Cloud Player 2014-05-16 08:39 - 2013-12-13 10:11 - 00001604 _____ () C:\Windows\System32\Tasks\Amazon Music Helper 2014-05-16 08:16 - 2013-02-07 14:51 - 00000000 ___RD () C:\Users\Lars\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2014-05-16 08:16 - 2013-02-07 14:51 - 00000000 ___RD () C:\Users\Lars\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools 2014-05-16 08:13 - 2014-05-16 08:13 - 00000000 ___SD () C:\Windows\system32\CompatTel 2014-05-16 08:13 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions 2014-05-16 08:12 - 2014-05-16 08:12 - 00001783 _____ () C:\Users\Public\Desktop\iTunes.lnk 2014-05-16 08:12 - 2014-05-16 08:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2014-05-16 08:12 - 2014-05-16 08:11 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2014-05-16 08:12 - 2014-05-16 08:11 - 00000000 ____D () C:\Program Files\iTunes 2014-05-16 08:12 - 2014-05-16 08:11 - 00000000 ____D () C:\Program Files (x86)\iTunes 2014-05-16 08:11 - 2014-05-16 08:11 - 00000000 ____D () C:\Program Files\iPod 2014-05-16 07:51 - 2013-02-08 01:03 - 00000000 ____D () C:\ProgramData\Microsoft Help 2014-05-16 07:50 - 2013-09-12 17:45 - 00000000 ____D () C:\Windows\system32\MRT 2014-05-16 07:48 - 2013-02-08 12:34 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-05-16 07:35 - 2013-02-14 15:59 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk 2014-05-12 07:26 - 2014-05-24 15:42 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-05-12 07:26 - 2014-05-24 15:42 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-05-12 07:25 - 2014-05-24 15:42 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2014-05-11 07:36 - 2013-09-21 09:36 - 00000141 _____ () C:\Users\Lars\AppData\Roaming\WB.CFG 2014-05-09 15:21 - 2013-02-07 15:07 - 00004102 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2014-05-09 15:21 - 2013-02-07 15:07 - 00003850 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2014-05-09 12:30 - 2014-05-09 12:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mp3tag 2014-05-09 12:30 - 2013-09-21 08:41 - 00000979 _____ () C:\Users\Public\Desktop\Mp3tag.lnk 2014-05-09 12:30 - 2013-09-21 08:41 - 00000000 ____D () C:\Program Files (x86)\Mp3tag 2014-05-09 12:21 - 2014-05-09 12:21 - 00001026 _____ () C:\Users\Lars\Desktop\MP3Gain.lnk 2014-05-09 11:57 - 2013-02-14 14:13 - 00000000 ____D () C:\Users\Lars\Documents\Native Instruments 2014-05-09 11:49 - 2014-05-09 11:49 - 00000000 __HDC () C:\ProgramData\{4682E4CB-7209-4099-8AA1-580ABCCCE731} 2014-05-09 11:49 - 2014-05-09 11:49 - 00000000 __HDC () C:\ProgramData\{033B4844-E9C3-45D2-88D9-34DDF3F91100} 2014-05-09 11:48 - 2014-05-09 11:48 - 00000000 __HDC () C:\ProgramData\{D2030082-F62A-402A-9456-8009276FD896} 2014-05-09 11:48 - 2014-05-09 11:48 - 00000000 __HDC () C:\ProgramData\{B3478C15-588A-4968-AD66-76AA98803A28} 2014-05-09 11:48 - 2014-05-09 11:48 - 00000000 __HDC () C:\ProgramData\{0CC85DFF-E70A-4AB0-968A-F1F98F4D0C67} 2014-05-09 11:47 - 2014-05-09 11:47 - 00000000 __HDC () C:\ProgramData\{662EAAEC-9E9A-4C69-A658-884E51E909BB} 2014-05-09 11:47 - 2014-05-09 11:47 - 00000000 __HDC () C:\ProgramData\{5EE4F9B1-7274-48A2-9C25-C287604C3058} 2014-05-09 11:46 - 2014-05-09 11:46 - 00000000 __HDC () C:\ProgramData\{EB21323D-3F46-4EF0-B849-B096B7705C69} 2014-05-09 11:46 - 2014-05-09 11:46 - 00000000 __HDC () C:\ProgramData\{9B09061B-0A4F-42DA-9987-7D3F452DCB09} 2014-05-09 11:46 - 2014-05-09 11:46 - 00000000 __HDC () C:\ProgramData\{9597097D-B8DC-4754-AF2D-CB61CCFC861A} 2014-05-09 11:46 - 2014-05-09 11:46 - 00000000 __HDC () C:\ProgramData\{219191E6-6846-4329-889D-7956C487D9A6} 2014-05-09 11:45 - 2014-05-09 11:45 - 00000000 __HDC () C:\ProgramData\{B7C85E99-2AC6-455D-B4D1-752A56403757} 2014-05-09 11:45 - 2014-05-09 11:45 - 00000000 __HDC () C:\ProgramData\{AF79C86B-2321-4D47-A168-2A24BA2B6A73} 2014-05-09 11:45 - 2014-05-09 11:45 - 00000000 __HDC () C:\ProgramData\{9F570B21-E27A-40BE-A508-292899A7D042} 2014-05-09 11:44 - 2014-05-09 11:44 - 00000000 __HDC () C:\ProgramData\{57B31BE2-3175-4425-9722-D2AC5F68C7BD} 2014-05-09 11:11 - 2014-05-09 11:11 - 00000000 ____D () C:\Users\Lars\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DENON_DJ 2014-05-09 11:11 - 2014-05-09 11:11 - 00000000 ____D () C:\Program Files (x86)\DENON_DJ 2014-05-09 08:14 - 2014-05-16 07:46 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-05-09 08:11 - 2014-05-16 07:46 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-05-06 07:14 - 2014-05-16 07:51 - 19274752 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-05-06 07:14 - 2014-05-16 07:51 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-05-06 05:48 - 2014-05-16 07:51 - 14367232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-05-06 05:48 - 2014-05-16 07:51 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-05-06 05:37 - 2014-05-16 07:51 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-05-06 05:26 - 2014-05-16 07:51 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-05-02 23:38 - 2013-02-08 01:06 - 00000000 ____D () C:\Users\Lars\AppData\Roaming\TS3Client 2014-05-02 22:34 - 2013-05-21 01:53 - 00007607 _____ () C:\Users\Lars\AppData\Local\Resmon.ResmonCfg 2014-04-26 14:54 - 2014-04-26 14:54 - 00000802 _____ () C:\Users\Public\Desktop\MAGIX Media Manager 2004 silver.lnk 2014-04-26 14:54 - 2014-04-26 14:54 - 00000000 ____D () C:\Users\Lars\Documents\My MAGIX Online Druck Service Files 2014-04-26 14:54 - 2014-04-26 14:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX Online Druck Service 2014-04-26 14:54 - 2014-04-26 14:54 - 00000000 ____D () C:\Program Files (x86)\MAGIX Online Druck Service 2014-04-26 14:54 - 2014-04-26 14:54 - 00000000 _____ () C:\Windows\ringtonemaker.INI 2014-04-26 14:54 - 2014-04-26 14:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX 2014-04-26 14:54 - 2014-04-26 14:52 - 00000000 ____D () C:\MAGIX 2014-04-26 14:52 - 2014-04-26 14:52 - 00000779 _____ () C:\Users\Public\Desktop\MAGIX ringtone maker.lnk 2014-04-26 14:52 - 2014-04-26 14:52 - 00000024 _____ () C:\Windows\magix.ini 2014-04-26 14:52 - 2014-04-26 14:52 - 00000000 ____D () C:\Windows\SysWOW64\MAGIX ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2013-02-26 19:00 ==================== End Of Log ============================ Addition.txt FRST Additions Logfile: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-05-2014 02
Ran by Lars at 2014-05-26 18:00:46
Running from C:\Users\Lars\Desktop\Adware Tools
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
==================== Installed Programs ======================
3DMark06 (HKLM-x32\...\{7F3AD00A-1819-4B15-BB7D-08B3586336D7}) (Version: 1.2.1 - Futuremark Corporation)
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.7.0.1530 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.7.0.1530 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Reader X (10.1.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.10 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.5 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.5.9.620 - Adobe Systems, Inc.)
AIO_CDB_ProductContext (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
AIO_CDB_Software (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
AIO_Scan (x32 Version: 130.0.421.000 - Hewlett-Packard) Hidden
Amazon Cloud Player (HKCU\...\Amazon Amazon Cloud Player) (Version: 2.4.0.33 - Amazon Services LLC)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - ATI Technologies Inc.) Hidden
AMD Fuel (Version: 2011.0126.1749.31909 - Ihr Firmenname) Hidden
Apple Application Support (HKLM-x32\...\{D9DAD0FF-495A-472B-9F10-BAE430A26682}) (Version: 3.0.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.14.3.0 - Asmedia Technology)
ATI AVIVO64 Codecs (Version: 11.6.0.10126 - ATI Technologies Inc.) Hidden
ATI Catalyst Install Manager (HKLM\...\{7DE8BAC9-CAF4-FFAD-081A-6D74412E28A6}) (Version: 3.0.812.0 - ATI Technologies, Inc.)
Audio Recorder for Free (HKLM-x32\...\Audio Recorder for Free) (Version: - Audio-Tool.net)
Aureon 5.1 PCI (HKLM\...\C-Media PCI Audio Driver) (Version: - )
Auslogics BoostSpeed (HKLM-x32\...\{7216871F-869E-437C-B9BF-2A13F2DCE63F}_is1) (Version: version 4.4 - Auslogics Software Pty Ltd)
Biet-O-Matic v2.14.12 (HKLM-x32\...\Biet-O-Matic v2.14.12) (Version: 2.14.12 - BOM Development Team)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2011.0126.1749.31909 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2011.0126.1749.31909 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2011.0126.1749.31909 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2011.0126.1748.31909 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2011.0126.1748.31909 - ATI) Hidden
CCC Help Czech (x32 Version: 2011.0126.1748.31909 - ATI) Hidden
CCC Help Danish (x32 Version: 2011.0126.1748.31909 - ATI) Hidden
CCC Help Dutch (x32 Version: 2011.0126.1748.31909 - ATI) Hidden
CCC Help English (x32 Version: 2011.0126.1748.31909 - ATI) Hidden
CCC Help Finnish (x32 Version: 2011.0126.1748.31909 - ATI) Hidden
CCC Help French (x32 Version: 2011.0126.1748.31909 - ATI) Hidden
CCC Help German (x32 Version: 2011.0126.1748.31909 - ATI) Hidden
CCC Help Greek (x32 Version: 2011.0126.1748.31909 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2011.0126.1748.31909 - ATI) Hidden
CCC Help Italian (x32 Version: 2011.0126.1748.31909 - ATI) Hidden
CCC Help Japanese (x32 Version: 2011.0126.1748.31909 - ATI) Hidden
CCC Help Korean (x32 Version: 2011.0126.1748.31909 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2011.0126.1748.31909 - ATI) Hidden
CCC Help Polish (x32 Version: 2011.0126.1748.31909 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2011.0126.1748.31909 - ATI) Hidden
CCC Help Russian (x32 Version: 2011.0126.1748.31909 - ATI) Hidden
CCC Help Spanish (x32 Version: 2011.0126.1748.31909 - ATI) Hidden
CCC Help Swedish (x32 Version: 2011.0126.1748.31909 - ATI) Hidden
CCC Help Thai (x32 Version: 2011.0126.1748.31909 - ATI) Hidden
CCC Help Turkish (x32 Version: 2011.0126.1748.31909 - ATI) Hidden
ccc-core-static (x32 Version: 2011.0126.1749.31909 - Ihr Firmenname) Hidden
ccc-utility64 (Version: 2011.0126.1749.31909 - ATI) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 3.04 - Piriform)
Copy (x32 Version: 130.0.428.000 - Hewlett-Packard) Hidden
CPUID CPU-Z 1.61.3 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DC-Bass Source 1.3.0 (HKLM-x32\...\DC-Bass Source) (Version: - )
DENON DJ ASIO Driver (HKLM-x32\...\{E4EC27CD-229E-481E-84F1-7AB83AC479BE}) (Version: 2.2.2 - DENON_DJ)
Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 130.0.465.000 - Hewlett-Packard) Hidden
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.8 - DivX, LLC)
DocProc (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
eMule (HKLM-x32\...\eMule) (Version: - )
EPSON AL-C1600 (HKLM\...\EPSON AL-C1600) (Version: - )
EPU-4 Engine (HKLM-x32\...\{8F66047B-1AF3-40D9-80D7-106E2EDC2C2A}) (Version: 1.03.03 - )
F300 (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
F300_Help (x32 Version: 82.0.242.000 - Hewlett-Packard) Hidden
F300Trb (x32 Version: 82.0.242.000 - Hewlett-Packard) Hidden
Fax (x32 Version: 130.0.418.000 - Hewlett-Packard) Hidden
Fences 2 (HKLM-x32\...\Fences 22.01) (Version: 2.01 - Stardock Corporation)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
GfK Internet-Monitor (HKLM-x32\...\39992AD7-103F-4308-8BB7-3F65F543604D) (Version: 12.6.186 - GfK)
GfK Proxy Service (HKLM-x32\...\NuragoProxyService) (Version: - )
GIMP 2.6.11 (HKLM-x32\...\WinGimp-2.0_is1) (Version: 2.6.11 - The GIMP Team)
GMX ProfiFax (HKLM-x32\...\GMX ProfiFax) (Version: 2.00.236 - 1&1 Mail & Media GmbH)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.114 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HashCheck Shell Extension (x86-32) (HKLM-x32\...\HashCheck Shell Extension) (Version: 2.1.11.1 - Kai Liu)
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP)
HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. B (HKLM\...\{B61ED343-0B14-4241-999C-490CB1A20DA4}) (Version: 13.0 - HP)
HP Smart Web Printing 4.51 (HKLM\...\HP Smart Web Printing) (Version: 4.51 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Update (HKLM-x32\...\{7059BDA7-E1DB-442C-B7A1-6144596720A4}) (Version: 4.000.011.006 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
HPPhotoGadget (x32 Version: 130.0.282.000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabelContent1 (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPPhotosmartEssential (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HydraVision (x32 Version: 4.2.184.0 - ATI Technologies Inc.) Hidden
iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)
iTunes (HKLM\...\{9D20916D-C1E9-4E39-9723-13D200D87C40}) (Version: 11.2.0.114 - Apple Inc.)
Java 7 Update 13 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417013FF}) (Version: 7.0.130 - Oracle)
Java(TM) 6 Update 24 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216024FF}) (Version: 6.0.240 - Oracle)
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
K-Lite Codec Pack (64-bit) v4.5.0 (HKLM\...\KLiteCodecPack64_is1) (Version: 4.5.0 - )
K-Lite Codec Pack 7.0.0 (Full) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 7.0.0 - )
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
League of Legends (HKLM-x32\...\{92606477-9366-4D3B-8AE3-6BE4B29727AB}) (Version: 1.3 - Riot Games)
Logitech GamePanel Software 3.03.133 (HKLM\...\{6CC95B76-D380-46B2-9022-9353938E48BA}) (Version: 3.03.133 - Logitech Inc.)
Logitech GamePanel Software 3.06.109 (HKLM\...\{A1E85B9A-AFAD-4D38-AF01-6B020DD5213A}) (Version: 3.06.109 - Logitech Inc.)
Lumac (HKLM-x32\...\InstallShield_{5DE11949-2B11-4F13-BAD5-1C237122CFDB}) (Version: 1.1.92.0 - Firstload)
Lumac (x32 Version: 1.1.92.0 - Firstload) Hidden
MAGIX Media Manager 2004 silver (HKLM-x32\...\MAGIX Media Manager 2004 silver) (Version: 2.0.7.0 - MAGIX AG)
MAGIX Online Druck Service (HKLM-x32\...\MAGIX Online Druck Service) (Version: - Silverwire Software GmbH)
MAGIX ringtone maker (HKLM-x32\...\MAGIX ringtone maker) (Version: 1.0.0.4 - MAGIX AG)
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0407-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.0.4035.0328 - Microsoft Corporation)
Microsoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft XML Parser (x32 Version: 8.0.7820.0 - Microsoft Corporation) Hidden
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 25.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 25.0.1 (x86 de)) (Version: 25.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 25.0.1 - Mozilla)
Mp3tag v2.59a (HKLM-x32\...\Mp3tag) (Version: v2.59a - Florian Heidenreich)
MSI Afterburner 2.1.0 (HKLM-x32\...\Afterburner) (Version: 2.1.0 - MSI Co., LTD)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Native Instruments Audio 2 DJ (HKLM-x32\...\Native Instruments Audio 2 DJ) (Version: - Native Instruments)
Native Instruments Audio 2 DJ Driver (HKLM-x32\...\Native Instruments Audio 2 DJ Driver) (Version: - Native Instruments)
Native Instruments Audio 2 DJ Driver (Version: 3.1.0.761 - Native Instruments) Hidden
Native Instruments Audio 4 DJ (HKLM-x32\...\Native Instruments Audio 4 DJ) (Version: - Native Instruments)
Native Instruments Audio 4 DJ Driver (HKLM-x32\...\Native Instruments Audio 4 DJ Driver) (Version: - Native Instruments)
Native Instruments Audio 4 DJ Driver (Version: 3.1.0.761 - Native Instruments) Hidden
Native Instruments Audio 8 DJ (HKLM-x32\...\Native Instruments Audio 8 DJ) (Version: - Native Instruments)
Native Instruments Audio 8 DJ Driver (HKLM-x32\...\Native Instruments Audio 8 DJ Driver) (Version: - Native Instruments)
Native Instruments Audio 8 DJ Driver (Version: 3.1.0.761 - Native Instruments) Hidden
Native Instruments Controller Editor (HKLM-x32\...\Native Instruments Controller Editor) (Version: 1.6.3.46 - Native Instruments)
Native Instruments Controller Editor (Version: 1.6.3.46 - Native Instruments) Hidden
Native Instruments Maschine Controller (HKLM-x32\...\Native Instruments Maschine Controller) (Version: - Native Instruments)
Native Instruments Maschine Controller (Version: 3.0.1.648 - Native Instruments) Hidden
Native Instruments Service Center (HKLM-x32\...\Native Instruments Service Center) (Version: - Native Instruments)
Native Instruments Service Center (Version: 2.2.6.676 - Native Instruments) Hidden
Native Instruments Traktor 2 (HKLM-x32\...\Native Instruments Traktor 2) (Version: 2.6.8.382 - Native Instruments)
Native Instruments Traktor 2 (Version: 2.6.8.382 - Native Instruments) Hidden
Native Instruments Traktor Audio 10 (HKLM-x32\...\Native Instruments Traktor Audio 10) (Version: - Native Instruments)
Native Instruments Traktor Audio 10 Driver (HKLM-x32\...\Native Instruments Traktor Audio 10 Driver) (Version: - Native Instruments)
Native Instruments Traktor Audio 10 Driver (Version: 3.1.0.761 - Native Instruments) Hidden
Native Instruments Traktor Audio 2 (HKLM-x32\...\Native Instruments Traktor Audio 2) (Version: - Native Instruments)
Native Instruments Traktor Audio 2 Driver (HKLM-x32\...\Native Instruments Traktor Audio 2 Driver) (Version: - Native Instruments)
Native Instruments Traktor Audio 2 Driver (Version: 3.1.0.761 - Native Instruments) Hidden
Native Instruments Traktor Audio 2 MK2 Driver (HKLM-x32\...\Native Instruments Traktor Audio 2 MK2 Driver) (Version: - Native Instruments)
Native Instruments Traktor Audio 2 MK2 Driver (Version: 3.1.3.804 - Native Instruments) Hidden
Native Instruments Traktor Audio 6 (HKLM-x32\...\Native Instruments Traktor Audio 6) (Version: - Native Instruments)
Native Instruments Traktor Audio 6 Driver (HKLM-x32\...\Native Instruments Traktor Audio 6 Driver) (Version: - Native Instruments)
Native Instruments Traktor Audio 6 Driver (Version: 3.1.0.761 - Native Instruments) Hidden
Native Instruments Traktor Kontrol F1 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol F1 Driver) (Version: - Native Instruments)
Native Instruments Traktor Kontrol F1 Driver (Version: 3.0.2.664 - Native Instruments) Hidden
Native Instruments Traktor Kontrol S2 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol S2 Driver) (Version: - Native Instruments)
Native Instruments Traktor Kontrol S2 Driver (Version: 3.1.0.761 - Native Instruments) Hidden
Native Instruments Traktor Kontrol S2 MK2 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol S2 MK2 Driver) (Version: - Native Instruments)
Native Instruments Traktor Kontrol S2 MK2 Driver (Version: 3.1.2.795 - Native Instruments) Hidden
Native Instruments Traktor Kontrol S4 (HKLM-x32\...\Native Instruments Traktor Kontrol S4) (Version: - Native Instruments)
Native Instruments Traktor Kontrol S4 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol S4 Driver) (Version: - Native Instruments)
Native Instruments Traktor Kontrol S4 Driver (Version: 3.1.0.761 - Native Instruments) Hidden
Native Instruments Traktor Kontrol S4 MK2 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol S4 MK2 Driver) (Version: - Native Instruments)
Native Instruments Traktor Kontrol S4 MK2 Driver (Version: 3.1.2.795 - Native Instruments) Hidden
Native Instruments Traktor Kontrol X1 (HKLM-x32\...\Native Instruments Traktor Kontrol X1) (Version: - Native Instruments)
Native Instruments Traktor Kontrol X1 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol X1 Driver) (Version: - Native Instruments)
Native Instruments Traktor Kontrol X1 Driver (Version: 3.0.1.648 - Native Instruments) Hidden
Native Instruments Traktor Kontrol X1 MK2 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol X1 MK2 Driver) (Version: - Native Instruments)
Native Instruments Traktor Kontrol X1 MK2 Driver (Version: 3.1.1.780 - Native Instruments) Hidden
Native Instruments Traktor Kontrol Z1 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol Z1 Driver) (Version: - Native Instruments)
Native Instruments Traktor Kontrol Z1 Driver (Version: 3.1.1.780 - Native Instruments) Hidden
Native Instruments Traktor Kontrol Z2 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol Z2 Driver) (Version: - Native Instruments)
Native Instruments Traktor Kontrol Z2 Driver (Version: 3.1.0.761 - Native Instruments) Hidden
Nero 8 (HKLM-x32\...\{9EDBB857-8028-49CD-B9C9-0B4D10CD1031}) (Version: 8.10.290 - Nero AG)
neroxml (x32 Version: 1.0.0 - Nero AG) Hidden
Network64 (Version: 130.0.572.000 - Hewlett-Packard) Hidden
Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden
Notepad++ (HKLM-x32\...\Notepad++) (Version: 5.6.8 - )
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
OpenSource Flash Video Splitter 1.0.0.5 (HKLM-x32\...\OpenSource Flash Video Splitter) (Version: 1.0.0.5 - )
Opticon USB Drivers Installer (HKLM-x32\...\Opticon USB Installer) (Version: - )
Panel Client 3.2 (HKLM-x32\...\Panel Client_is1) (Version: - GfK Panel Services Deutschland GmbH)
Photo Gallery (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Pidgin (HKLM-x32\...\Pidgin) (Version: 2.10.9 - )
Platform (x32 Version: 1.39 - VIA Technologies, Inc.) Hidden
PowerISO (HKLM-x32\...\PowerISO) (Version: - )
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Razer Game Booster (HKLM-x32\...\Razer Game Booster_is1) (Version: 4.2.45.0 - Razer Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.52.203.2012 - Realtek)
Remote Mouse version 2.54 (HKLM-x32\...\{01E4BC6D-3ACC-45E1-8928-C2FF626F63F3}_is1) (Version: 2.54 - Remote Mouse)
Remote Panel Program (HKLM-x32\...\{13AA13C1-E4B9-4048-B4A6-9C9B86D44F57}) (Version: - )
RocketDock 1.3.5 (HKLM-x32\...\RocketDock_is1) (Version: - Punk Software)
Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
SmartWebPrinting (x32 Version: 130.0.457.000 - Hewlett-Packard) Hidden
SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
SpeedCommander 13 (x64) (HKLM\...\SpeedCommander 13 (x64)) (Version: 13.40.6300 - SWE Sven Ritter)
Status (x32 Version: 130.0.469.000 - Hewlett-Packard) Hidden
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.27614 - TeamViewer)
TECHNO4EVER Player 1.1.3 (HKLM-x32\...\{9AF19FCD-2362-493D-A127-C47BB284A636}) (Version: 1.1.3 - TECHNO4EVER Radio- und Mediengesellschaft mbH)
TERA (HKLM-x32\...\{A2F166A0-F031-4E27-A057-C69733219434}_is1) (Version: 7 - Gameforge Productions GmbH)
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 130.0.422.000 - Hewlett-Packard) Hidden
UnloadSupport (x32 Version: 11.0.0 - Hewlett-Packard) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{EA54F104-79D2-48CC-9ABC-91A63C43D353}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2880505) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{2720451F-5D04-43EC-AB1F-26D948FD971B}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VIA Plattform-Geräte-Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.39 - VIA Technologies, Inc.)
Vista Game Explorer Editor (HKLM-x32\...\VGEE) (Version: Beta 2.14a - Ryan Richter)
Visual C++ 9.0 CRT (x86) WinSXS MSM (x32 Version: 9.0 - Microsoft Corporation) Hidden
VLC media player 2.1.4 (HKLM\...\VLC media player) (Version: 2.1.4 - VideoLAN)
Warcraft III (HKLM-x32\...\Warcraft III) (Version: - Blizzard Entertainment)
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
Windows Cleaner (HKLM-x32\...\Vtools_WindowsCleaner_is1) (Version: 1.0.0 - Vtools)
Windows Live Communications Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Family Safety (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
winKeyLock version 1.0.1.3 (HKLM-x32\...\winKeyLock_is1) (Version: 1.0.1 - winKeyLock)
WinRAR 4.00 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.00.0 - win.rar GmbH)
WMV9/VC-1 Video Playback (Version: 1.00.0000 - ATI Technologies Inc.) Hidden
Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.2) (Version: 1.3.2 - Xvid Team)
==================== Restore Points =========================
==================== Hosts content: ==========================
2009-07-14 04:34 - 2014-05-24 12:48 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
Task: {1B2905D8-9584-4CD3-AB59-90BF090161E7} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-16] (Adobe Systems Incorporated)
Task: {24B654B2-B7EA-45CB-9CF7-95ACD67C5C7D} - System32\Tasks\Amazon Music Helper => C:\Users\Lars\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe [2014-05-08] ()
Task: {3370000F-E1FF-4575-A340-672AE206A346} - System32\Tasks\ASUS\ASUS SIX Engine => C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe [2012-01-03] (ASUSTek Computer Inc.)
Task: {3AF57CFF-0CF4-4755-BF98-509EC78AC5C8} - \DigitalSite No Task File <==== ATTENTION
Task: {3FB27DB5-FE54-4244-A9CB-9027EF2FF08C} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2013-11-20] (Apple Inc.)
Task: {54EDCEFE-8B33-42F8-9464-EEAD4AAE47B2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-07] (Google Inc.)
Task: {6E3A13BA-8055-4948-94A4-C385C5873545} - \bench-sys No Task File <==== ATTENTION
Task: {812530AD-22BA-4413-AFF6-517EC59FC1C2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-07] (Google Inc.)
Task: {A1D60D55-A6B8-401B-BC05-2938E02DF2F2} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => d:\program files\windows defender\MpCmdRun.exe
Task: {A3AE5A93-2948-485B-A93D-82B057BF782B} - \BitGuard No Task File <==== ATTENTION
Task: {B29A0C2F-3D50-434C-AC1C-80205D088FD1} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {C4E8B14A-4159-4C58-BDAD-281DBBFC97E8} - System32\Tasks\Microsoft\Windows Defender\MpIdleTask => d:\program files\windows defender\MpCmdRun.exe
Task: {CE2A5F4A-6D53-4AA9-B75E-33053699DC04} - System32\Tasks\Razer_Game_Booster_AutoUpdate => C:\Program Files (x86)\Razer\Razer Game Booster\AutoUpdate.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2014-02-20 17:46 - 2014-02-20 17:46 - 00045544 _____ () C:\Program Files (x86)\GfK-ProxyService\GfK-ProxyService.exe
2014-02-20 17:46 - 2014-02-20 17:46 - 00026600 _____ () C:\Program Files (x86)\GfK-ProxyService\ProxyUtils.dll
2014-03-03 21:50 - 2014-02-20 18:25 - 03293672 _____ () C:\Program Files (x86)\GfK Internet-Monitor\GfK-Reporting.exe
2014-03-03 21:50 - 2014-02-20 18:25 - 01356264 _____ () C:\Program Files (x86)\GfK Internet-Monitor\GfK-Updater.exe
2013-12-13 10:11 - 2014-05-08 19:26 - 03145536 _____ () C:\Users\Lars\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
2014-02-20 17:46 - 2014-02-20 17:46 - 00021480 _____ () C:\Program Files (x86)\GfK-ProxyService\GfK-ProxyWatchdog.exe
2013-02-07 15:09 - 2011-12-06 03:58 - 00078448 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\QsApoApi64.dll
2013-02-07 15:09 - 2011-12-06 03:58 - 00386160 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\Dts2ApoApi64.dll
2011-01-26 19:00 - 2011-01-26 19:00 - 00079872 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Services.dll
2011-01-26 19:01 - 2011-01-26 19:01 - 00102912 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2011-01-26 18:48 - 2011-01-26 18:48 - 00243712 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-01-20 14:16 - 2014-01-20 14:16 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-03-28 11:32 - 2012-11-08 13:19 - 00474360 _____ () C:\Program Files (x86)\GfK Internet-Monitor\UpdateHelper.dll
2013-02-07 15:10 - 2009-01-15 15:55 - 00565248 _____ () C:\Program Files (x86)\ASUS\EPU-4 Engine\pngio.dll
2013-02-07 15:10 - 2009-03-25 17:53 - 00053248 _____ () C:\Program Files (x86)\ASUS\EPU-4 Engine\AsSpindownTimeout.dll
2013-02-08 01:00 - 2007-05-28 23:13 - 00145920 _____ () C:\Program Files (x86)\Auslogics\Auslogics BoostSpeed\madBasic_.bpl
2013-02-08 01:00 - 2007-05-28 23:13 - 00316928 _____ () C:\Program Files (x86)\Auslogics\Auslogics BoostSpeed\madExcept_.bpl
2013-02-08 01:00 - 2007-05-28 23:13 - 00041984 _____ () C:\Program Files (x86)\Auslogics\Auslogics BoostSpeed\madDisAsm_.bpl
2013-02-08 01:00 - 2008-04-08 05:11 - 00053248 _____ () C:\Program Files (x86)\Auslogics\Auslogics BoostSpeed\armaccess.dll
2013-09-14 01:51 - 2013-09-14 01:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\zlib1.dll
2013-09-14 01:50 - 2013-09-14 01:50 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\libxml2.dll
2014-01-05 21:57 - 2013-11-19 22:34 - 00152576 _____ () C:\Program Files (x86)\Remote Mouse\FileS.dll
2014-05-24 10:21 - 2014-05-14 01:40 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\libglesv2.dll
2014-05-24 10:21 - 2014-05-14 01:40 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\libegl.dll
2014-05-24 10:21 - 2014-05-14 01:40 - 04217672 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\pdf.dll
2014-05-24 10:21 - 2014-05-14 01:40 - 00414536 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ppGoogleNaClPluginChrome.dll
2014-05-24 10:21 - 2014-05-14 01:40 - 01732424 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ffmpegsumo.dll
2014-05-08 09:40 - 2014-02-20 17:32 - 00256512 _____ () C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekfcceehmjiicgpkeblpbcpglgdklklh\13.4.568_0\plugin\npgacela_private.dll
2014-05-08 09:40 - 2014-02-20 17:32 - 00261608 _____ () C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekfcceehmjiicgpkeblpbcpglgdklklh\13.4.568_0\plugin\npgacela.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\Windows\system32\Drivers\nglfsegm.sys:changelist
AlternateDataStreams: C:\Windows\system32\Drivers\qqczqvzb.sys:changelist
AlternateDataStreams: C:\Windows\system32\Drivers\xrehzkvs.sys:changelist
AlternateDataStreams: C:\ProgramData\TEMP:373E1720
==================== Safe Mode (whitelisted) ===================
==================== EXE Association (whitelisted) =============
==================== Disabled items from MSCONFIG ==============
==================== Faulty Device Manager Devices =============
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: Logitech GamePanel-Geräte (QVGA)
Description: Logitech GamePanel-Geräte (QVGA)
Class Guid: {997b5d8d-c442-4f2e-baf3-9c8e671e9e21}
Manufacturer: Logitech Inc
Service: WUDFRd
Problem: : Windows cannot initialize the device driver for this hardware. (Code 37)
Resolution: The driver returned failure from its DriverEntry routine. Uninstall the driver, and then click "Scan for hardware changes" to reinstall or upgrade the driver.
Name: Logitech GamePanel-Geräte (Mono)
Description: Logitech GamePanel-Geräte (Mono)
Class Guid: {997b5d8d-c442-4f2e-baf3-9c8e671e9e21}
Manufacturer: Logitech Inc
Service: WUDFRd
Problem: : Windows cannot initialize the device driver for this hardware. (Code 37)
Resolution: The driver returned failure from its DriverEntry routine. Uninstall the driver, and then click "Scan for hardware changes" to reinstall or upgrade the driver.
==================== Event log errors: =========================
Application errors:
==================
Error: (05/26/2014 05:54:16 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/24/2014 11:09:28 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/24/2014 08:35:55 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (05/24/2014 07:17:43 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (05/24/2014 05:23:02 PM) (Source: MsiInstaller) (EventID: 1013) (User: Lars-PC)
Description: Product: DENON DJ ASIO Driver -- Unable to install because a newer version of this product is already installed.
Error: (05/24/2014 04:47:29 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
System errors:
=============
Error: (05/25/2014 01:00:16 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {3EB3C877-1F16-487C-9050-104DBCD66683}
Error: (05/25/2014 07:47:36 AM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.
Error: (05/24/2014 11:06:46 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {3EB3C877-1F16-487C-9050-104DBCD66683}
Error: (05/24/2014 08:30:44 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR2 gefunden.
Error: (05/24/2014 08:30:40 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR2 gefunden.
Error: (05/24/2014 08:06:29 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
Error: (05/24/2014 07:56:47 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
Error: (05/24/2014 07:50:30 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "HP CUE DeviceDiscovery Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (05/24/2014 07:50:30 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "hpqcxs08" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Microsoft Office Sessions:
=========================
CodeIntegrity Errors:
===================================
Date: 2014-05-24 12:46:33.858
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-05-24 12:46:33.797
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-03-02 17:26:16.370
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\cmudax3.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-03-02 17:26:16.338
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\cmudax3.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Memory info ===========================
Percentage of memory in use: 23%
Total physical RAM: 16366.12 MB
Available physical RAM: 12530 MB
Total Pagefile: 32730.41 MB
Available Pagefile: 28274.1 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:931.41 GB) (Free:63.81 GB) NTFS
Drive e: () (Fixed) (Total:372.6 GB) (Free:36.99 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: ED9E570F)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (Size: 373 GB) (Disk ID: 1E521E51)
Partition 1: (Active) - (Size=373 GB) - (Type=07 NTFS)
==================== End Of Log ============================
|
|
27.05.2014, 15:20
| #10 |
| /// TB-Ausbilder | Unerwünschte, leere Pop-up Fenster erscheinen und Wörter sind unterstrichen und verlinkt Dir ist klar, dass mit GfK Internet-Monitor dein Surfverhalten überwacht wird, ja? Dir ist auch klar, dass jeder Computer individuell behandelt werden muss, weil nicht jeder die gleichen Programme verwendet oder die gleiche Malware auf den Rechner hat? Wir entfernen die letzten Reste und kontrollieren nochmal alles. ESET kann länger (> 3 h) dauern. Im Anschluss entfernen wir alle verwendeten Tools und ich gebe dir noch ein paar Tipps mit auf den Weg. Schritt 1 Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter start
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: http=127.0.0.1:7777
SearchScopes: HKCU - {758B870D-DF78-4A6A-9955-DEDDCACF94DC} URL =
FF Extension: Address Bar Search - C:\Users\Lars\AppData\Roaming\Mozilla\Firefox\Profiles\1ipdivd3.default\Extensions\{badea1ae-72ed-4f6a-8c37-4db9a4ac7bc9}.xpi [2013-10-25]
FF Extension: HD Streamer - C:\Users\Lars\AppData\Roaming\Mozilla\Firefox\Profiles\1ipdivd3.default\Extensions\hd_streamer@iMedia [2014-05-24]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
Task: {3AF57CFF-0CF4-4755-BF98-509EC78AC5C8} - \DigitalSite No Task File <==== ATTENTION
Task: {6E3A13BA-8055-4948-94A4-C385C5873545} - \bench-sys No Task File <==== ATTENTION
Task: {A3AE5A93-2948-485B-A93D-82B057BF782B} - \BitGuard No Task File <==== ATTENTION
C:\Program Files (x86)\Vtools
C:\Users\Lars\AppData\Roaming\Apple Computer\MobileSync\Backup\0ab4a4c543c7fae001fed414d82909d2e9baf9d7
C:\Windows\System32\dfrg
C:\Windows\SysWOW64\dfrg
Reboot:
end
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Schritt 2 Bitte deaktiviere dein Anti-Viren-Programm, da es das Ergebnis beeinflussen oder ggf. die Bereinigung stören kann. Bitte lade dir zoek.exe von hier: http://hijackthis.nl/smeenk/ und speichere die Datei auf deinem Desktop.
Schritt 3 Downloade dir die passende Version von HitmanPro auf deinen Desktop: HitmanPro - 32 Bit | HitmanPro - 64 Bit.
Schritt 4 Downloade Dir bitte  SecurityCheck und:
Bitte poste mit deiner nächsten Antwort
|
|
27.05.2014, 16:21
| #11 |
| | Unerwünschte, leere Pop-up Fenster erscheinen und Wörter sind unterstrichen und verlinkt Ok. Werde ich befolgen.. Soll ich nach jedem Schritt einen Post machen oder erst alle durchgehen und im Nachgang alles posten? |
|
27.05.2014, 18:08
| #12 | |
| /// TB-Ausbilder | Unerwünschte, leere Pop-up Fenster erscheinen und Wörter sind unterstrichen und verlinktZitat:
|
|
28.05.2014, 18:24
| #13 |
| | Unerwünschte, leere Pop-up Fenster erscheinen und Wörter sind unterstrichen und verlinkt so... chef :-) alles erledigt. Schritt 1: Code:
ATTFilter Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 25-05-2014 02
Ran by Lars at 2014-05-28 18:31:04 Run:1
Running from C:\Users\Lars\Desktop\Adware Tools\Schritt 1
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
start
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: http=127.0.0.1:7777
SearchScopes: HKCU - {758B870D-DF78-4A6A-9955-DEDDCACF94DC} URL =
FF Extension: Address Bar Search - C:\Users\Lars\AppData\Roaming\Mozilla\Firefox\Profiles\1ipdivd3.default\Extensions\{badea1ae-72ed-4f6a-8c37-4db9a4ac7bc9}.xpi [2013-10-25]
FF Extension: HD Streamer - C:\Users\Lars\AppData\Roaming\Mozilla\Firefox\Profiles\1ipdivd3.default\Extensions\hd_streamer@iMedia [2014-05-24]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
Task: {3AF57CFF-0CF4-4755-BF98-509EC78AC5C8} - \DigitalSite No Task File <==== ATTENTION
Task: {6E3A13BA-8055-4948-94A4-C385C5873545} - \bench-sys No Task File <==== ATTENTION
Task: {A3AE5A93-2948-485B-A93D-82B057BF782B} - \BitGuard No Task File <==== ATTENTION
C:\Program Files (x86)\Vtools
C:\Users\Lars\AppData\Roaming\Apple Computer\MobileSync\Backup\0ab4a4c543c7fae001fed414d82909d2e9baf9d7
C:\Windows\System32\dfrg
C:\Windows\SysWOW64\dfrg
Reboot:
end
*****************
C:\Windows\system32\GroupPolicy\Machine => Moved successfully.
C:\Windows\system32\GroupPolicy\GPT.ini => Moved successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{758B870D-DF78-4A6A-9955-DEDDCACF94DC} => Key deleted successfully.
HKCR\CLSID\{758B870D-DF78-4A6A-9955-DEDDCACF94DC} => Key not found.
C:\Users\Lars\AppData\Roaming\Mozilla\Firefox\Profiles\1ipdivd3.default\Extensions\{badea1ae-72ed-4f6a-8c37-4db9a4ac7bc9}.xpi => Moved successfully.
C:\Users\Lars\AppData\Roaming\Mozilla\Firefox\Profiles\1ipdivd3.default\Extensions\hd_streamer@iMedia => Moved successfully.
HKLM\SOFTWARE\Policies\Google => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3AF57CFF-0CF4-4755-BF98-509EC78AC5C8} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3AF57CFF-0CF4-4755-BF98-509EC78AC5C8} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DigitalSite => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6E3A13BA-8055-4948-94A4-C385C5873545} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6E3A13BA-8055-4948-94A4-C385C5873545} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\bench-sys => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A3AE5A93-2948-485B-A93D-82B057BF782B} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A3AE5A93-2948-485B-A93D-82B057BF782B} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BitGuard => Key deleted successfully.
C:\Program Files (x86)\Vtools => Moved successfully.
C:\Users\Lars\AppData\Roaming\Apple Computer\MobileSync\Backup\0ab4a4c543c7fae001fed414d82909d2e9baf9d7 => Moved successfully.
"C:\Windows\System32\dfrg" => File/Directory not found.
C:\Windows\SysWOW64\dfrg => Moved successfully.
The system needed a reboot.
==== End of Fixlog ====
Code:
ATTFilter
Zoek.exe v5.0.0.0 Updated 22-05-2014
Tool run by Lars on 28.05.2014 at 18:37:33,26.
Microsoft Windows 7 eXtreme™ Draconis Edition 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Lars\Desktop\Adware Tools\Schritt 2\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
28.05.2014 18:38:43 Zoek.exe System Restore Point Created Succesfully.
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-1005217006-152471606-131910131-1000\Software\Microsoft\Internet Explorer\SearchScopes\{41F23684-D0B3-4D6C-AC19-5D82E79E82CD} deleted successfully
HKEY_USERS\S-1-5-21-1005217006-152471606-131910131-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{5BFEFF94-6411-4B74-A947-4969134B24DE} deleted successfully
==== Deleting CLSID Registry Values ======================
HKEY_USERS\S-1-5-21-1005217006-152471606-131910131-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{4D2D3B0F-69BE-477A-90F5-FDDB05357975} deleted successfully
HKEY_USERS\S-1-5-21-1005217006-152471606-131910131-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{98889811-442D-49DD-99D7-DC866BE87DBC} deleted successfully
HKEY_USERS\S-1-5-21-1005217006-152471606-131910131-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{82E1477C-B154-48D3-9891-33D83C26BCD3} deleted successfully
HKEY_USERS\S-1-5-21-1005217006-152471606-131910131-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{C1AF5FA5-852C-4C90-812E-A7F75E011D87} deleted successfully
HKEY_USERS\S-1-5-21-1005217006-152471606-131910131-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully
HKEY_USERS\S-1-5-21-1005217006-152471606-131910131-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} deleted successfully
HKEY_USERS\S-1-5-21-1005217006-152471606-131910131-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{11111111-1111-1111-1111-110311851132} deleted successfully
HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Approved Extensions\{21EAF666-26B3-4a3c-ABD0-CA2F5A326744} deleted successfully
HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Approved Extensions\{21EAF666-26B3-4a3c-ABD0-CA2F5A326744} deleted successfully
HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Approved Extensions\{21EAF666-26B3-4a3c-ABD0-CA2F5A326744} deleted successfully
HKEY_USERS\S-1-5-21-1005217006-152471606-131910131-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{21EAF666-26B3-4a3c-ABD0-CA2F5A326744} deleted successfully
HKEY_USERS\S-1-5-21-1005217006-152471606-131910131-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{93DBF2BB-A2B3-4683-A92E-57E60751F346} deleted successfully
HKEY_USERS\S-1-5-21-1005217006-152471606-131910131-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{5BFEFF94-6411-4B74-A947-4969134B24DE} deleted successfully
==== Deleting Services ======================
==== FireFox Fix ======================
Deleted from C:\Users\Lars\AppData\Roaming\Mozilla\Firefox\Profiles\1ipdivd3.default\prefs.js:
Added to C:\Users\Lars\AppData\Roaming\Mozilla\Firefox\Profiles\1ipdivd3.default\prefs.js:
user_pref("browser.startup.homepage", "hxxp://www.google.com");
user_pref("browser.search.defaulturl", "hxxp://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "hxxp://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "hxxp://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);
ProfilePath: C:\Users\Lars\AppData\Roaming\Mozilla\Firefox\Profiles\1ipdivd3.default
user.js not found
---- Lines valueApps removed from prefs.js ----
user_pref("valueApps.autoDisableScopes", 0);
---- Lines mybrowserbar removed from prefs.js ----
user_pref("extensions.vtools@mybrowserbar.com.install-event-fired", true);
---- Lines browser.startup.page removed from prefs.js ----
user_pref("browser.startup.page", 3);
---- Lines a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532 removed from prefs.js ----
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.active", true);
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.addressbar", "NA");
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.addressbarenhanced", "");
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.asyncdb_dbWasSet", true);
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.asyncdb_dbWasSet_FF25_FIX", true);
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.asyncinternaldb_dbWasSet", true);
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.asyncinternaldb_dbWasSet_FF25_FIX", true);
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.backgroundver", 1);
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.certdomaininstaller", "");
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.changeprevious", false);
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.cookie._GPL_aoi.expiration", "Fri Feb 01 2030 00
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.cookie._GPL_aoi.value", "%221386793968%22");
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.cookie._GPL_parent_zoneid.expiration", "Fri Feb
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.cookie._GPL_parent_zoneid.value", "%22345637%22"
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.cookie._GPL_zoneid.expiration", "Fri Feb 01 2030
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.cookie._GPL_zoneid.value", "%22456211%22");
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.cookie.geo.expiration", "Wed Dec 18 2013 21:32:4
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.cookie.geo.value", "%22DE%22");
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.cookie.InstallationTime.expiration", "Fri Feb 01
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.cookie.InstallationTime.value", "%221386793458%2
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.cookie.InstallerParams.expiration", "Fri Feb 01
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.cookie.InstallerParams.value", "%7B%22source_id%
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.description", "Feven Shopping Companion");
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.domain", "");
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.enablesearch", false);
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.homepage", "");
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.iframe", false);
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.InstallationThankYouPage", true);
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.InstallationTime", 1386793458);
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.internaldb._country_code_.expiration", "Fri Feb
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.internaldb._country_code_.value", "%22DE%22");
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.internaldb.installer.expiration", "Fri Feb 01 20
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.internaldb.installer.value", "%7B%22InstallerIde
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.internaldb.InstallerIdentifiers.expiration", "Fr
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.internaldb.InstallerIdentifiers.value", "%7B%22i
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.internaldb.InstallerParams.expiration", "Fri Feb
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.internaldb.InstallerParams.value", "%7B%22source
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.internaldb.InstallerParamsCache.expiration", "Fr
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.internaldb.InstallerParamsCache.value", "%7B%22s
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.internaldb.InstallerUserIdentifiersCache.expirat
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.internaldb.InstallerUserIdentifiersCache.value",
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.internaldb.monetization_plugin_last_executable_r
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.internaldb.monetization_plugin_last_executable_r
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.internaldb.Resources_appVer.expiration", "Fri Fe
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.internaldb.Resources_appVer.value", "70");
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.internaldb.Resources_lastVersion.expiration", "F
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.internaldb.Resources_lastVersion.value", "1");
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.internaldb.Resources_meta.expiration", "Fri Feb
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.internaldb.Resources_meta.value", "%7B%7D");
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.internaldb.Resources_nextCheck.expiration", "Fri
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.internaldb.Resources_nextCheck.value", "true");
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.internaldb.Resources_queue.expiration", "Fri Feb
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.internaldb.Resources_queue.value", "%7B%7D");
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.internaldb.Resources_remote_resources.expiration
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.internaldb.Resources_remote_resources.value", "%
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.lastDailyReport", "1386917723748");
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.lastUpdate", "1386917726442");
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.manifesturl", "");
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.name", "Feven 1.5");
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.newtab", "");
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.opensearch", "");
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.pluginsurl", "https://w9u6a2p6.ssl.hwcdn.net/plu
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.pluginsversion", 67);
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.publisher", "Feven");
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.searchstatus", 0);
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.setnewtab", false);
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.thankyou", "");
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.updateinterval", 360);
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.38532.ver", 70);
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.apps", "38532");
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.bic", "13f624d4447e0b1cdd658fca7c4587f0");
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.cid", 38532);
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.firstrun", false);
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.hadappinstalled", true);
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.installationdate", 1386793544);
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.modetype", "production");
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.reportInstall", true);
user_pref("extensions.a249911bcd1bd4d668c17df533609e6d8c76f3de9939e4922b73c5d7a3139375dcom38532.statsDailyCounter", 3);
---- Lines extensions.LOHi64S1y removed from prefs.js ----
user_pref("extensions.LOHi64S1y.epoch", "1401005967");
user_pref("extensions.LOHi64S1y.url", "hxxp://centergoodfind.info/sync2/?q=hfZ9ofDSBShEAen0rHC6tMqLDe49CNU0mwkMCMlNhd9FrHwGrTkGrTn9rHCMBzqUojw9rdkGqda
---- Lines extensions.N6yO5tA removed from prefs.js ----
user_pref("extensions.N6yO5tA.epoch", "1401005967");
user_pref("extensions.N6yO5tA.url", "hxxp://safefacile.net/sync2/?q=hfZ9oeDGDzrMCyVUojr6qGhTB6lKDzt4okmxtNtVh7n0rjrFrTs8rTs9rTnEtMFHhd9Fqda8rTnEpdsFrT
---- Lines extensions.tQmox removed from prefs.js ----
user_pref("extensions.tQmox.epoch", "1401005967");
---- FireFox user.js and prefs.js backups ----
prefs__1847_.backup
==== Deleting Files \ Folders ======================
C:\Users\Lars\AppData\LocalLow\{65B31E28-C534-5B46-55EB-9AAB46858685} deleted
C:\Users\Lars\AppData\Local\Packages\windows_ie_ac_001\AC\{65B31E28-C534-5B46-55EB-9AAB46858685} deleted
C:\PROGRA~3\DDJ_ASIO_Driver deleted
C:\Users\Lars\.android deleted
C:\PROGRA~3\InstallMate deleted
C:\Users\Lars\AppData\Local\cache deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\Application Updater deleted
C:\Windows\Syswow64\InstallUtil.InstallLog deleted
C:\Windows\SysWow64\searchplugins deleted
C:\Windows\SysWow64\Extensions deleted
"C:\PROGRA~3\9868df398bf17eec\{4820778D-AB0D-6D18-C316-52A6A0E1D507}" deleted
"C:\PROGRA~3\9868df398bf17eec\{A35CA8FF-CB7D-8361-1CB9-83219CD11C78}" deleted
"C:\PROGRA~3\9868df398bf17eec\{A35CA8FF-CB7D-8361-1CB9-83219CD11C78}.old" deleted
"C:\PROGRA~3\9868df398bf17eec\{AD11DADE-C597-45D9-D8C5-1D2EB0B89613}" deleted
"C:\PROGRA~3\9868df398bf17eec\{C670DCAE-E392-AA32-6F42-143C7FC4BDFD}" deleted
"C:\PROGRA~3\9868df398bf17eec\{C670DCAE-E392-AA32-6F42-143C7FC4BDFD}.old" deleted
"C:\PROGRA~3\9868df398bf17eec\{CA41BB14-E67B-1653-C57B-5CA99418A866}" deleted
"C:\PROGRA~3\9868df398bf17eec\{E32743D3-5789-6E4F-3998-06FB87C9214B}" deleted
"C:\PROGRA~3\9868df398bf17eec" deleted
==== Firefox Extensions Registry ======================
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"gacela2@nurago.com"="C:\Program Files (x86)\GfK Internet-Monitor" [28.05.2014 18:34]
[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
"smartwebprinting@hp.com"="C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3" [25.02.2013 19:27]
==== Firefox Extensions ======================
ProfilePath: C:\Users\Lars\AppData\Roaming\Mozilla\Firefox\Profiles\1ipdivd3.default
- GfK Internet-Monitor - C:\Program Files (x86)\GfK Internet-Monitor
- LastPass - %ProfilePath%\extensions\support@lastpass.com
- Flashblock - %ProfilePath%\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a}
- Personas Plus - %ProfilePath%\extensions\personas@christopher.beard.xpi
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
- Download Statusbar - %ProfilePath%\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}.xpi
- Tab Mix Plus - %ProfilePath%\extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi
AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
==== Firefox Plugins ======================
Profilepath: C:\Users\Lars\AppData\Roaming\Mozilla\Firefox\Profiles\1ipdivd3.default
A58DE0A570148AF5FF3512B2A340D09F - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll - Shockwave Flash
855B79451ECF62602F20EB4D5C71F99B - C:\Windows\SysWoW64\Adobe\Director\np32dsw.dll - Shockwave for Director / Shockwave for Director
==== Chrome Look ======================
GfK Internet-Monitor - Lars\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekfcceehmjiicgpkeblpbcpglgdklklh
AdBlock - Lars\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom
==== Chrome Fix ======================
C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_websearch.searchsunmy.info_0.localstorage deleted successfully
C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_websearch.searchsunmy.info_0.localstorage-journal deleted successfully
C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_service.pricegong.com_0.localstorage-journal deleted successfully
C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_govome.inspsearch.com_0.localstorage-journal deleted successfully
C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_continuetosave.info_0.localstorage-journal deleted successfully
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="hxxp://www.google.com"
"Use Search Asst"="yes"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="hxxp://www.google.com"
"Default_Page_URL"="hxxp://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Start Page"="hxxp://www.google.com"
"Default_Page_URL"="hxxp://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl]
"Default"="hxxp://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchUrl]
"Default"="hxxp://www.google.com"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"Default"="hxxp://www.google.com"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="hxxp://www.google.com"
"SearchAssistant"="hxxp://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="hxxp://www.google.com"
"Use Search Asst"="no"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="hxxp://go.microsoft.com/fwlink/?LinkId=69157"
"Default_Page_URL"="hxxp://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Start Page"="hxxp://go.microsoft.com/fwlink/?LinkId=69157"
"Default_Page_URL"="hxxp://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="hxxp://search.msn.com/results.asp?q=%s"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="hxxp://search.msn.com/results.asp?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="hxxp://search.msn.com/results.asp?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="hxxp://go.microsoft.com/fwlink/?LinkId=54896"
"SearchAssistant"="hxxp://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"
==== Reset Google Chrome ======================
C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
==== Reset IE Proxy ======================
Value(s) before fix:
"ProxyServer"="http=127.0.0.1:7777"
"ProxyOverride"="*.local"
"ProxyEnable"=dword:00000001
Value(s) after fix:
"ProxyEnable"=dword:00000000
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2C86C44B-F929-3FEC-2B35-93EA97C0F10D} deleted successfully
==== Empty IE Cache ======================
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Lars\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
==== Empty FireFox Cache ======================
C:\Users\Lars\AppData\Local\Mozilla\Firefox\Profiles\1ipdivd3.default\Cache will be emptied at reboot
C:\Users\Lars\AppData\Roaming\Mozilla\Firefox\Profiles\1ipdivd3.default\personas\cache emptied successfully
==== Empty Chrome Cache ======================
C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
No Java Cache Found
==== C:\zoek_backup content ======================
C:\zoek_backup (files=154 folders=32 5620989 bytes)
==== Empty Temp Folders ======================
C:\Users\Default\AppData\Local\temp emptied successfully
C:\Users\Lars\AppData\Local\Temp will be emptied at reboot
C:\Users\Public\AppData\Local\temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\Lars\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== EOF on 28.05.2014 at 18:52:34,83 ======================
Code:
ATTFilter
Code:
ATTFilter Results of screen317's Security Check version 0.99.83 Windows 7 Service Pack 1 x64 (UAC is disabled!) Internet Explorer 10 Out of date! ``````````````Antivirus/Firewall Check:`````````````` Windows Security Center service is not running! This report may not be accurate! Microsoft Security Essentials (On Access scanning disabled!) `````````Anti-malware/Other Utilities Check:````````` Windows Cleaner Java(TM) 6 Update 24 Java version out of Date! Adobe Flash Player 13.0.0.214 Adobe Reader 10.1.10 Adobe Reader out of Date! Mozilla Firefox 25.0.1 Firefox out of Date! Google Chrome 35.0.1916.114 ````````Process Check: objlist.exe by Laurent```````` Microsoft Security Essentials MSMpEng.exe Microsoft Security Essentials msseces.exe Malwarebytes Anti-Malware mbamservice.exe Malwarebytes Anti-Malware mbam.exe Malwarebytes Anti-Malware mbamscheduler.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: ````````````````````End of Log`````````````````````` |
|
28.05.2014, 20:04
| #14 |
| /// TB-Ausbilder | Unerwünschte, leere Pop-up Fenster erscheinen und Wörter sind unterstrichen und verlinkt Servus, dein Windows-Sicherheitscenter läuft nicht, das will ich mir noch ansehen: Downloade dir bitte  Farbar Service Scanner
Poste bitte den Inhalt hier. Dann noch folgendes nochmal bitte:
|
|
28.05.2014, 20:11
| #15 |
| | Unerwünschte, leere Pop-up Fenster erscheinen und Wörter sind unterstrichen und verlinkt bitte schön :-) Code:
ATTFilter Farbar Service Scanner Version: 21-05-2014
Ran by Lars (administrator) on 28-05-2014 at 21:04:12
Running from "C:\Users\Lars\Desktop\Adware Tools\NEXT"
Microsoft Windows 7 eXtreme™ Draconis Edition Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************
Internet Services:
============
Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.
IE proxy is enabled.
ProxyServer: http=127.0.0.1:7777
Windows Firewall:
=============
Firewall Disabled Policy:
==================
System Restore:
============
System Restore Disabled Policy:
========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=DWORD:1
Action Center:
============
Windows Update:
============
Windows Autoupdate Disabled Policy:
============================
Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.
Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1
Other Services:
==============
File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\iphlpsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
**** End of log ****
Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-05-2014 02
Ran by Lars at 2014-05-28 21:06:37
Running from C:\Users\Lars\Desktop\Adware Tools\NEXT
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
==================== Installed Programs ======================
3DMark06 (HKLM-x32\...\{7F3AD00A-1819-4B15-BB7D-08B3586336D7}) (Version: 1.2.1 - Futuremark Corporation)
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.7.0.1530 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.7.0.1530 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Reader X (10.1.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.10 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.5 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.5.9.620 - Adobe Systems, Inc.)
AIO_CDB_ProductContext (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
AIO_CDB_Software (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
AIO_Scan (x32 Version: 130.0.421.000 - Hewlett-Packard) Hidden
Amazon Cloud Player (HKCU\...\Amazon Amazon Cloud Player) (Version: 2.4.0.33 - Amazon Services LLC)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - ATI Technologies Inc.) Hidden
AMD Fuel (Version: 2011.0126.1749.31909 - Ihr Firmenname) Hidden
Apple Application Support (HKLM-x32\...\{D9DAD0FF-495A-472B-9F10-BAE430A26682}) (Version: 3.0.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.14.3.0 - Asmedia Technology)
ATI AVIVO64 Codecs (Version: 11.6.0.10126 - ATI Technologies Inc.) Hidden
ATI Catalyst Install Manager (HKLM\...\{7DE8BAC9-CAF4-FFAD-081A-6D74412E28A6}) (Version: 3.0.812.0 - ATI Technologies, Inc.)
Audio Recorder for Free (HKLM-x32\...\Audio Recorder for Free) (Version: - Audio-Tool.net)
Aureon 5.1 PCI (HKLM\...\C-Media PCI Audio Driver) (Version: - )
Auslogics BoostSpeed (HKLM-x32\...\{7216871F-869E-437C-B9BF-2A13F2DCE63F}_is1) (Version: version 4.4 - Auslogics Software Pty Ltd)
Biet-O-Matic v2.14.12 (HKLM-x32\...\Biet-O-Matic v2.14.12) (Version: 2.14.12 - BOM Development Team)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2011.0126.1749.31909 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2011.0126.1749.31909 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2011.0126.1749.31909 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2011.0126.1748.31909 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2011.0126.1748.31909 - ATI) Hidden
CCC Help Czech (x32 Version: 2011.0126.1748.31909 - ATI) Hidden
CCC Help Danish (x32 Version: 2011.0126.1748.31909 - ATI) Hidden
CCC Help Dutch (x32 Version: 2011.0126.1748.31909 - ATI) Hidden
CCC Help English (x32 Version: 2011.0126.1748.31909 - ATI) Hidden
CCC Help Finnish (x32 Version: 2011.0126.1748.31909 - ATI) Hidden
CCC Help French (x32 Version: 2011.0126.1748.31909 - ATI) Hidden
CCC Help German (x32 Version: 2011.0126.1748.31909 - ATI) Hidden
CCC Help Greek (x32 Version: 2011.0126.1748.31909 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2011.0126.1748.31909 - ATI) Hidden
CCC Help Italian (x32 Version: 2011.0126.1748.31909 - ATI) Hidden
CCC Help Japanese (x32 Version: 2011.0126.1748.31909 - ATI) Hidden
CCC Help Korean (x32 Version: 2011.0126.1748.31909 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2011.0126.1748.31909 - ATI) Hidden
CCC Help Polish (x32 Version: 2011.0126.1748.31909 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2011.0126.1748.31909 - ATI) Hidden
CCC Help Russian (x32 Version: 2011.0126.1748.31909 - ATI) Hidden
CCC Help Spanish (x32 Version: 2011.0126.1748.31909 - ATI) Hidden
CCC Help Swedish (x32 Version: 2011.0126.1748.31909 - ATI) Hidden
CCC Help Thai (x32 Version: 2011.0126.1748.31909 - ATI) Hidden
CCC Help Turkish (x32 Version: 2011.0126.1748.31909 - ATI) Hidden
ccc-core-static (x32 Version: 2011.0126.1749.31909 - Ihr Firmenname) Hidden
ccc-utility64 (Version: 2011.0126.1749.31909 - ATI) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 3.04 - Piriform)
Copy (x32 Version: 130.0.428.000 - Hewlett-Packard) Hidden
CPUID CPU-Z 1.61.3 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DC-Bass Source 1.3.0 (HKLM-x32\...\DC-Bass Source) (Version: - )
DENON DJ ASIO Driver (HKLM-x32\...\{E4EC27CD-229E-481E-84F1-7AB83AC479BE}) (Version: 2.2.2 - DENON_DJ)
Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 130.0.465.000 - Hewlett-Packard) Hidden
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.8 - DivX, LLC)
DocProc (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
eMule (HKLM-x32\...\eMule) (Version: - )
EPSON AL-C1600 (HKLM\...\EPSON AL-C1600) (Version: - )
EPU-4 Engine (HKLM-x32\...\{8F66047B-1AF3-40D9-80D7-106E2EDC2C2A}) (Version: 1.03.03 - )
F300 (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
F300_Help (x32 Version: 82.0.242.000 - Hewlett-Packard) Hidden
F300Trb (x32 Version: 82.0.242.000 - Hewlett-Packard) Hidden
Fax (x32 Version: 130.0.418.000 - Hewlett-Packard) Hidden
Fences 2 (HKLM-x32\...\Fences 22.01) (Version: 2.01 - Stardock Corporation)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
GfK Internet-Monitor (HKLM-x32\...\39992AD7-103F-4308-8BB7-3F65F543604D) (Version: 12.6.186 - GfK)
GfK Proxy Service (HKLM-x32\...\NuragoProxyService) (Version: - )
GIMP 2.6.11 (HKLM-x32\...\WinGimp-2.0_is1) (Version: 2.6.11 - The GIMP Team)
GMX ProfiFax (HKLM-x32\...\GMX ProfiFax) (Version: 2.00.236 - 1&1 Mail & Media GmbH)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.114 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HashCheck Shell Extension (x86-32) (HKLM-x32\...\HashCheck Shell Extension) (Version: 2.1.11.1 - Kai Liu)
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP)
HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. B (HKLM\...\{B61ED343-0B14-4241-999C-490CB1A20DA4}) (Version: 13.0 - HP)
HP Smart Web Printing 4.51 (HKLM\...\HP Smart Web Printing) (Version: 4.51 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Update (HKLM-x32\...\{7059BDA7-E1DB-442C-B7A1-6144596720A4}) (Version: 4.000.011.006 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
HPPhotoGadget (x32 Version: 130.0.282.000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabelContent1 (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPPhotosmartEssential (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HydraVision (x32 Version: 4.2.184.0 - ATI Technologies Inc.) Hidden
iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)
iTunes (HKLM\...\{9D20916D-C1E9-4E39-9723-13D200D87C40}) (Version: 11.2.0.114 - Apple Inc.)
Java 7 Update 13 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417013FF}) (Version: 7.0.130 - Oracle)
Java(TM) 6 Update 24 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216024FF}) (Version: 6.0.240 - Oracle)
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
K-Lite Codec Pack (64-bit) v4.5.0 (HKLM\...\KLiteCodecPack64_is1) (Version: 4.5.0 - )
K-Lite Codec Pack 7.0.0 (Full) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 7.0.0 - )
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
League of Legends (HKLM-x32\...\{92606477-9366-4D3B-8AE3-6BE4B29727AB}) (Version: 1.3 - Riot Games)
Logitech GamePanel Software 3.03.133 (HKLM\...\{6CC95B76-D380-46B2-9022-9353938E48BA}) (Version: 3.03.133 - Logitech Inc.)
Logitech GamePanel Software 3.06.109 (HKLM\...\{A1E85B9A-AFAD-4D38-AF01-6B020DD5213A}) (Version: 3.06.109 - Logitech Inc.)
Lumac (HKLM-x32\...\InstallShield_{5DE11949-2B11-4F13-BAD5-1C237122CFDB}) (Version: 1.1.92.0 - Firstload)
Lumac (x32 Version: 1.1.92.0 - Firstload) Hidden
MAGIX Media Manager 2004 silver (HKLM-x32\...\MAGIX Media Manager 2004 silver) (Version: 2.0.7.0 - MAGIX AG)
MAGIX Online Druck Service (HKLM-x32\...\MAGIX Online Druck Service) (Version: - Silverwire Software GmbH)
MAGIX ringtone maker (HKLM-x32\...\MAGIX ringtone maker) (Version: 1.0.0.4 - MAGIX AG)
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0407-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.0.4035.0328 - Microsoft Corporation)
Microsoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft XML Parser (x32 Version: 8.0.7820.0 - Microsoft Corporation) Hidden
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 25.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 25.0.1 (x86 de)) (Version: 25.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 25.0.1 - Mozilla)
Mp3tag v2.59a (HKLM-x32\...\Mp3tag) (Version: v2.59a - Florian Heidenreich)
MSI Afterburner 2.1.0 (HKLM-x32\...\Afterburner) (Version: 2.1.0 - MSI Co., LTD)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Native Instruments Audio 2 DJ (HKLM-x32\...\Native Instruments Audio 2 DJ) (Version: - Native Instruments)
Native Instruments Audio 2 DJ Driver (HKLM-x32\...\Native Instruments Audio 2 DJ Driver) (Version: - Native Instruments)
Native Instruments Audio 2 DJ Driver (Version: 3.1.0.761 - Native Instruments) Hidden
Native Instruments Audio 4 DJ (HKLM-x32\...\Native Instruments Audio 4 DJ) (Version: - Native Instruments)
Native Instruments Audio 4 DJ Driver (HKLM-x32\...\Native Instruments Audio 4 DJ Driver) (Version: - Native Instruments)
Native Instruments Audio 4 DJ Driver (Version: 3.1.0.761 - Native Instruments) Hidden
Native Instruments Audio 8 DJ (HKLM-x32\...\Native Instruments Audio 8 DJ) (Version: - Native Instruments)
Native Instruments Audio 8 DJ Driver (HKLM-x32\...\Native Instruments Audio 8 DJ Driver) (Version: - Native Instruments)
Native Instruments Audio 8 DJ Driver (Version: 3.1.0.761 - Native Instruments) Hidden
Native Instruments Controller Editor (HKLM-x32\...\Native Instruments Controller Editor) (Version: 1.6.3.46 - Native Instruments)
Native Instruments Controller Editor (Version: 1.6.3.46 - Native Instruments) Hidden
Native Instruments Maschine Controller (HKLM-x32\...\Native Instruments Maschine Controller) (Version: - Native Instruments)
Native Instruments Maschine Controller (Version: 3.0.1.648 - Native Instruments) Hidden
Native Instruments Service Center (HKLM-x32\...\Native Instruments Service Center) (Version: - Native Instruments)
Native Instruments Service Center (Version: 2.2.6.676 - Native Instruments) Hidden
Native Instruments Traktor 2 (HKLM-x32\...\Native Instruments Traktor 2) (Version: 2.6.8.382 - Native Instruments)
Native Instruments Traktor 2 (Version: 2.6.8.382 - Native Instruments) Hidden
Native Instruments Traktor Audio 10 (HKLM-x32\...\Native Instruments Traktor Audio 10) (Version: - Native Instruments)
Native Instruments Traktor Audio 10 Driver (HKLM-x32\...\Native Instruments Traktor Audio 10 Driver) (Version: - Native Instruments)
Native Instruments Traktor Audio 10 Driver (Version: 3.1.0.761 - Native Instruments) Hidden
Native Instruments Traktor Audio 2 (HKLM-x32\...\Native Instruments Traktor Audio 2) (Version: - Native Instruments)
Native Instruments Traktor Audio 2 Driver (HKLM-x32\...\Native Instruments Traktor Audio 2 Driver) (Version: - Native Instruments)
Native Instruments Traktor Audio 2 Driver (Version: 3.1.0.761 - Native Instruments) Hidden
Native Instruments Traktor Audio 2 MK2 Driver (HKLM-x32\...\Native Instruments Traktor Audio 2 MK2 Driver) (Version: - Native Instruments)
Native Instruments Traktor Audio 2 MK2 Driver (Version: 3.1.3.804 - Native Instruments) Hidden
Native Instruments Traktor Audio 6 (HKLM-x32\...\Native Instruments Traktor Audio 6) (Version: - Native Instruments)
Native Instruments Traktor Audio 6 Driver (HKLM-x32\...\Native Instruments Traktor Audio 6 Driver) (Version: - Native Instruments)
Native Instruments Traktor Audio 6 Driver (Version: 3.1.0.761 - Native Instruments) Hidden
Native Instruments Traktor Kontrol F1 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol F1 Driver) (Version: - Native Instruments)
Native Instruments Traktor Kontrol F1 Driver (Version: 3.0.2.664 - Native Instruments) Hidden
Native Instruments Traktor Kontrol S2 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol S2 Driver) (Version: - Native Instruments)
Native Instruments Traktor Kontrol S2 Driver (Version: 3.1.0.761 - Native Instruments) Hidden
Native Instruments Traktor Kontrol S2 MK2 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol S2 MK2 Driver) (Version: - Native Instruments)
Native Instruments Traktor Kontrol S2 MK2 Driver (Version: 3.1.2.795 - Native Instruments) Hidden
Native Instruments Traktor Kontrol S4 (HKLM-x32\...\Native Instruments Traktor Kontrol S4) (Version: - Native Instruments)
Native Instruments Traktor Kontrol S4 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol S4 Driver) (Version: - Native Instruments)
Native Instruments Traktor Kontrol S4 Driver (Version: 3.1.0.761 - Native Instruments) Hidden
Native Instruments Traktor Kontrol S4 MK2 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol S4 MK2 Driver) (Version: - Native Instruments)
Native Instruments Traktor Kontrol S4 MK2 Driver (Version: 3.1.2.795 - Native Instruments) Hidden
Native Instruments Traktor Kontrol X1 (HKLM-x32\...\Native Instruments Traktor Kontrol X1) (Version: - Native Instruments)
Native Instruments Traktor Kontrol X1 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol X1 Driver) (Version: - Native Instruments)
Native Instruments Traktor Kontrol X1 Driver (Version: 3.0.1.648 - Native Instruments) Hidden
Native Instruments Traktor Kontrol X1 MK2 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol X1 MK2 Driver) (Version: - Native Instruments)
Native Instruments Traktor Kontrol X1 MK2 Driver (Version: 3.1.1.780 - Native Instruments) Hidden
Native Instruments Traktor Kontrol Z1 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol Z1 Driver) (Version: - Native Instruments)
Native Instruments Traktor Kontrol Z1 Driver (Version: 3.1.1.780 - Native Instruments) Hidden
Native Instruments Traktor Kontrol Z2 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol Z2 Driver) (Version: - Native Instruments)
Native Instruments Traktor Kontrol Z2 Driver (Version: 3.1.0.761 - Native Instruments) Hidden
Nero 8 (HKLM-x32\...\{9EDBB857-8028-49CD-B9C9-0B4D10CD1031}) (Version: 8.10.290 - Nero AG)
neroxml (x32 Version: 1.0.0 - Nero AG) Hidden
Network64 (Version: 130.0.572.000 - Hewlett-Packard) Hidden
Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden
Notepad++ (HKLM-x32\...\Notepad++) (Version: 5.6.8 - )
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
OpenSource Flash Video Splitter 1.0.0.5 (HKLM-x32\...\OpenSource Flash Video Splitter) (Version: 1.0.0.5 - )
Opticon USB Drivers Installer (HKLM-x32\...\Opticon USB Installer) (Version: - )
Panel Client 3.2 (HKLM-x32\...\Panel Client_is1) (Version: - GfK Panel Services Deutschland GmbH)
Photo Gallery (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Pidgin (HKLM-x32\...\Pidgin) (Version: 2.10.9 - )
Platform (x32 Version: 1.39 - VIA Technologies, Inc.) Hidden
PowerISO (HKLM-x32\...\PowerISO) (Version: - )
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Razer Game Booster (HKLM-x32\...\Razer Game Booster_is1) (Version: 4.2.45.0 - Razer Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.52.203.2012 - Realtek)
Remote Mouse version 2.54 (HKLM-x32\...\{01E4BC6D-3ACC-45E1-8928-C2FF626F63F3}_is1) (Version: 2.54 - Remote Mouse)
Remote Panel Program (HKLM-x32\...\{13AA13C1-E4B9-4048-B4A6-9C9B86D44F57}) (Version: - )
RocketDock 1.3.5 (HKLM-x32\...\RocketDock_is1) (Version: - Punk Software)
Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
SmartWebPrinting (x32 Version: 130.0.457.000 - Hewlett-Packard) Hidden
SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
SpeedCommander 13 (x64) (HKLM\...\SpeedCommander 13 (x64)) (Version: 13.40.6300 - SWE Sven Ritter)
Status (x32 Version: 130.0.469.000 - Hewlett-Packard) Hidden
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.27614 - TeamViewer)
TECHNO4EVER Player 1.1.3 (HKLM-x32\...\{9AF19FCD-2362-493D-A127-C47BB284A636}) (Version: 1.1.3 - TECHNO4EVER Radio- und Mediengesellschaft mbH)
TERA (HKLM-x32\...\{A2F166A0-F031-4E27-A057-C69733219434}_is1) (Version: 7 - Gameforge Productions GmbH)
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 130.0.422.000 - Hewlett-Packard) Hidden
UnloadSupport (x32 Version: 11.0.0 - Hewlett-Packard) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{EA54F104-79D2-48CC-9ABC-91A63C43D353}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2880505) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{2720451F-5D04-43EC-AB1F-26D948FD971B}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VIA Plattform-Geräte-Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.39 - VIA Technologies, Inc.)
Vista Game Explorer Editor (HKLM-x32\...\VGEE) (Version: Beta 2.14a - Ryan Richter)
Visual C++ 9.0 CRT (x86) WinSXS MSM (x32 Version: 9.0 - Microsoft Corporation) Hidden
VLC media player 2.1.4 (HKLM\...\VLC media player) (Version: 2.1.4 - VideoLAN)
Warcraft III (HKLM-x32\...\Warcraft III) (Version: - Blizzard Entertainment)
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
Windows Cleaner (HKLM-x32\...\Vtools_WindowsCleaner_is1) (Version: 1.0.0 - Vtools)
Windows Live Communications Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Family Safety (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
winKeyLock version 1.0.1.3 (HKLM-x32\...\winKeyLock_is1) (Version: 1.0.1 - winKeyLock)
WinRAR 4.00 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.00.0 - win.rar GmbH)
WMV9/VC-1 Video Playback (Version: 1.00.0000 - ATI Technologies Inc.) Hidden
Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.2) (Version: 1.3.2 - Xvid Team)
==================== Restore Points =========================
26-05-2014 19:59:59 Gerätetreiber-Paketinstallation: TerraTec Electronic GmbH Audio-, Video- und Gamecontroller
26-05-2014 20:26:31 Gerätetreiber-Paketinstallation: TerraTec Electronic GmbH Audio-, Video- und Gamecontroller
28-05-2014 16:38:29 zoek.exe restore point
28-05-2014 16:45:15 Windows Update
==================== Hosts content: ==========================
2009-07-14 04:34 - 2014-05-24 12:48 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
Task: {1B2905D8-9584-4CD3-AB59-90BF090161E7} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-16] (Adobe Systems Incorporated)
Task: {24B654B2-B7EA-45CB-9CF7-95ACD67C5C7D} - System32\Tasks\Amazon Music Helper => C:\Users\Lars\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe [2014-05-08] ()
Task: {3370000F-E1FF-4575-A340-672AE206A346} - System32\Tasks\ASUS\ASUS SIX Engine => C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe [2012-01-03] (ASUSTek Computer Inc.)
Task: {3FB27DB5-FE54-4244-A9CB-9027EF2FF08C} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2013-11-20] (Apple Inc.)
Task: {54EDCEFE-8B33-42F8-9464-EEAD4AAE47B2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-07] (Google Inc.)
Task: {812530AD-22BA-4413-AFF6-517EC59FC1C2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-07] (Google Inc.)
Task: {A1D60D55-A6B8-401B-BC05-2938E02DF2F2} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => d:\program files\windows defender\MpCmdRun.exe
Task: {B29A0C2F-3D50-434C-AC1C-80205D088FD1} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {C4E8B14A-4159-4C58-BDAD-281DBBFC97E8} - System32\Tasks\Microsoft\Windows Defender\MpIdleTask => d:\program files\windows defender\MpCmdRun.exe
Task: {CE2A5F4A-6D53-4AA9-B75E-33053699DC04} - System32\Tasks\Razer_Game_Booster_AutoUpdate => C:\Program Files (x86)\Razer\Razer Game Booster\AutoUpdate.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2013-02-07 14:55 - 2011-03-02 13:40 - 00164864 _____ () C:\Program Files\WinRAR\rarext.dll
2013-12-13 10:11 - 2014-05-08 19:26 - 03145536 _____ () C:\Users\Lars\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
2014-02-20 17:46 - 2014-02-20 17:46 - 00021480 _____ () C:\Program Files (x86)\GfK-ProxyService\GfK-ProxyWatchdog.exe
2014-02-20 17:46 - 2014-02-20 17:46 - 00026600 _____ () C:\Program Files (x86)\GfK-ProxyService\ProxyUtils.dll
2013-02-07 15:09 - 2011-12-06 03:58 - 00078448 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\QsApoApi64.dll
2013-02-07 15:09 - 2011-12-06 03:58 - 00386160 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\Dts2ApoApi64.dll
2014-03-03 21:50 - 2014-02-20 18:25 - 03293672 _____ () C:\Program Files (x86)\GfK Internet-Monitor\GfK-Reporting.exe
2014-03-03 21:50 - 2014-02-20 18:25 - 01356264 _____ () C:\Program Files (x86)\GfK Internet-Monitor\GfK-Updater.exe
2011-01-26 19:00 - 2011-01-26 19:00 - 00079872 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Services.dll
2014-02-20 17:46 - 2014-02-20 17:46 - 00045544 _____ () C:\Program Files (x86)\GfK-ProxyService\GfK-ProxyService.exe
2013-02-07 15:10 - 2009-01-15 15:55 - 00565248 _____ () C:\Program Files (x86)\ASUS\EPU-4 Engine\pngio.dll
2013-02-07 15:10 - 2009-03-25 17:53 - 00053248 _____ () C:\Program Files (x86)\ASUS\EPU-4 Engine\AsSpindownTimeout.dll
2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-01-20 14:16 - 2014-01-20 14:16 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-02-08 01:00 - 2007-05-28 23:13 - 00145920 _____ () C:\Program Files (x86)\Auslogics\Auslogics BoostSpeed\madBasic_.bpl
2013-02-08 01:00 - 2007-05-28 23:13 - 00316928 _____ () C:\Program Files (x86)\Auslogics\Auslogics BoostSpeed\madExcept_.bpl
2013-02-08 01:00 - 2007-05-28 23:13 - 00041984 _____ () C:\Program Files (x86)\Auslogics\Auslogics BoostSpeed\madDisAsm_.bpl
2013-02-08 01:00 - 2008-04-08 05:11 - 00053248 _____ () C:\Program Files (x86)\Auslogics\Auslogics BoostSpeed\armaccess.dll
2013-09-14 01:51 - 2013-09-14 01:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\zlib1.dll
2013-09-14 01:50 - 2013-09-14 01:50 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\libxml2.dll
2014-01-05 21:57 - 2013-11-19 22:34 - 00152576 _____ () C:\Program Files (x86)\Remote Mouse\FileS.dll
2013-03-28 11:32 - 2012-11-08 13:19 - 00474360 _____ () C:\Program Files (x86)\GfK Internet-Monitor\UpdateHelper.dll
2014-05-24 10:21 - 2014-05-14 01:40 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\libglesv2.dll
2014-05-24 10:21 - 2014-05-14 01:40 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\libegl.dll
2014-05-24 10:21 - 2014-05-14 01:40 - 04217672 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\pdf.dll
2014-05-24 10:21 - 2014-05-14 01:40 - 00414536 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ppGoogleNaClPluginChrome.dll
2014-05-24 10:21 - 2014-05-14 01:40 - 01732424 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ffmpegsumo.dll
2014-05-24 10:21 - 2014-05-14 01:40 - 13695816 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\PepperFlash\pepflashplayer.dll
2014-05-28 20:14 - 2014-02-20 17:32 - 00256512 _____ () C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekfcceehmjiicgpkeblpbcpglgdklklh\13.4.568_0\plugin\npgacela_private.dll
2014-05-28 20:14 - 2014-02-20 17:32 - 00261608 _____ () C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekfcceehmjiicgpkeblpbcpglgdklklh\13.4.568_0\plugin\npgacela.dll
2014-03-31 21:35 - 2014-03-31 21:35 - 00282304 _____ () C:\Program Files (x86)\Windows Live\Writer\de\WindowsLive.Writer.Localization.resources.dll
2014-01-20 14:16 - 2014-01-20 14:16 - 00237384 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\Windows\system32\Drivers\nglfsegm.sys:changelist
AlternateDataStreams: C:\Windows\system32\Drivers\qqczqvzb.sys:changelist
AlternateDataStreams: C:\Windows\system32\Drivers\xrehzkvs.sys:changelist
AlternateDataStreams: C:\ProgramData\TEMP:373E1720
==================== Safe Mode (whitelisted) ===================
==================== EXE Association (whitelisted) =============
==================== Disabled items from MSCONFIG ==============
==================== Faulty Device Manager Devices =============
Name: Microsoft-Teredo-Tunneling-Adapter
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (05/28/2014 07:15:47 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/28/2014 06:53:57 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/28/2014 06:35:18 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/28/2014 06:26:09 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/26/2014 10:29:52 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/26/2014 10:23:05 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/26/2014 10:18:51 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/26/2014 10:15:32 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/26/2014 09:57:49 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/26/2014 09:31:42 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
System errors:
=============
Error: (05/28/2014 07:14:37 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "GfK-Proxy-Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (05/28/2014 07:14:37 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst GfK-Proxy-Service erreicht.
Error: (05/28/2014 07:13:44 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Der Dienst "HitmanPro 3.7 Crusader (Boot)" wurde mit folgendem dienstspezifischem Fehler beendet: %%0.
Error: (05/28/2014 07:12:20 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {3EB3C877-1F16-487C-9050-104DBCD66683}
Error: (05/28/2014 06:51:19 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {3EB3C877-1F16-487C-9050-104DBCD66683}
Error: (05/28/2014 06:47:51 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
Error: (05/28/2014 06:47:51 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
Error: (05/28/2014 06:47:50 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
Error: (05/28/2014 06:47:50 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
Error: (05/28/2014 06:47:49 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
Microsoft Office Sessions:
=========================
CodeIntegrity Errors:
===================================
Date: 2014-05-26 22:21:43.581
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\cmudax3.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-05-26 22:21:43.503
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\cmudax3.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-05-26 22:20:12.660
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\cmudax3.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-05-26 22:20:12.584
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\cmudax3.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-05-26 22:19:12.490
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\cmudax3.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-05-26 22:19:12.430
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\cmudax3.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-05-26 21:56:17.001
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\cmudax3.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-05-26 21:56:16.907
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\cmudax3.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-05-26 21:55:02.316
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\cmudax3.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-05-26 21:55:02.246
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\cmudax3.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Memory info ===========================
Percentage of memory in use: 23%
Total physical RAM: 16366.12 MB
Available physical RAM: 12596.19 MB
Total Pagefile: 32730.41 MB
Available Pagefile: 28313.02 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:931.41 GB) (Free:61.82 GB) NTFS
Drive e: () (Fixed) (Total:372.6 GB) (Free:36.99 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: ED9E570F)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (Size: 373 GB) (Disk ID: 1E521E51)
Partition 1: (Active) - (Size=373 GB) - (Type=07 NTFS)
==================== End Of Log ============================
FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-05-2014 02 Ran by Lars (administrator) on LARS-PC on 28-05-2014 21:06:06 Running from C:\Users\Lars\Desktop\Adware Tools\NEXT Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: German Standard Internet Explorer Version 10 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe () C:\Users\Lars\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe (Advanced Micro Devices) C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe (Logitech Inc.) C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe (Logitech Inc.) C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe (Auslogics) C:\Program Files (x86)\Auslogics\Auslogics BoostSpeed\BoostSpeed.exe (Nero AG) C:\Program Files (x86)\Common Files\Nero\Lib\NMBgMonitor.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe (RemoteMouse.net) C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe () C:\Program Files (x86)\GfK-ProxyService\GfK-ProxyWatchdog.exe (Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe (PowerISO Computing, Inc.) C:\Program Files (x86)\PowerISO\PWRISOVM.EXE (Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe () C:\Program Files (x86)\GfK Internet-Monitor\GfK-Reporting.exe () C:\Program Files (x86)\GfK Internet-Monitor\GfK-Updater.exe (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (Nero AG) C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe (Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe (Razer Inc.) C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe (VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Nero AG) C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Nero AG) C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe (Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe (Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe (Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe () C:\Program Files (x86)\GfK-ProxyService\GfK-ProxyService.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (GfK) C:\Program Files (x86)\GfK Internet-Monitor\Chrome Extension\GfK-Chrome-Helper.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (Microsoft Corporation) C:\Program Files (x86)\Windows Live\Mail\wlmail.exe (Microsoft Corporation) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Apple Inc.) C:\Program Files (x86)\iTunes\iTunes.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\ATH.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation) HKLM\...\Run: [Launch LgDeviceAgent] => C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe [415816 2010-08-03] (Logitech Inc.) HKLM\...\Run: [Launch LCDMon] => C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe [2412616 2010-08-03] (Logitech Inc.) HKLM\...\Run: [Launch LGDCore] => C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe [4725320 2010-08-03] (Logitech Inc.) HKLM\...\Run: [Fences] => C:\Program Files (x86)\Stardock\Fences\Fences.exe [4017368 2012-10-29] (Stardock Corporation) HKLM\...\Run: [CmPCIaudio] => C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\cmicnfg3.cpl,CMICtrlWnd HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5015040 2012-02-09] (VIA) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-01-26] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated) HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.) HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54840 2007-05-08] (Hewlett-Packard) HKLM-x32\...\Run: [hpqSRMon] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard) HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [180224 2009-03-15] (PowerISO Computing, Inc.) HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.) HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-05-14] (Apple Inc.) HKU\.DEFAULT\...\Run: [GfK-Proxy-Service] => C:\Program Files (x86)\GfK-ProxyService\GfK-ProxyWatchdog.exe [21480 2014-02-20] () HKU\.DEFAULT\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1 HKU\.DEFAULT\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1 HKU\.DEFAULT\...\Policies\Explorer: [NoResolveSearch] 1 HKU\.DEFAULT\...\Policies\Explorer: [NoInternetOpenWith] 1 HKU\S-1-5-21-1005217006-152471606-131910131-1000\...\Run: [Auslogics BoostSpeed 4] => C:\Program Files (x86)\Auslogics\Auslogics BoostSpeed\boostspeed.exe [362096 2009-03-16] (Auslogics) HKU\S-1-5-21-1005217006-152471606-131910131-1000\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files (x86)\Common Files\Nero\Lib\NMBgMonitor.exe [202024 2007-10-23] (Nero AG) HKU\S-1-5-21-1005217006-152471606-131910131-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-11-20] (Apple Inc.) HKU\S-1-5-21-1005217006-152471606-131910131-1000\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-11-20] (Apple Inc.) HKU\S-1-5-21-1005217006-152471606-131910131-1000\...\Run: [Amazon Cloud Player] => C:\Users\Lars\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe [3145536 2014-05-08] () HKU\S-1-5-21-1005217006-152471606-131910131-1000\...\Run: [Remote Mouse] => C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe [1200640 2014-03-30] (RemoteMouse.net) HKU\S-1-5-21-1005217006-152471606-131910131-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20922016 2014-02-10] (Skype Technologies S.A.) HKU\S-1-5-21-1005217006-152471606-131910131-1000\...\Run: [GfK-Proxy-Service] => C:\Program Files (x86)\GfK-ProxyService\GfK-ProxyWatchdog.exe [21480 2014-02-20] () HKU\S-1-5-21-1005217006-152471606-131910131-1000\...\Policies\Explorer: [NoInternetOpenWith] 1 Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.) Startup: C:\Users\Lars\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Fences.lnk ShortcutTarget: Fences.lnk -> C:\Program Files (x86)\Stardock\Fences\Fences.exe (Stardock Corporation) ==================== Internet (Whitelisted) ==================== ProxyEnable: Internet Explorer proxy is enabled. ProxyServer: http=127.0.0.1:7777 HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe SearchScopes: HKLM - {758B870D-DF78-4A6A-9955-DEDDCACF94DC} URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage} SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage} SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage} BHO: GfK Internet-Monitor - {4BEEA052-726D-4A6E-B65D-A6BD07C263F3} - C:\Program Files (x86)\GfK Internet-Monitor\x64\Gacela2.dll (GfK) BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.) BHO-x32: GfK Internet-Monitor - {4BEEA052-726D-4A6E-B65D-A6BD07C263F3} - C:\Program Files (x86)\GfK Internet-Monitor\Gacela2.dll (GfK) BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.) BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.) Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 FireFox: ======== FF ProfilePath: C:\Users\Lars\AppData\Roaming\Mozilla\Firefox\Profiles\1ipdivd3.default FF NewTab: hxxp://www.google.com/ FF DefaultSearchEngine: Google FF SearchEngineOrder.1: Google FF SelectedSearchEngine: Google FF Homepage: hxxp://www.google.com FF Keyword.URL: hxxp://www.google.com/search?btnG=Google+Search&q= FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll () FF Plugin: @java.com/DTPlugin,version=10.13.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.13.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=2.1.1 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.3 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.4 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll () FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll No File FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll No File FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKCU: @phonostar.de/phonostar-Player - C:\Program Files (x86)\phonostar-Player\npphonostarDetectNP.dll No File FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll (Sun Microsystems, Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.) FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml FF Extension: LastPass - C:\Users\Lars\AppData\Roaming\Mozilla\Firefox\Profiles\1ipdivd3.default\Extensions\support@lastpass.com [2013-04-26] FF Extension: Flashblock - C:\Users\Lars\AppData\Roaming\Mozilla\Firefox\Profiles\1ipdivd3.default\Extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a} [2013-11-16] FF Extension: Personas Plus - C:\Users\Lars\AppData\Roaming\Mozilla\Firefox\Profiles\1ipdivd3.default\Extensions\personas@christopher.beard.xpi [2013-02-08] FF Extension: Adblock Plus - C:\Users\Lars\AppData\Roaming\Mozilla\Firefox\Profiles\1ipdivd3.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-10-26] FF Extension: Download Statusbar - C:\Users\Lars\AppData\Roaming\Mozilla\Firefox\Profiles\1ipdivd3.default\Extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}.xpi [2013-02-08] FF Extension: Tab Mix Plus - C:\Users\Lars\AppData\Roaming\Mozilla\Firefox\Profiles\1ipdivd3.default\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2013-09-21] FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013-02-25] FF HKLM-x32\...\Firefox\Extensions: [gacela2@nurago.com] - C:\Program Files (x86)\GfK Internet-Monitor FF Extension: GfK Internet-Monitor - C:\Program Files (x86)\GfK Internet-Monitor [2013-03-28] FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013-02-25] Chrome: ======= CHR Extension: (Google Docs) - C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-28] CHR Extension: (Google Drive) - C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-28] CHR Extension: (YouTube) - C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-28] CHR Extension: (Google-Suche) - C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-28] CHR Extension: (GfK Internet-Monitor) - C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekfcceehmjiicgpkeblpbcpglgdklklh [2014-05-28] CHR Extension: (Google Wallet) - C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-02] CHR Extension: (Google Mail) - C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-28] ==================== Services (Whitelisted) ================= R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [354304 2011-01-26] (Advanced Micro Devices, Inc.) R2 AMD Reservation Manager; C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe [194496 2010-06-17] (Advanced Micro Devices) R2 GfK-Proxy-Service; C:\Program Files (x86)\GfK-ProxyService\GfK-ProxyService.exe [45544 2014-02-20] () R2 GfK-Reporting-Service; C:\Program Files (x86)\GfK Internet-Monitor\GfK-Reporting.exe [3293672 2014-02-20] () R2 GfK-Update-Service; C:\Program Files (x86)\GfK Internet-Monitor\GfK-Updater.exe [1356264 2014-02-20] () R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation) R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation) R2 Nero BackItUp Scheduler 3; C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe [853288 2007-09-20] (Nero AG) S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation) R3 NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [382248 2007-10-23] (Nero AG) R2 RzKLService; C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe [105448 2014-02-25] (Razer Inc.) R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27760 2011-11-11] (VIA Technologies, Inc.) ==================== Drivers (Whitelisted) ==================== R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-23] () S3 CM1063264; C:\Windows\System32\drivers\CM10664.sys [984064 2007-04-13] (C-Media Inc) R3 cmuda3; C:\Windows\System32\drivers\cmudax3.sys [828416 2007-04-12] (C-Media Inc) R3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [32512 2014-05-28] () R3 LGPBTDD; C:\Windows\System32\Drivers\LGPBTDD.sys [30728 2009-07-01] (Logitech Inc.) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-05-28] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation) R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation) R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-17] () S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation) R1 wStLib64; C:\Windows\System32\drivers\wStLib64.sys [61112 2014-03-20] (StdLib) S3 catchme; \??\C:\ComboFix\catchme.sys [X] S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [X] S3 MSICDSetup; \??\D:\CDriver64.sys [X] U4 SR; S3 VGPU; System32\drivers\rdvgkmd.sys [X] S3 WinRing0_1_2_0; \??\C:\Program Files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys [X] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-05-28 19:13 - 2014-05-28 19:13 - 00032512 _____ () C:\Windows\system32\Drivers\hitmanpro37.sys 2014-05-28 19:10 - 2014-05-28 19:10 - 00004120 _____ () C:\Windows\system32\.crusader 2014-05-28 19:00 - 2014-05-28 19:12 - 00000000 ____D () C:\ProgramData\HitmanPro 2014-05-28 18:50 - 2014-05-28 18:50 - 00000081 _____ () C:\folders.txt 2014-05-28 18:50 - 2014-05-28 18:37 - 00024064 _____ () C:\Windows\zoek-delete.exe 2014-05-28 18:38 - 2014-05-28 18:52 - 00026137 _____ () C:\zoek-results.log 2014-05-28 18:37 - 2014-05-28 18:49 - 00000000 ____D () C:\zoek_backup 2014-05-26 22:26 - 2014-05-26 22:26 - 00000501 _____ () C:\Windows\Cmicnfg3.ini.imi 2014-05-26 22:26 - 2007-04-12 17:56 - 06098944 _____ (C-Media Corporation) C:\Windows\system\cmicnfg3.cpl 2014-05-26 22:26 - 2007-04-12 16:29 - 00828416 _____ (C-Media Inc) C:\Windows\system32\Drivers\cmudax3.sys 2014-05-26 22:26 - 2007-03-26 19:39 - 00065536 ____R () C:\Windows\system32\CmiInstallResAll.dll 2014-05-26 22:13 - 2014-05-26 22:13 - 00262144 ____N () C:\Windows\Minidump\052614-22198-01.dmp 2014-05-26 22:13 - 2014-05-26 22:13 - 00000000 ____D () C:\Windows\Minidump 2014-05-25 03:58 - 2014-05-25 03:58 - 163006996 _____ () C:\Users\Lars\Downloads\INTP2268w.rar 2014-05-24 23:41 - 2014-05-24 23:41 - 00349160 _____ () C:\Users\Lars\Downloads\MediaPlayerClassic.exe 2014-05-24 19:16 - 2014-05-28 21:03 - 00000000 ____D () C:\Users\Lars\Desktop\Adware Tools 2014-05-24 16:12 - 2014-05-24 16:12 - 00000000 ____D () C:\Windows\ERUNT 2014-05-24 16:04 - 2014-05-24 16:04 - 00001094 _____ () C:\Users\Public\Desktop\Controller Editor.lnk 2014-05-24 16:04 - 2014-05-24 16:04 - 00000000 __HDC () C:\ProgramData\{FA277A43-401F-4EAE-9068-FCDF88DB3EA9} 2014-05-24 15:58 - 2014-05-24 15:58 - 00001002 _____ () C:\Users\Public\Desktop\Traktor 2.lnk 2014-05-24 15:58 - 2014-05-24 15:58 - 00000000 __HDC () C:\ProgramData\{0495C70B-87F4-4A64-87B3-4FB0BA1F60D2} 2014-05-24 15:52 - 2014-05-24 17:23 - 00133962 _____ () C:\Windows\DPINST.LOG 2014-05-24 15:42 - 2014-05-28 19:16 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-05-24 15:42 - 2014-05-24 15:42 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-05-24 15:42 - 2014-05-24 15:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-05-24 15:42 - 2014-05-24 15:42 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-05-24 15:42 - 2014-05-24 15:42 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-05-24 15:42 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-05-24 15:42 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-05-24 15:42 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2014-05-24 11:54 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe 2014-05-24 11:54 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe 2014-05-24 11:54 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe 2014-05-24 11:54 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe 2014-05-24 11:54 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe 2014-05-24 11:54 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe 2014-05-24 11:54 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe 2014-05-24 11:54 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe 2014-05-24 11:51 - 2014-05-24 20:30 - 00000000 ____D () C:\Qoobox 2014-05-24 11:51 - 2014-05-24 12:52 - 00000000 ____D () C:\Windows\erdnt 2014-05-24 11:17 - 2014-05-24 11:47 - 00000000 ____D () C:\Program Files (x86)\GfK-ProxyService 2014-05-24 11:15 - 2014-05-28 21:06 - 00000000 ____D () C:\FRST 2014-05-24 10:21 - 2014-05-24 10:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2014-05-24 10:15 - 2014-05-28 18:52 - 00008084 _____ () C:\Windows\PFRO.log 2014-05-24 09:57 - 2014-05-28 20:56 - 00003936 _____ () C:\Windows\setupact.log 2014-05-24 09:57 - 2014-05-24 09:57 - 00000000 _____ () C:\Windows\setuperr.log 2014-05-20 17:59 - 2014-05-20 18:00 - 00000000 ____D () C:\Program Files (x86)\winKeyLock 2014-05-20 17:59 - 2014-05-20 17:59 - 00000963 _____ () C:\Users\Lars\Desktop\winKeyLock.lnk 2014-05-20 17:59 - 2014-05-20 17:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\winKeyLock 2014-05-20 17:58 - 2014-05-20 17:58 - 00645904 _____ (winKeyLock ) C:\Users\Lars\Downloads\InstallWinKeyLock1.0.1.exe 2014-05-20 10:57 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll 2014-05-20 10:56 - 2014-05-24 19:48 - 00000000 ____D () C:\AdwCleaner 2014-05-20 10:52 - 2014-05-20 10:52 - 00961360 _____ (Chip Digital GmbH) C:\Users\Lars\Desktop\AdwCleaner.exe 2014-05-20 09:02 - 2014-05-20 09:04 - 00000000 ____D () C:\Users\Lars\Desktop\Vertrag VF Oli Kamera 2014-05-20 08:48 - 2014-05-24 09:56 - 00000668 _____ () C:\aaw7boot.log 2014-05-16 08:13 - 2014-05-16 08:13 - 00000000 ___SD () C:\Windows\system32\CompatTel 2014-05-16 08:12 - 2014-05-16 08:12 - 00001783 _____ () C:\Users\Public\Desktop\iTunes.lnk 2014-05-16 08:12 - 2014-05-16 08:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2014-05-16 08:11 - 2014-05-16 08:12 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2014-05-16 08:11 - 2014-05-16 08:12 - 00000000 ____D () C:\Program Files\iTunes 2014-05-16 08:11 - 2014-05-16 08:12 - 00000000 ____D () C:\Program Files (x86)\iTunes 2014-05-16 08:11 - 2014-05-16 08:11 - 00000000 ____D () C:\Program Files\iPod 2014-05-16 07:51 - 2014-05-06 07:14 - 19274752 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-05-16 07:51 - 2014-05-06 07:14 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-05-16 07:51 - 2014-05-06 05:48 - 14367232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-05-16 07:51 - 2014-05-06 05:48 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-05-16 07:51 - 2014-05-06 05:37 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-05-16 07:51 - 2014-05-06 05:26 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-05-16 07:46 - 2014-05-09 08:14 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-05-16 07:46 - 2014-05-09 08:11 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-05-16 07:46 - 2014-03-25 04:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2014-05-16 07:46 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2014-05-16 07:45 - 2014-04-12 04:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2014-05-16 07:45 - 2014-04-12 04:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2014-05-16 07:45 - 2014-04-12 04:19 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2014-05-16 07:45 - 2014-04-12 04:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2014-05-16 07:45 - 2014-04-12 04:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2014-05-16 07:45 - 2014-04-12 04:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2014-05-16 07:45 - 2014-04-12 04:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2014-05-16 07:45 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2014-05-16 07:45 - 2014-04-12 04:10 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2014-05-16 07:45 - 2014-03-04 11:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2014-05-16 07:45 - 2014-03-04 11:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2014-05-16 07:45 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll 2014-05-16 07:45 - 2014-03-04 11:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2014-05-16 07:45 - 2014-03-04 11:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2014-05-16 07:45 - 2014-03-04 11:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2014-05-16 07:45 - 2014-03-04 11:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2014-05-16 07:45 - 2014-03-04 11:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2014-05-16 07:45 - 2014-03-04 11:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll 2014-05-16 07:45 - 2014-03-04 11:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe 2014-05-16 07:45 - 2014-03-04 11:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll 2014-05-16 07:45 - 2014-03-04 11:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll 2014-05-16 07:45 - 2014-03-04 11:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll 2014-05-16 07:45 - 2014-03-04 11:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll 2014-05-16 07:45 - 2014-03-04 11:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll 2014-05-16 07:45 - 2014-03-04 11:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2014-05-16 07:45 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2014-05-16 07:45 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2014-05-16 07:45 - 2014-03-04 11:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2014-05-16 07:45 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll 2014-05-16 07:45 - 2014-03-04 11:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2014-05-16 07:45 - 2014-03-04 11:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2014-05-16 07:45 - 2014-03-04 11:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2014-05-16 07:45 - 2014-03-04 11:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2014-05-16 07:45 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll 2014-05-16 07:45 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll 2014-05-16 07:45 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll 2014-05-16 07:45 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll 2014-05-16 07:45 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll 2014-05-16 07:45 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll 2014-05-16 07:45 - 2014-03-04 11:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2014-05-16 07:45 - 2014-03-04 11:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2014-05-09 22:54 - 2014-05-24 10:02 - 00000000 ____D () C:\ProgramData\Lavasoft 2014-05-09 22:54 - 2014-05-24 10:02 - 00000000 ____D () C:\Program Files (x86)\Lavasoft 2014-05-09 12:30 - 2014-05-09 12:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mp3tag 2014-05-09 12:21 - 2014-05-09 12:21 - 00001026 _____ () C:\Users\Lars\Desktop\MP3Gain.lnk 2014-05-09 11:49 - 2014-05-09 11:49 - 00000000 __HDC () C:\ProgramData\{4682E4CB-7209-4099-8AA1-580ABCCCE731} 2014-05-09 11:49 - 2014-05-09 11:49 - 00000000 __HDC () C:\ProgramData\{033B4844-E9C3-45D2-88D9-34DDF3F91100} 2014-05-09 11:48 - 2014-05-09 11:48 - 00000000 __HDC () C:\ProgramData\{D2030082-F62A-402A-9456-8009276FD896} 2014-05-09 11:48 - 2014-05-09 11:48 - 00000000 __HDC () C:\ProgramData\{B3478C15-588A-4968-AD66-76AA98803A28} 2014-05-09 11:48 - 2014-05-09 11:48 - 00000000 __HDC () C:\ProgramData\{0CC85DFF-E70A-4AB0-968A-F1F98F4D0C67} 2014-05-09 11:47 - 2014-05-09 11:47 - 00000000 __HDC () C:\ProgramData\{662EAAEC-9E9A-4C69-A658-884E51E909BB} 2014-05-09 11:47 - 2014-05-09 11:47 - 00000000 __HDC () C:\ProgramData\{5EE4F9B1-7274-48A2-9C25-C287604C3058} 2014-05-09 11:46 - 2014-05-09 11:46 - 00000000 __HDC () C:\ProgramData\{EB21323D-3F46-4EF0-B849-B096B7705C69} 2014-05-09 11:46 - 2014-05-09 11:46 - 00000000 __HDC () C:\ProgramData\{9B09061B-0A4F-42DA-9987-7D3F452DCB09} 2014-05-09 11:46 - 2014-05-09 11:46 - 00000000 __HDC () C:\ProgramData\{9597097D-B8DC-4754-AF2D-CB61CCFC861A} 2014-05-09 11:46 - 2014-05-09 11:46 - 00000000 __HDC () C:\ProgramData\{219191E6-6846-4329-889D-7956C487D9A6} 2014-05-09 11:45 - 2014-05-09 11:45 - 00000000 __HDC () C:\ProgramData\{B7C85E99-2AC6-455D-B4D1-752A56403757} 2014-05-09 11:45 - 2014-05-09 11:45 - 00000000 __HDC () C:\ProgramData\{AF79C86B-2321-4D47-A168-2A24BA2B6A73} 2014-05-09 11:45 - 2014-05-09 11:45 - 00000000 __HDC () C:\ProgramData\{9F570B21-E27A-40BE-A508-292899A7D042} 2014-05-09 11:44 - 2014-05-09 11:44 - 00000000 __HDC () C:\ProgramData\{57B31BE2-3175-4425-9722-D2AC5F68C7BD} 2014-05-09 11:11 - 2014-05-24 17:23 - 00001069 _____ () C:\Users\Lars\Desktop\DENON DJ ASIO Driver.lnk 2014-05-09 11:11 - 2014-05-09 11:11 - 00000000 ____D () C:\Users\Lars\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DENON_DJ 2014-05-09 11:11 - 2014-05-09 11:11 - 00000000 ____D () C:\Program Files (x86)\DENON_DJ ==================== One Month Modified Files and Folders ======= 2014-05-28 21:06 - 2014-05-24 11:15 - 00000000 ____D () C:\FRST 2014-05-28 21:03 - 2014-05-24 19:16 - 00000000 ____D () C:\Users\Lars\Desktop\Adware Tools 2014-05-28 20:58 - 2013-02-07 13:57 - 01170643 _____ () C:\Windows\WindowsUpdate.log 2014-05-28 20:56 - 2014-05-24 09:57 - 00003936 _____ () C:\Windows\setupact.log 2014-05-28 20:45 - 2013-03-28 11:32 - 00000000 ____D () C:\Program Files (x86)\GfK Internet-Monitor 2014-05-28 20:44 - 2013-02-09 01:54 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-05-28 20:29 - 2013-07-15 00:05 - 00000000 ____D () C:\Users\Lars\AppData\Local\769EDE57-05AC-4121-A320-64C10E4C3E4B.aplzod 2014-05-28 20:26 - 2013-02-07 15:07 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-05-28 20:16 - 2013-02-25 16:39 - 00000000 ____D () C:\Users\Lars\AppData\Roaming\Skype 2014-05-28 20:00 - 2013-05-02 18:33 - 00000000 ____D () C:\Users\Lars\Desktop\iPod Photo Cache 2014-05-28 19:50 - 2013-02-15 21:06 - 00000000 ____D () C:\Users\Lars\AppData\Local\Apple Computer 2014-05-28 19:22 - 2009-07-14 06:45 - 00021248 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-05-28 19:22 - 2009-07-14 06:45 - 00021248 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-05-28 19:16 - 2014-05-24 15:42 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-05-28 19:14 - 2013-02-07 15:07 - 00001102 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-05-28 19:13 - 2014-05-28 19:13 - 00032512 _____ () C:\Windows\system32\Drivers\hitmanpro37.sys 2014-05-28 19:13 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-05-28 19:12 - 2014-05-28 19:00 - 00000000 ____D () C:\ProgramData\HitmanPro 2014-05-28 19:10 - 2014-05-28 19:10 - 00004120 _____ () C:\Windows\system32\.crusader 2014-05-28 18:52 - 2014-05-28 18:38 - 00026137 _____ () C:\zoek-results.log 2014-05-28 18:52 - 2014-05-24 10:15 - 00008084 _____ () C:\Windows\PFRO.log 2014-05-28 18:50 - 2014-05-28 18:50 - 00000081 _____ () C:\folders.txt 2014-05-28 18:49 - 2014-05-28 18:37 - 00000000 ____D () C:\zoek_backup 2014-05-28 18:48 - 2013-02-07 14:45 - 00000000 ____D () C:\Users\Lars 2014-05-28 18:37 - 2014-05-28 18:50 - 00024064 _____ () C:\Windows\zoek-delete.exe 2014-05-28 18:34 - 2014-03-11 00:22 - 00000008 __RSH () C:\ProgramData\ntuser.pol 2014-05-28 18:31 - 2009-07-14 05:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy 2014-05-26 22:37 - 2010-11-21 08:50 - 00702964 _____ () C:\Windows\system32\perfh007.dat 2014-05-26 22:37 - 2010-11-21 08:50 - 00150604 _____ () C:\Windows\system32\perfc007.dat 2014-05-26 22:37 - 2009-07-14 07:13 - 01629436 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-05-26 22:35 - 2013-11-24 10:38 - 00000000 ____D () C:\Users\Lars\AppData\Roaming\vlc 2014-05-26 22:27 - 2013-03-02 18:27 - 00000138 _____ () C:\Windows\system\Dlap.pfx 2014-05-26 22:26 - 2014-05-26 22:26 - 00000501 _____ () C:\Windows\Cmicnfg3.ini.imi 2014-05-26 22:26 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system 2014-05-26 22:26 - 2007-04-19 18:27 - 00000501 _____ () C:\Windows\system\Cmicnfg3.ini 2014-05-26 22:13 - 2014-05-26 22:13 - 00262144 ____N () C:\Windows\Minidump\052614-22198-01.dmp 2014-05-26 22:13 - 2014-05-26 22:13 - 00000000 ____D () C:\Windows\Minidump 2014-05-25 12:59 - 2014-02-08 11:55 - 00000000 ____D () C:\Users\Lars\AppData\Roaming\.purple 2014-05-25 10:29 - 2013-09-19 19:33 - 00000000 ____D () C:\Users\Lars\Downloads\Primeval New World 2014-05-25 10:10 - 2013-09-21 08:41 - 00000000 ____D () C:\Users\Lars\AppData\Roaming\Mp3tag 2014-05-25 10:10 - 2013-05-11 10:10 - 00000000 ____D () C:\Users\Lars\Desktop\neue Musik 2014-05-25 06:30 - 2013-08-17 21:52 - 00000000 ____D () C:\Users\Lars\Desktop\XTreme 6.1 2014-05-25 03:58 - 2014-05-25 03:58 - 163006996 _____ () C:\Users\Lars\Downloads\INTP2268w.rar 2014-05-24 23:41 - 2014-05-24 23:41 - 00349160 _____ () C:\Users\Lars\Downloads\MediaPlayerClassic.exe 2014-05-24 20:30 - 2014-05-24 11:51 - 00000000 ____D () C:\Qoobox 2014-05-24 20:07 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini 2014-05-24 19:48 - 2014-05-20 10:56 - 00000000 ____D () C:\AdwCleaner 2014-05-24 19:33 - 2013-06-17 21:35 - 00000000 ____D () C:\Users\Lars\AppData\Roaming\uTorrent 2014-05-24 17:23 - 2014-05-24 15:52 - 00133962 _____ () C:\Windows\DPINST.LOG 2014-05-24 17:23 - 2014-05-09 11:11 - 00001069 _____ () C:\Users\Lars\Desktop\DENON DJ ASIO Driver.lnk 2014-05-24 16:12 - 2014-05-24 16:12 - 00000000 ____D () C:\Windows\ERUNT 2014-05-24 16:04 - 2014-05-24 16:04 - 00001094 _____ () C:\Users\Public\Desktop\Controller Editor.lnk 2014-05-24 16:04 - 2014-05-24 16:04 - 00000000 __HDC () C:\ProgramData\{FA277A43-401F-4EAE-9068-FCDF88DB3EA9} 2014-05-24 16:03 - 2013-02-14 12:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments 2014-05-24 16:03 - 2013-02-14 12:30 - 00000000 ____D () C:\Program Files\Native Instruments 2014-05-24 16:03 - 2013-02-14 12:30 - 00000000 ____D () C:\Program Files\Common Files\Native Instruments 2014-05-24 15:58 - 2014-05-24 15:58 - 00001002 _____ () C:\Users\Public\Desktop\Traktor 2.lnk 2014-05-24 15:58 - 2014-05-24 15:58 - 00000000 __HDC () C:\ProgramData\{0495C70B-87F4-4A64-87B3-4FB0BA1F60D2} 2014-05-24 15:42 - 2014-05-24 15:42 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-05-24 15:42 - 2014-05-24 15:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-05-24 15:42 - 2014-05-24 15:42 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-05-24 15:42 - 2014-05-24 15:42 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-05-24 12:52 - 2014-05-24 11:51 - 00000000 ____D () C:\Windows\erdnt 2014-05-24 11:47 - 2014-05-24 11:17 - 00000000 ____D () C:\Program Files (x86)\GfK-ProxyService 2014-05-24 10:21 - 2014-05-24 10:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2014-05-24 10:21 - 2013-02-07 15:07 - 00000000 ____D () C:\Program Files (x86)\Google 2014-05-24 10:19 - 2013-11-15 20:02 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-05-24 10:17 - 2014-03-01 16:48 - 00000000 ____D () C:\Users\Lars\Tracing 2014-05-24 10:02 - 2014-05-09 22:54 - 00000000 ____D () C:\ProgramData\Lavasoft 2014-05-24 10:02 - 2014-05-09 22:54 - 00000000 ____D () C:\Program Files (x86)\Lavasoft 2014-05-24 09:57 - 2014-05-24 09:57 - 00000000 _____ () C:\Windows\setuperr.log 2014-05-24 09:56 - 2014-05-20 08:48 - 00000668 _____ () C:\aaw7boot.log 2014-05-20 18:00 - 2014-05-20 17:59 - 00000000 ____D () C:\Program Files (x86)\winKeyLock 2014-05-20 17:59 - 2014-05-20 17:59 - 00000963 _____ () C:\Users\Lars\Desktop\winKeyLock.lnk 2014-05-20 17:59 - 2014-05-20 17:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\winKeyLock 2014-05-20 17:58 - 2014-05-20 17:58 - 00645904 _____ (winKeyLock ) C:\Users\Lars\Downloads\InstallWinKeyLock1.0.1.exe 2014-05-20 11:01 - 2013-03-09 18:46 - 00001079 _____ () C:\Users\Lars\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2014-05-20 11:01 - 2013-02-08 00:58 - 00001061 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2014-05-20 10:52 - 2014-05-20 10:52 - 00961360 _____ (Chip Digital GmbH) C:\Users\Lars\Desktop\AdwCleaner.exe 2014-05-20 09:04 - 2014-05-20 09:02 - 00000000 ____D () C:\Users\Lars\Desktop\Vertrag VF Oli Kamera 2014-05-16 08:44 - 2013-05-14 22:44 - 17938608 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe 2014-05-16 08:44 - 2013-02-09 01:54 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-05-16 08:44 - 2013-02-09 01:54 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-05-16 08:44 - 2013-02-09 01:54 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-05-16 08:40 - 2013-12-13 10:11 - 00000000 ____D () C:\Users\Lars\AppData\Local\Amazon Cloud Player 2014-05-16 08:39 - 2013-12-13 10:11 - 00001604 _____ () C:\Windows\System32\Tasks\Amazon Music Helper 2014-05-16 08:16 - 2013-02-07 14:51 - 00000000 ___RD () C:\Users\Lars\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2014-05-16 08:16 - 2013-02-07 14:51 - 00000000 ___RD () C:\Users\Lars\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools 2014-05-16 08:13 - 2014-05-16 08:13 - 00000000 ___SD () C:\Windows\system32\CompatTel 2014-05-16 08:13 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions 2014-05-16 08:12 - 2014-05-16 08:12 - 00001783 _____ () C:\Users\Public\Desktop\iTunes.lnk 2014-05-16 08:12 - 2014-05-16 08:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2014-05-16 08:12 - 2014-05-16 08:11 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2014-05-16 08:12 - 2014-05-16 08:11 - 00000000 ____D () C:\Program Files\iTunes 2014-05-16 08:12 - 2014-05-16 08:11 - 00000000 ____D () C:\Program Files (x86)\iTunes 2014-05-16 08:11 - 2014-05-16 08:11 - 00000000 ____D () C:\Program Files\iPod 2014-05-16 07:51 - 2013-02-08 01:03 - 00000000 ____D () C:\ProgramData\Microsoft Help 2014-05-16 07:50 - 2013-09-12 17:45 - 00000000 ____D () C:\Windows\system32\MRT 2014-05-16 07:48 - 2013-02-08 12:34 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-05-16 07:35 - 2013-02-14 15:59 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk 2014-05-12 07:26 - 2014-05-24 15:42 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-05-12 07:26 - 2014-05-24 15:42 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-05-12 07:25 - 2014-05-24 15:42 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2014-05-11 07:36 - 2013-09-21 09:36 - 00000141 _____ () C:\Users\Lars\AppData\Roaming\WB.CFG 2014-05-09 15:21 - 2013-02-07 15:07 - 00004102 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2014-05-09 15:21 - 2013-02-07 15:07 - 00003850 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2014-05-09 12:30 - 2014-05-09 12:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mp3tag 2014-05-09 12:30 - 2013-09-21 08:41 - 00000979 _____ () C:\Users\Public\Desktop\Mp3tag.lnk 2014-05-09 12:30 - 2013-09-21 08:41 - 00000000 ____D () C:\Program Files (x86)\Mp3tag 2014-05-09 12:21 - 2014-05-09 12:21 - 00001026 _____ () C:\Users\Lars\Desktop\MP3Gain.lnk 2014-05-09 11:57 - 2013-02-14 14:13 - 00000000 ____D () C:\Users\Lars\Documents\Native Instruments 2014-05-09 11:49 - 2014-05-09 11:49 - 00000000 __HDC () C:\ProgramData\{4682E4CB-7209-4099-8AA1-580ABCCCE731} 2014-05-09 11:49 - 2014-05-09 11:49 - 00000000 __HDC () C:\ProgramData\{033B4844-E9C3-45D2-88D9-34DDF3F91100} 2014-05-09 11:48 - 2014-05-09 11:48 - 00000000 __HDC () C:\ProgramData\{D2030082-F62A-402A-9456-8009276FD896} 2014-05-09 11:48 - 2014-05-09 11:48 - 00000000 __HDC () C:\ProgramData\{B3478C15-588A-4968-AD66-76AA98803A28} 2014-05-09 11:48 - 2014-05-09 11:48 - 00000000 __HDC () C:\ProgramData\{0CC85DFF-E70A-4AB0-968A-F1F98F4D0C67} 2014-05-09 11:47 - 2014-05-09 11:47 - 00000000 __HDC () C:\ProgramData\{662EAAEC-9E9A-4C69-A658-884E51E909BB} 2014-05-09 11:47 - 2014-05-09 11:47 - 00000000 __HDC () C:\ProgramData\{5EE4F9B1-7274-48A2-9C25-C287604C3058} 2014-05-09 11:46 - 2014-05-09 11:46 - 00000000 __HDC () C:\ProgramData\{EB21323D-3F46-4EF0-B849-B096B7705C69} 2014-05-09 11:46 - 2014-05-09 11:46 - 00000000 __HDC () C:\ProgramData\{9B09061B-0A4F-42DA-9987-7D3F452DCB09} 2014-05-09 11:46 - 2014-05-09 11:46 - 00000000 __HDC () C:\ProgramData\{9597097D-B8DC-4754-AF2D-CB61CCFC861A} 2014-05-09 11:46 - 2014-05-09 11:46 - 00000000 __HDC () C:\ProgramData\{219191E6-6846-4329-889D-7956C487D9A6} 2014-05-09 11:45 - 2014-05-09 11:45 - 00000000 __HDC () C:\ProgramData\{B7C85E99-2AC6-455D-B4D1-752A56403757} 2014-05-09 11:45 - 2014-05-09 11:45 - 00000000 __HDC () C:\ProgramData\{AF79C86B-2321-4D47-A168-2A24BA2B6A73} 2014-05-09 11:45 - 2014-05-09 11:45 - 00000000 __HDC () C:\ProgramData\{9F570B21-E27A-40BE-A508-292899A7D042} 2014-05-09 11:44 - 2014-05-09 11:44 - 00000000 __HDC () C:\ProgramData\{57B31BE2-3175-4425-9722-D2AC5F68C7BD} 2014-05-09 11:11 - 2014-05-09 11:11 - 00000000 ____D () C:\Users\Lars\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DENON_DJ 2014-05-09 11:11 - 2014-05-09 11:11 - 00000000 ____D () C:\Program Files (x86)\DENON_DJ 2014-05-09 08:14 - 2014-05-16 07:46 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-05-09 08:11 - 2014-05-16 07:46 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-05-06 07:14 - 2014-05-16 07:51 - 19274752 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-05-06 07:14 - 2014-05-16 07:51 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-05-06 05:48 - 2014-05-16 07:51 - 14367232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-05-06 05:48 - 2014-05-16 07:51 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-05-06 05:37 - 2014-05-16 07:51 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-05-06 05:26 - 2014-05-16 07:51 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-05-02 23:38 - 2013-02-08 01:06 - 00000000 ____D () C:\Users\Lars\AppData\Roaming\TS3Client 2014-05-02 22:34 - 2013-05-21 01:53 - 00007607 _____ () C:\Users\Lars\AppData\Local\Resmon.ResmonCfg ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2013-02-26 19:00 ==================== End Of Log ============================ |
|
| Themen zu Unerwünschte, leere Pop-up Fenster erscheinen und Wörter sind unterstrichen und verlinkt |
| computer, funktion, mobogenie, mobogenie entfernen, nationzoom, nationzoom entfernen, programme, win32/adware.multiplug.k.gen, win32/adware.multiplug.n, win32/adware.pcerrorfix.a, win32/hafocoin.ae, win32/injector.azos, win64/adware.multiplug.a, öffnen |
und 
und speichere die Logdatei auf Deinem Desktop.
Linear-Darstellung
