| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Win32 Injector-BSY[TRJ] AVAST VirenfundWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
26.05.2014, 17:00
| #1 |
| | ![Win32 Injector-BSY[TRJ] AVAST Virenfund - Unglücklich](images/icons/icon9.gif){kind=icon} Win32 Injector-BSY[TRJ] AVAST Virenfund Hallo, wollte gestern Abend ein Codec Pack für den DivX PLayer runterladen (von Softonic, K Lite Codec Pack) und habe mir dabei den Virus aus dem obigen Titel eingefangen. Habe heute Malwarebytes runter geladen und poste euch hier die Log file (einige Funde). Funde sind noch in Quarantäne. Wäre euch sehr dankbar, wenn ihr mir helfen könntet. :-) Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlauf Datum: 26.05.2014 Suchlauf-Zeit: 17:14:59 Logdatei: log.txt Administrator: Ja Version: 2.00.2.1012 Malware Datenbank: v2014.05.26.02 Rootkit Datenbank: v2014.05.21.01 Lizenz: Testversion Malware Schutz: Aktiviert Bösartiger Webseiten Schutz: Aktiviert Self-protection: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: xxxxxxx Suchlauf-Art: Bedrohungs-Suchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 276881 Verstrichene Zeit: 15 Min, 42 Sek Speicher: Aktiviert Autostart: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristics: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registrierungsschlüssel: 16 PUP.Optional.SystemK.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\F06DEFF2-5B9C-490D-910F-35D3A91196222, In Quarantäne, [f00ac194b7c479bdb7e0ec908e7325db], PUP.Optional.Linkey.A, HKU\S-1-5-21-3143199781-2537010271-4102635995-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47}, In Quarantäne, [10ea80d5c8b3152132a535f84fb3cd33], PUP.Optional.Linkey.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47}, In Quarantäne, [10ea80d5c8b3152132a535f84fb3cd33], PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{68B81CCD-A80C-4060-8947-5AE69ED01199}, In Quarantäne, [f406f263c4b7171f80adc99bd131ba46], PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E6B969FB-6D33-48d2-9061-8BBD4899EB08}, In Quarantäne, [c93188cd007b46f0200e620259a99d63], PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\Iminent, In Quarantäne, [5aa0aea73f3c072fa723b9ee30d2f50b], PUP.Optional.SettingsManager.A, HKLM\SOFTWARE\WOW6432NODE\SYSTEMK\General, In Quarantäne, [b347a2b33843db5b491a1a7f3bc75ea2], PUP.Optional.SettingsManager.A, HKLM\SOFTWARE\WOW6432NODE\SYSTEMK, In Quarantäne, [26d441141269a393214359406f93a45c], PUP.Optional.Iminent.A, HKU\S-1-5-21-3143199781-2537010271-4102635995-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Iminent, In Quarantäne, [df1b2f268af148eeedded5d27b87867a], PUP.Optional.Softonic.A, HKU\S-1-5-21-3143199781-2537010271-4102635995-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SOFTONIC\Universal Downloader, In Quarantäne, [3ebc72e386f5cf670766573eb74b3bc5], PUP.Optional.SettingsManager.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{E1842850-FB16-4471-B327-7343FBAED55C}, In Quarantäne, [17e3a9ac2d4eb97ddb14c1bcf909b34d], PUP.Optional.SettingsManager.A, HKLM\SOFTWARE\CLASSES\CLSID\{E1842850-FB16-4471-B327-7343FBAED55C}, In Quarantäne, [17e3a9ac2d4eb97ddb14c1bcf909b34d], PUP.Optional.SettingsManager.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{93D511B5-143B-4A99-ABFC-B5B78AD0AE1B}, In Quarantäne, [17e3a9ac2d4eb97ddb14c1bcf909b34d], PUP.Optional.SettingsManager.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{AA760BA8-5862-4BC5-9263-4452CBC0B264}, In Quarantäne, [17e3a9ac2d4eb97ddb14c1bcf909b34d], PUP.Optional.SettingsManager.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{AA760BA8-5862-4BC5-9263-4452CBC0B264}, In Quarantäne, [17e3a9ac2d4eb97ddb14c1bcf909b34d], PUP.Optional.SettingsManager.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{93D511B5-143B-4A99-ABFC-B5B78AD0AE1B}, In Quarantäne, [17e3a9ac2d4eb97ddb14c1bcf909b34d], Registrierungswerte: 1 PUP.Optional.SettingsManager.A, HKLM\SOFTWARE\WOW6432NODE\SYSTEMK|browser, ie ff cr, In Quarantäne, [26d441141269a393214359406f93a45c] Registrierungsdaten: 0 (No malicious items detected) Ordner: 5 PUP.Optional.SystemK.A, C:\ProgramData\systemk, In Quarantäne, [02f87ed72655d2645caf5f39d82a22de], PUP.Optional.OpenCandy, C:\Users\Anton Peter\AppData\Roaming\OpenCandy, In Quarantäne, [b446f36293e8f541578d2c4a8b7738c8], PUP.Optional.OpenCandy, C:\Users\Anton Peter\AppData\Roaming\OpenCandy\377096233C024DD0A5268197586506F2, In Quarantäne, [b446f36293e8f541578d2c4a8b7738c8], PUP.Optional.SettingsManager.A, C:\Program Files (x86)\Settings Manager\systemk, Löschen bei Neustart, [17e3a9ac2d4eb97ddb14c1bcf909b34d], PUP.Optional.SettingsManager.A, C:\Program Files (x86)\Settings Manager\systemk\x64, Löschen bei Neustart, [17e3a9ac2d4eb97ddb14c1bcf909b34d], Dateien: 32 PUP.Optional.SystemK.A, C:\Program Files (x86)\Settings Manager\systemk\x64\systemkmgrc1.cfg, In Quarantäne, [f00ac194b7c479bdb7e0ec908e7325db], PUP.Optional.Linkey.A, C:\Users\Anton Peter\AppData\Local\Temp\~nsu.tmp\Au_.exe, In Quarantäne, [52a895c094e7261064136efdbd44e31d], PUP.Optional.AztecMedia.A, C:\Users\Anton Peter\AppData\Local\Temp\nsh98A4.tmp\Helper.dll, In Quarantäne, [8d6d97be3a41fc3ad2fca6a514f03ac6], PUP.Optional.AztecMedia.A, C:\Users\Anton Peter\AppData\Local\Temp\nsh98A4.tmp\Starter.exe, In Quarantäne, [dc1e361ffe7df4420eb125269272b64a], PUP.Optional.Softonic.A, C:\Users\Anton Peter\Downloads\SoftonicDownloader_fuer_k-lite-codec-pack.exe, In Quarantäne, [cd2d9bbac8b3cf672a8336ea7889d927], PUP.Optional.Iminent.A, C:\Users\Anton Peter\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorage, In Quarantäne, [ae4c282d2a51bc7ad1ee810ed0328878], PUP.Optional.SystemK.A, C:\ProgramData\systemk\general.cfg, In Quarantäne, [02f87ed72655d2645caf5f39d82a22de], PUP.Optional.SystemK.A, C:\ProgramData\systemk\coordinator.cfg, In Quarantäne, [02f87ed72655d2645caf5f39d82a22de], PUP.Optional.SystemK.A, C:\ProgramData\systemk\S-1-5-21-3143199781-2537010271-4102635995-1001.cfg, In Quarantäne, [02f87ed72655d2645caf5f39d82a22de], PUP.Optional.SystemK.A, C:\ProgramData\systemk\stats.cfg, In Quarantäne, [02f87ed72655d2645caf5f39d82a22de], PUP.Optional.DefaultSearch.A, C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\default-search.xml, In Quarantäne, [c337f065ff7c93a34318990011f17b85], PUP.Optional.OpenCandy, C:\Users\Anton Peter\AppData\Roaming\OpenCandy\377096233C024DD0A5268197586506F2\PokkiInstaller.exe, In Quarantäne, [b446f36293e8f541578d2c4a8b7738c8], PUP.Optional.SettingsManager.A, C:\Program Files (x86)\Settings Manager\systemk\favicon.ico, In Quarantäne, [17e3a9ac2d4eb97ddb14c1bcf909b34d], PUP.Optional.SettingsManager.A, C:\Program Files (x86)\Settings Manager\systemk\Helper.dll, In Quarantäne, [17e3a9ac2d4eb97ddb14c1bcf909b34d], PUP.Optional.SettingsManager.A, C:\Program Files (x86)\Settings Manager\systemk\Internet Explorer Settings.exe, In Quarantäne, [17e3a9ac2d4eb97ddb14c1bcf909b34d], PUP.Optional.SettingsManager.A, C:\Program Files (x86)\Settings Manager\systemk\syskldr.dll, In Quarantäne, [17e3a9ac2d4eb97ddb14c1bcf909b34d], PUP.Optional.SettingsManager.A, C:\Program Files (x86)\Settings Manager\systemk\syskldr_u.dll, In Quarantäne, [17e3a9ac2d4eb97ddb14c1bcf909b34d], PUP.Optional.SettingsManager.A, C:\Program Files (x86)\Settings Manager\systemk\systemk.dll, In Quarantäne, [17e3a9ac2d4eb97ddb14c1bcf909b34d], PUP.Optional.SettingsManager.A, C:\Program Files (x86)\Settings Manager\systemk\systemkbho.dll, In Quarantäne, [17e3a9ac2d4eb97ddb14c1bcf909b34d], PUP.Optional.SettingsManager.A, C:\Program Files (x86)\Settings Manager\systemk\x64\systemkbho.dll, In Quarantäne, [17e3a9ac2d4eb97ddb14c1bcf909b34d], PUP.Optional.SettingsManager.A, C:\Program Files (x86)\Settings Manager\systemk\systemkChrome.dll, In Quarantäne, [17e3a9ac2d4eb97ddb14c1bcf909b34d], PUP.Optional.SettingsManager.A, C:\Program Files (x86)\Settings Manager\systemk\systemkmgrc1.cfg, In Quarantäne, [17e3a9ac2d4eb97ddb14c1bcf909b34d], PUP.Optional.SettingsManager.A, C:\Program Files (x86)\Settings Manager\systemk\tbicon.exe, In Quarantäne, [17e3a9ac2d4eb97ddb14c1bcf909b34d], PUP.Optional.SettingsManager.A, C:\Program Files (x86)\Settings Manager\systemk\Uninstall.exe, In Quarantäne, [17e3a9ac2d4eb97ddb14c1bcf909b34d], PUP.Optional.SettingsManager.A, C:\Program Files (x86)\Settings Manager\systemk\x64\Internet Explorer Settings.exe, In Quarantäne, [17e3a9ac2d4eb97ddb14c1bcf909b34d], PUP.Optional.SettingsManager.A, C:\Program Files (x86)\Settings Manager\systemk\x64\sysapcrt.dll, Löschen bei Neustart, [17e3a9ac2d4eb97ddb14c1bcf909b34d], PUP.Optional.SettingsManager.A, C:\Program Files (x86)\Settings Manager\systemk\x64\syskldr.dll, In Quarantäne, [17e3a9ac2d4eb97ddb14c1bcf909b34d], PUP.Optional.SettingsManager.A, C:\Program Files (x86)\Settings Manager\systemk\x64\syskldr_u.dll, In Quarantäne, [17e3a9ac2d4eb97ddb14c1bcf909b34d], PUP.Optional.SettingsManager.A, C:\Program Files (x86)\Settings Manager\systemk\x64\systemk.dll, In Quarantäne, [17e3a9ac2d4eb97ddb14c1bcf909b34d], PUP.Optional.DefaultSearch.A, C:\Users\Anton Peter\AppData\Local\Google\Chrome\User Data\Default\Preferences, Gut: (), Schlecht: ( "homepage" : "hxxp://www.default-search.net?sid=476&aid=122&itype=a&ver=12692&tm=358&src=hmp",), Ersetzt,[32c8ea6b7209e94df68a1272bb490ff1] PUP.Optional.DefaultSearch.A, C:\Users\Anton Peter\AppData\Local\Google\Chrome\User Data\Default\Preferences, Gut: (), Schlecht: ( "homepage" : "hxxp://www.default-search.net?sid=476&aid=122&itype=a&ver=12692&tm=358&src=hmp",), Ersetzt,[e51571e45a211a1cb9c7e69eac58db25] PUP.Optional.DefaultSearch.A, C:\Users\Anton Peter\AppData\Local\Google\Chrome\User Data\Default\Preferences, Gut: (), Schlecht: ( "search_url" : "hxxp://www.default-search.net/search?sid=476&aid=122&itype=a&ver=12692&tm=358&src=ds&p={searchTerms}"), Ersetzt,[b64482d32d4e66d0057c057f9e666997] Physische Sektoren: 0 (No malicious items detected) (end) |
|
26.05.2014, 18:09
| #2 |
| /// the machine /// TB-Ausbilder    | ![Win32 Injector-BSY[TRJ] AVAST Virenfund - Standard](images/icons/icon1.gif){kind=icon} Win32 Injector-BSY[TRJ] AVAST Virenfund hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
26.05.2014, 18:22
| #3 |
| | Win32 Injector-BSY[TRJ] AVAST Virenfund Vielen Dank Schrauber, dass du dich meinem Problem annimmst.
__________________Hier die Log files: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-05-2014 02
Ran by XXXXXX at 2014-05-26 19:11:51
Running from C:\Users\XXXXXX\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
Adobe Acrobat X Pro - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000005}) (Version: 10.1.10 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 13.0.0.111 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 13.0.0.111 - Adobe Systems Incorporated) Hidden
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.4.980 - Adobe Systems Incorporated.)
Adobe Community Help (x32 Version: 3.4.980 - Adobe Systems Incorporated.) Hidden
Adobe Content Viewer (HKLM-x32\...\com.adobe.dmp.contentviewer) (Version: 1.4.0 - Adobe Systems Incorporated)
Adobe Content Viewer (x32 Version: 1.4.0 - Adobe Systems Incorporated) Hidden
Adobe Creative Suite 5.5 Master Collection (HKLM-x32\...\{D57FC112-312E-4D70-860F-2DB8FB6858F0}) (Version: 5.5 - Adobe Systems Incorporated)
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.0.6 - Adobe Systems Incorporated)
Adobe Download Assistant (x32 Version: 1.0.6 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Reader X (10.1.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.10 - Adobe Systems Incorporated)
Adobe Story (HKLM-x32\...\com.adobe.AdobeStory.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.0.571 - Adobe Systems Incorporated)
Adobe Story (x32 Version: 1.0.571 - Adobe Systems Incorporated) Hidden
Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser.E7BED6E5DDA59983786DD72EBFA46B1598278E07.1) (Version: 2.0 Build 230 - Adobe Systems Incorporated.)
Adobe Widget Browser (x32 Version: 2.0.230 - Adobe Systems Incorporated.) Hidden
Anki (HKLM-x32\...\Anki) (Version: - )
APB Reloaded (HKLM-x32\...\Steam App 113400) (Version: - )
Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2018 - Avast Software)
AVerMedia A336 MiniCard Hybrid TV Tuner 10.2.64.51 (HKLM-x32\...\AVerMedia A336 MiniCard Hybrid TV Tuner) (Version: 10.2.64.51 - AVerMedia TECHNOLOGIES, Inc.)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.1.7 - EA Digital Illusions CE AB)
Benutzerhandbuch (x32 Version: 1.0.0.6 - Lenovo) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom InConcert Maestro (HKLM\...\{57DD35E9-D9BB-4089-BB05-EF933C586CB3}) (Version: 1.0.1.2300 - Broadcom Corporation)
Broadcom NetLink Controller (HKLM\...\{C91DCB72-F5BB-410D-A91A-314F5D1B4284}) (Version: 14.8.5.1 - Broadcom Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 4.13 - Piriform)
Cisco AnyConnect VPN Client (HKLM-x32\...\{C1EC4E2D-6F63-4806-B88E-7685B6EC186E}) (Version: 2.5.6005 - Cisco Systems, Inc.)
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Counter-Strike 1.6 (HKLM-x32\...\{13B792AA-C078-43A4-8A3A-8B12D629940D}) (Version: 1.00.0000 - )
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version: - Valve)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dark Messiah Might and Magic Single Player (HKLM-x32\...\Steam App 2100) (Version: - Ubisoft)
Dead Island (HKLM-x32\...\Steam App 91310) (Version: - Techland)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{349F73CA-653A-43A6-AE77-970B07D6EDA0}) (Version: - Microsoft)
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
Dishonored, âåðñèÿ RePack by =×óâàê= (HKLM-x32\...\Dishonored_is1) (Version: RePack by =×óâàê= - )
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.3.22 - DivX, LLC)
DriverScanner (HKLM-x32\...\{C2F8CA82-2BD9-4513-B2D1-08A47914C1DA}_is1) (Version: 4.0.10.0 - Uniblue Systems Ltd)
Dropbox (HKCU\...\Dropbox) (Version: 2.8.2 - Dropbox, Inc.)
Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 6.0.2.0 - Lenovo)
Energy Management (x32 Version: 6.0.2.0 - Lenovo) Hidden
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
Far Cry 3 (HKLM-x32\...\Far Cry 3_R.G. Mechanics_is1) (Version: - R.G. Mechanics, Panky)
Free YouTube to MP3 Converter version 3.12.0.128 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.0.128 - DVDVideoSoft Ltd.)
Google Calendar Sync (HKLM-x32\...\Google Calendar Sync) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 34.0.1847.137 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
Half-Life 2 (HKLM-x32\...\Steam App 220) (Version: - Valve)
Hitman: Absolution (HKLM-x32\...\Steam App 203140) (Version: - Square Enix)
iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2342 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.2.1004 - Intel Corporation)
iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.)
iTunes Sync 1.5.1 (HKLM-x32\...\8089B79E-5E25-4872-8AC9-058E5F5599EC_is1) (Version: - Binary Fortress Software)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.55.0 - JMicron Technology Corp.)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version: - Valve)
Lenovo Bluetooth with Enhanced Data Rate Software (HKLM\...\{C6C9D5F7-630C-4125-8C4E-94AF77C1896E}) (Version: 6.4.0.2300 - Broadcom Corporation)
Lenovo EasyCamera (HKLM-x32\...\{AD40A06A-77AB-4E2E-B2AA-FDE106A9977A}) (Version: 1.1.1.7 - Suyin Optronics Corp.)
Lenovo EE Boot Optimizer (HKLM\...\Lenovo EE Boot Optimizer) (Version: 0.0.1.7 - Lenovo)
Lenovo Games Console (HKLM-x32\...\Lenovo Games Console) (Version: 1.2.6.436 - Oberon Media Inc.)
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 7.0.1628 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 7.0.1628 - CyberLink Corp.) Hidden
Lenovo R.I.C. (Robust Intelligent Companion) (HKLM\...\Lenovo R.I.C. (Robust Intelligent Companion)) (Version: 1.0.10.1220 - Lenovo)
Lenovo YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.1.3728 - CyberLink Corp.)
Lenovo YouCam (x32 Version: 3.1.3728 - CyberLink Corp.) Hidden
Lenovo_Wireless_Driver (HKLM-x32\...\{28ABE740-47F3-441B-9437-852F6A64EFF8}) (Version: 1.02.01 - Lenovo)
Lernen durch Wiederholung 6.2.3 (HKLM-x32\...\Lernen durch Wiederholung_is1) (Version: - ©Matthias Kraus)
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Medal of Honor (TM) (HKLM-x32\...\{415030B8-3E8B-462A-8C03-41D95AA3AB3B}) (Version: 1.0.0.0 - Electronic Arts)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Metro 2033 (HKLM-x32\...\Steam App 43110) (Version: - THQ)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 365 ProPlus - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 15.0.4615.1002 - Microsoft Corporation)
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-0081-0407-0000-0000000FF1CE}) (Version: 14.0.6123.5001 - Microsoft Corporation)
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Single Image 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft_VC80_ATL_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFCLOC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFCLOC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Mozilla Firefox 29.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 29.0.1 (x86 de)) (Version: 29.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MyFreeCodec (HKCU\...\MyFreeCodec) (Version: - )
Norton Identity Safe (HKLM-x32\...\NST) (Version: 2013.4.0.10 - Symantec Corporation)
NVIDIA 3D Vision Controller Driver (x32 Version: 266.19 - NVIDIA Corporation) Hidden
NVIDIA 3D Vision Controller-Treiber 335.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 335.21 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.0.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.0.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 335.23 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.151.1095 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Optimus Update 12.4.67 (Version: 12.4.67 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 12.4.67 (Version: 12.4.67 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 335.23 (Version: 335.23 - NVIDIA Corporation) Hidden
NVIDIA Update 12.4.67 (Version: 12.4.67 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 12.4.67 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.23 (Version: 1.2.23 - NVIDIA Corporation) Hidden
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4615.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4615.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4615.1002 - Microsoft Corporation) Hidden
Onekey Theater (HKLM-x32\...\InstallShield_{D4B060B9-AD4A-4152-9D99-28B93C615AFE}) (Version: 2.0.2.8 - Lenovo)
Onekey Theater (x32 Version: 2.0.2.8 - Lenovo) Hidden
Origin (HKLM-x32\...\Origin) (Version: 9.3.1.4482 - Electronic Arts, Inc.)
PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version: - OVERKILL - a Starbreeze Studio.)
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Portal (HKLM-x32\...\Steam App 400) (Version: - Valve)
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.7303 - CyberLink Corp.)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
PxMergeModule (x32 Version: 1.00.0000 - Your Company Name) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6339 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.30.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.30.0 - Renesas Electronics Corporation) Hidden
Saints Row: The Third (HKLM-x32\...\Steam App 55230) (Version: - Volition)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.0.12104_15 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.5.0.12104_15 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.16.0 - SAMSUNG Electronics Co., Ltd.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version: - Microsoft) Hidden
SHIELD Streaming (Version: 2.1.108 - NVIDIA Corporation) Hidden
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
SRS Control Panel (HKLM\...\{F3C66EC8-2F33-452D-9CFF-E8C886B3ECC4}) (Version: 1.11.0200 - SRS Labs, Inc.)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Streamripper (Remove only) (HKLM-x32\...\Streamripper) (Version: - )
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.2.16.3 - Synaptics Incorporated)
System Requirements Lab CYRI (HKLM-x32\...\{E362724E-9320-4946-AF34-874E7B6B2927}) (Version: 6.0.7.0 - Husdawg, LLC)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version: - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version: - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version: - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{C70D2038-A2C4-4A99-87DE-5272BB44F0CE}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{82F87E28-B18E-46D6-A399-E2F19CF5949B}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2878225) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{EFF5EBA3-40AD-4859-85E7-3C1CF4F297EB}) (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{A0657506-69DC-44AE-8DC1-58E7C6F5B1C9}) (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0407-0000-0000000FF1CE}_Office14.SingleImage_{40EC8FB1-5202-469D-9232-C28FB1C6FC64}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version: - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version: - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version: - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version: - Microsoft)
UserGuide (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.6 - Lenovo)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VeriFace (HKLM-x32\...\VeriFace) (Version: 4.0.1.0126 - Lenovo)
VoiceOver Kit (HKLM-x32\...\{6B4AD1A9-E73A-4184-9D6B-072F8A3C5EBA}) (Version: 1.42.128.0 - Apple Inc.)
Winamp (HKLM-x32\...\Winamp) (Version: 5.63 - Nullsoft, Inc)
Winamp Erkennungs-Plug-in (HKCU\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows-Treiberpaket - Lenovo (ACPIVPC) System (12/02/2010 6.1.0.1) (HKLM\...\EA12B1FB53CE4E387C31A85236C41EF559B5E392) (Version: 12/02/2010 6.1.0.1 - Lenovo)
WinRAR 5.01 (32-Bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
XMind (HKLM-x32\...\XMind) (Version: 3.2.1 - XMind Ltd.)
==================== Restore Points =========================
11-05-2014 15:06:31 avast! antivirus system restore point
12-05-2014 23:32:10 DirectX wurde installiert
14-05-2014 21:00:31 Windows Update
16-05-2014 00:42:30 Windows Update
21-05-2014 12:10:45 Windows Update
==================== Hosts content: ==========================
2009-07-14 04:34 - 2012-04-01 10:43 - 00002670 ____A C:\windows\system32\Drivers\etc\hosts
127.0.0.1 3dns.adobe.com
127.0.0.1 3dns-1.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-4.adobe.com
127.0.0.1 activate.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 activate.wip.adobe.com
127.0.0.1 activate.wip1.adobe.com
127.0.0.1 activate.wip2.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 activate.wip4.adobe.com
127.0.0.1 adobe-dns.adobe.com
127.0.0.1 adobe-dns-1.adobe.com
127.0.0.1 adobe-dns-2.adobe.com
127.0.0.1 adobe-dns-3.adobe.com
127.0.0.1 adobe-dns-4.adobe.com
127.0.0.1 crl.verisign.net
127.0.0.1 CRL.VERISIGN.NET
127.0.0.1 ood.opsource.net
127.0.0.1 209-34-83-73.ood.opsource.net
127.0.0.1 practivate.adobe
127.0.0.1 practivate.adobe
127.0.0.1 practivate.adobe.com
127.0.0.1 practivate.adobe.newoa
127.0.0.1 practivate.adobe.ntp
127.0.0.1 practivate.adobe.ipp
There are 32 more lines.
==================== Scheduled Tasks (whitelisted) =============
Task: {0241892D-E94E-4797-A2DC-B936FC56F029} - System32\Tasks\{186ACEF8-0F88-40CA-9075-B0B3D998F27B} => Chrome.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {1204F9C1-6C25-4A09-8C49-6851CE346E07} - System32\Tasks\{3FA2C50F-C91F-4364-8DBA-46B1D324AA89} => Chrome.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {12734A43-EEDD-40D3-9E2D-5390B62ABC7B} - System32\Tasks\{071EBCB6-8AB4-4BE2-8520-32027EDA5531} => Chrome.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {13DABBC2-CFD3-40A6-9D30-E4A66E0A9F0F} - System32\Tasks\{6A2A633C-7C4D-4A2B-B3EF-96821D8FD225} => Chrome.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {1815BAC1-F57C-41F1-A8B6-6263AD9E3D38} - System32\Tasks\{E8F2374E-0F9D-428A-BD37-6390ECAF58A8} => Chrome.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {1B487F1E-174B-4A3E-A09C-8A15858DA88A} - System32\Tasks\{0830D54D-0A1B-4A6F-8A72-28A485B4DCE4} => Chrome.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {2363F546-817B-44CB-B38C-A76A1DFC72FD} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2014-05-25] (Microsoft Corporation)
Task: {24FE006E-E77A-4963-B66A-45B23F0F5B5F} - System32\Tasks\{74F651A2-DD8C-4567-B3AB-C518D2D7C2E2} => Chrome.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {26C1F430-C4B5-4400-9093-C2042A1B8C20} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-05-11] (AVAST Software)
Task: {2823A261-6696-4D1B-8EC5-EE39E6DDA316} - System32\Tasks\{FE4BBEC6-1747-465B-99EB-7DB70B78BFF4} => Chrome.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {2933F60A-8CE0-4363-A14E-842FBEF7F79C} - System32\Tasks\{EB7103B5-79CE-422B-A887-3AE8C83A87EF} => Chrome.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {2A66AD41-56E3-4913-981A-AF6DF5176886} - System32\Tasks\{5997C788-15CA-4A4B-AE03-E2FA349FF125} => Chrome.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {2B62567E-B533-4DCB-B843-477BEBBE39F2} - System32\Tasks\{5BB58F13-2600-465C-85F9-8948DDFCE110} => Chrome.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {2DAE3BEE-9D46-4CEE-BE8D-16F09C29767F} - System32\Tasks\{14767692-9701-49EB-AFE2-9D42E3598030} => Chrome.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {2F1CD64E-0F5A-42B2-8EC9-45633FC38895} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-04-15] (Microsoft Corporation)
Task: {39ABD025-2C7C-4A19-AE89-BB479404C65E} - System32\Tasks\{74B955A9-E836-4BE4-9692-BED945CC3330} => Chrome.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {3B08B8C3-CD69-409B-B855-3ECEF5E852EF} - System32\Tasks\Norton Identity Safe\Norton Error Analyzer => C:\Program Files (x86)\Norton Identity Safe\Engine\2013.4.0.10\SymErr.exe [2013-05-30] (Symantec Corporation)
Task: {3C6469B7-0DC3-4F5F-A49C-7F123261B6B2} - System32\Tasks\Norton Identity Safe\Norton Error Processor => C:\Program Files (x86)\Norton Identity Safe\Engine\2013.4.0.10\SymErr.exe [2013-05-30] (Symantec Corporation)
Task: {3D0BC99E-52CE-4552-AB69-7AE8B2ADEF42} - System32\Tasks\{D96EE72C-4898-4598-BD27-73BE0C873A78} => Chrome.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {473F255B-128C-4478-9238-8E7C04466346} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-14] (Adobe Systems Incorporated)
Task: {483C9D60-8806-45CF-8B01-72EE7F4D3E8F} - System32\Tasks\{AB9CB166-5FEB-463E-9CDC-BAA086ABD6A5} => Chrome.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {492342DE-17D0-4C7E-8576-FB4214745545} - System32\Tasks\{28B61BAE-731A-409C-B41F-F91B4114AD41} => Chrome.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {4AC1717B-4793-48EC-A5DC-0F48BB94EC32} - System32\Tasks\{6DCA92D4-CAF7-49CF-8C2D-259CA84DC0B3} => Chrome.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {4E515B67-9ADC-4DC9-AFE7-25D3A03A29A6} - System32\Tasks\{886D76A6-695E-42E5-BA76-95026AE6C36E} => Chrome.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {523B86D3-7A8E-47A3-8C6B-157CB9F7C535} - System32\Tasks\{1E2AD765-FBD0-47BA-8A41-4F8D61D12673} => Chrome.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {553869F7-684A-4859-8A7E-CE8BF15BDB25} - System32\Tasks\{F508F8F2-B3F9-474F-9D75-EFB2E9B39BA4} => Chrome.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {5A6EE17D-5D14-49D5-95D6-539F2225993C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2014-05-25] (Microsoft Corporation)
Task: {5BFF7BA8-D0BF-4A4F-B5E4-4438F2BC90E0} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {5C359994-C9EF-4BA5-BF03-38AD7A6AFDA5} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2014-05-25] (Microsoft Corporation)
Task: {5D4C4878-6A08-4BE1-97FA-352BED3C56E3} - System32\Tasks\MirageAgent => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [2011-01-29] (CyberLink)
Task: {5F11C770-D15D-4394-9701-E1A70BA9D5E3} - System32\Tasks\{C030E790-A3E2-481B-B038-4B9D5D73F3D3} => Chrome.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {621F9833-2999-4CB8-94AD-39325E27DBC4} - System32\Tasks\{27EDE355-27AF-4236-A482-971745035562} => Firefox.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {64C9AF3B-0302-41F4-94E2-23E4479B4A25} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-04-17] (Piriform Ltd)
Task: {68243B7D-4C97-4F0F-8307-78CEC81D4292} - System32\Tasks\{AA636692-185C-4378-9A27-251E08C36CC8} => Chrome.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {6970A788-3072-4363-854B-1FDCE76A8B8F} - System32\Tasks\dsmonitor => C:\Program Files (x86)\Uniblue\DriverScanner\dsmonitor.exe [2013-01-16] (Uniblue Systems Ltd)
Task: {6ADF7784-1C33-4184-A31D-BF95BA06376B} - System32\Tasks\{C2E3CD7D-8744-4DAB-894C-41DE8A6D311C} => Chrome.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {73BCF963-1B54-4458-8123-018E4A998F49} - System32\Tasks\{AE717783-2293-46A6-AE08-F11D993A7F08} => Chrome.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {73D14903-EB63-4B54-AB02-C2BCFEBD8DA2} - System32\Tasks\{1CF65D4A-EEE2-4F21-BE41-08C4F0A1C78D} => Chrome.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {78CE4E72-D9C8-47F0-8486-293FA5348138} - System32\Tasks\{33150A0E-0EA0-4D40-8756-D07558983C33} => Chrome.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {81BC46DC-2B0B-4CBF-91A2-1A3125BCA121} - System32\Tasks\{0433D7E4-6475-4C11-9F00-A31334B5AAE4} => Chrome.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {84F78AF7-1992-42F7-A622-08E55D374FCE} - System32\Tasks\{8575EC28-A805-46E4-B231-701867EB4A17} => Chrome.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {8B127166-6634-4039-98CD-C912D3D635A8} - System32\Tasks\{57F83323-A6F9-4459-AE84-2C64A01E6388} => Chrome.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {90641751-A41E-4D73-AE26-714ADAC29068} - System32\Tasks\{2A03A32E-0501-491D-AEE9-04234487F3BC} => Chrome.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {92ABA0C5-093C-4A17-902C-6D976D6BD1A9} - System32\Tasks\{7EA60878-DEA6-4EB2-BDA2-3DCEB3178613} => Chrome.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {A3338669-B1B8-4691-B37C-B05037875C23} - System32\Tasks\{0359F0FA-4511-49FC-AD82-C996701B8A4A} => Chrome.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {A39B890A-BEA9-4D71-9289-C8A9894E0C72} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-19] (Google Inc.)
Task: {A8147821-0450-48D1-B091-31613FC0909F} - System32\Tasks\{C5ED7D60-35AB-49E8-8B18-A21C2B0EC07B} => Chrome.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {A8CEE7CB-26B7-4B55-B4E1-671E8699851B} - System32\Tasks\{8CE0DD21-EE63-4C1F-932F-F3AE2BD58098} => Chrome.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {B06E0D15-4F64-4A55-B384-D32B6C5C43F1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-19] (Google Inc.)
Task: {B2BA78F9-2188-4533-8DBD-AF59C21C6083} - System32\Tasks\{8BF9F812-0B25-43D6-ACB0-BD42977C739B} => Chrome.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {B80E703F-3D65-4AE0-AEC6-CC4664B7E5F5} - System32\Tasks\{1E78F8CB-9057-4C0B-9D5F-E39F488365EB} => Chrome.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {B99FF234-46BB-4ED4-981F-7F3B411E6FD2} - System32\Tasks\{89B1FFC6-AFD2-4919-8CCF-C648426D571F} => Chrome.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {C55BC59E-9114-4DC5-92CC-C4AD555D7DAB} - System32\Tasks\{07835110-BE46-4EA7-8ACC-E39BD2DDC987} => Chrome.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {DD478098-52D3-421C-B0DA-99994BB4E537} - System32\Tasks\{FEB25F1F-A660-4ADC-9DF7-946A2C8581F9} => Chrome.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {E2BF9DDA-6E3A-48F0-89AA-F54454071057} - System32\Tasks\{B7540912-89BA-4F34-9387-9F978D8F3C9C} => Chrome.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {E3605201-0F32-49A7-A862-F48C4B83AEB5} - System32\Tasks\{D783FE8D-B639-4ADC-9642-4531A84C9241} => Firefox.exe hxxp://ui.skype.com/ui/0/5.9.0.123/de/go/help.faq.installer?LastError=1603
Task: {E4633EFE-508D-4E1B-9C50-7DEB87A04166} - System32\Tasks\{2FA2FB37-09A0-44D6-9E72-6941768374C7} => Chrome.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {E90B3540-8FB8-4B9E-A10F-10886AE49F56} - System32\Tasks\{B1078D7B-B1AF-4049-AE2E-F53B78683DFF} => Chrome.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {EE2F0BAC-9E3F-4BAE-933D-57394FD911F8} - System32\Tasks\{78A6FAC9-A5FE-45D0-86F0-63857789D283} => Chrome.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {F0806D8B-9454-47BD-B8DA-F716AD6F791B} - System32\Tasks\{F3162F0A-A1A6-4FC9-9E6A-7F7C56054BBD} => Chrome.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {F54DF2A7-53EB-4430-9EC5-3CA202868F34} - System32\Tasks\{CE8ABB97-29BF-40DC-A0C9-10C4D8D79B5E} => Chrome.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {F59A06A5-C39C-49C5-AF9F-878316C00135} - System32\Tasks\{2E4281EE-71B2-40B6-92D3-2A9D566B7C15} => Chrome.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {F7868855-485A-416E-AC52-71EDB1544B87} - System32\Tasks\{273B1B43-A7CC-4384-8C5D-F19B49F9561F} => Chrome.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\dsmonitor.job => C:\Program Files (x86)\Uniblue\DriverScanner\dsmonitor.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2012-07-22 16:20 - 2014-03-04 15:05 - 00116056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-03-21 04:01 - 2013-10-31 18:13 - 00102568 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2014-01-08 15:06 - 2014-04-15 03:39 - 00630952 _____ () C:\Program Files\Microsoft Office 15\ClientX64\StreamServer.dll
2011-02-16 19:56 - 2011-02-16 19:56 - 00202144 _____ () C:\Program Files (x86)\Lenovo\Onekey Theater\ActiveDetect64.dll
2011-02-16 20:01 - 2011-02-16 20:01 - 00156576 _____ () C:\Program Files (x86)\Lenovo\Onekey Theater\WindowsApiHookDll64.dll
2011-11-09 11:34 - 2011-11-09 11:34 - 01508192 _____ () C:\windows\system32\IcnOvrly.dll
2012-11-09 14:01 - 2013-08-20 17:35 - 00076888 _____ () C:\windows\SysWOW64\PnkBstrA.exe
2008-12-20 05:20 - 2011-11-09 11:43 - 00054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\HookLib.dll
2008-12-20 05:20 - 2011-11-09 11:43 - 00054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\kbdhook.dll
2011-11-09 10:53 - 2011-03-26 02:28 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2011-11-09 11:34 - 2011-11-09 11:34 - 00100256 _____ () C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeySupport.exe
2014-01-10 07:26 - 2014-01-10 07:26 - 01861968 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
2014-05-26 16:08 - 2014-05-26 16:08 - 02255872 _____ () C:\Program Files\AVAST Software\Avast\defs\14052602\algo.dll
2014-02-12 21:58 - 2014-02-12 21:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-12 21:58 - 2014-02-12 21:58 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2011-02-16 19:51 - 2011-02-16 19:51 - 00161696 _____ () C:\Program Files (x86)\Lenovo\Onekey Theater\ActiveDetect32.dll
2011-02-16 19:53 - 2011-02-16 19:53 - 00133024 _____ () C:\Program Files (x86)\Lenovo\Onekey Theater\WindowsApiHookDll32.dll
2013-06-18 13:07 - 2012-05-30 16:51 - 00699280 ____R () C:\PROGRAM FILES (X86)\NORTON IDENTITY SAFE\ENGINE\2013.4.0.10\wincfi39.dll
2011-11-09 11:34 - 2011-11-09 11:34 - 00013664 _____ () C:\Program Files (x86)\Lenovo\VeriFace\ChooseLang.dll
2014-05-08 13:22 - 2014-05-08 13:22 - 00019968 _____ () C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\locale\de_de\acrotray.deu
2014-02-23 01:21 - 2014-02-23 01:21 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-01-10 07:28 - 2014-01-10 07:28 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
2014-05-26 17:38 - 2014-05-26 17:38 - 00043008 _____ () C:\Users\Anton Peter\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpnvvizb.dll
2013-08-23 21:01 - 2013-08-23 21:01 - 25100288 _____ () C:\Users\Anton Peter\AppData\Roaming\Dropbox\bin\libcef.dll
2014-02-12 16:49 - 2014-02-12 16:49 - 00169472 _____ () C:\windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\3e27ac2000641918e7215d97c63e957d\IsdiInterop.ni.dll
2011-11-09 10:51 - 2011-01-12 19:56 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2014-05-10 22:23 - 2014-05-10 22:23 - 03839088 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\Users\Anton Peter\Lokale Einstellungen:VGUXlmBDHJsLWq2r4Ydf6
AlternateDataStreams: C:\Users\Anton Peter\AppData\Local:VGUXlmBDHJsLWq2r4Ydf6
AlternateDataStreams: C:\Users\Anton Peter\AppData\Local\Anwendungsdaten:VGUXlmBDHJsLWq2r4Ydf6
AlternateDataStreams: C:\Users\Anton Peter\AppData\Local\Temp:Ny0QAairCIKBDbaWgJdWFjVla
AlternateDataStreams: C:\Users\Anton Peter\AppData\Local\Temporary Internet Files:BIAUSTvekE9dhADWzQ0zyZ6f
==================== Safe Mode (whitelisted) ===================
==================== EXE Association (whitelisted) =============
==================== Disabled items from MSCONFIG ==============
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Google Calendar Sync.lnk => C:\windows\pss\Google Calendar Sync.lnk.CommonStartup
MSCONFIG\startupreg: EADM => "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: YouCam Mirage => "C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
MSCONFIG\startupreg: YouCam Tray => "C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe" /s
==================== Faulty Device Manager Devices =============
Name: Cisco AnyConnect VPN Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect VPN Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (05/26/2014 05:36:17 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/26/2014 04:50:49 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/26/2014 04:42:56 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/26/2014 00:21:42 AM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.18444 - There was a failure initializing profiling API attach infrastructure. This process will not allow a profiler to attach. HRESULT: 0x80004005. Process ID (decimal): 17456. Message ID: [0x2509].
Error: (05/26/2014 00:15:58 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (05/26/2014 00:15:56 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (05/26/2014 00:15:50 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (05/25/2014 11:36:52 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80004005
Error: (05/25/2014 05:21:35 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80004005
Error: (05/24/2014 11:22:00 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80004005
System errors:
=============
Error: (05/26/2014 04:50:26 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Windows Update" wurde nicht richtig gestartet.
Error: (05/26/2014 00:21:11 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "F06DEFF2-5B9C-490D-910F-35D3A91196222" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (05/26/2014 00:21:11 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "Systemk Service" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
Error: (05/26/2014 00:20:22 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "Systemk Service" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
Error: (05/21/2014 01:24:11 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Windows Update" wurde nicht richtig gestartet.
Error: (05/16/2014 03:28:35 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Intel(R) Management and Security Application User Notification Service" wurde nicht richtig gestartet.
Error: (05/16/2014 03:26:28 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Windows Update" wurde nicht richtig gestartet.
Error: (05/15/2014 01:54:36 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Windows Update" wurde nicht richtig gestartet.
Error: (05/15/2014 03:23:17 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
Error: (05/14/2014 01:04:11 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Windows Update" wurde nicht richtig gestartet.
Microsoft Office Sessions:
=========================
Error: (05/26/2014 05:36:17 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/26/2014 04:50:49 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/26/2014 04:42:56 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/26/2014 00:21:42 AM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.18444 - There was a failure initializing profiling API attach infrastructure. This process will not allow a profiler to attach. HRESULT: 0x80004005. Process ID (decimal): 17456. Message ID: [0x2509].
Error: (05/26/2014 00:15:58 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Anton Peter\Downloads\SoftonicDownloader_fuer_k-lite-codec-pack.exe
Error: (05/26/2014 00:15:56 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Anton Peter\Downloads\SoftonicDownloader_fuer_k-lite-codec-pack.exe
Error: (05/26/2014 00:15:50 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Anton Peter\Downloads\SoftonicDownloader_fuer_k-lite-codec-pack.exe
Error: (05/25/2014 11:36:52 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80004005
Error: (05/25/2014 05:21:35 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80004005
Error: (05/24/2014 11:22:00 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80004005
CodeIntegrity Errors:
===================================
Date: 2014-05-26 00:18:45.704
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-05-26 00:18:45.464
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-05-14 21:41:08.461
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-05-14 21:41:07.811
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-02-24 19:47:18.606
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-02-24 19:47:18.415
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-02-17 12:58:46.799
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-02-17 12:58:46.664
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-02-17 12:58:41.115
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-02-17 12:58:40.981
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Percentage of memory in use: 36%
Total physical RAM: 8135.86 MB
Available physical RAM: 5178.86 MB
Total Pagefile: 16269.9 MB
Available Pagefile: 13085.25 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:654.69 GB) (Free:314.39 GB) NTFS
Drive d: (LENOVO) (Fixed) (Total:29 GB) (Free:14.7 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 699 GB) (Disk ID: C1F94C06)
Partition 1: (Active) - (Size=200 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=655 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=29 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=15 GB) - (Type=12)
==================== End Of Log ============================
|
|
26.05.2014, 18:24
| #4 |
| | Win32 Injector-BSY[TRJ] AVAST VirenfundFRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-05-2014 02 Ran by XXXXXX (administrator) on XXXXXXX-PC on 26-05-2014 19:11:08 Running from C:\Users\XXXXXXX\Downloads Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard Internet Explorer Version 11 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe (Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Uniblue Systems Ltd) C:\Program Files (x86)\Uniblue\DriverScanner\dsmonitor.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (Symantec Corporation) C:\Program Files (x86)\Norton Identity Safe\Engine\2013.4.0.10\ccsvchst.exe (CyberLink) C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe () C:\Windows\SysWOW64\PnkBstrA.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Symantec Corporation) C:\Program Files (x86)\Norton Identity Safe\Engine\2013.4.0.10\ccsvchst.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Lenovo) C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe (Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe (Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe () C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeySupport.exe (Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Lenovo) C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe (Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Dropbox, Inc.) C:\Users\Anton Peter\AppData\Roaming\Dropbox\bin\Dropbox.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11786344 2011-03-28] (Realtek Semiconductor) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2712360 2011-03-21] (Synaptics Incorporated) HKLM\...\Run: [OnekeyStudio] => C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe [789920 2011-11-09] (Lenovo) HKLM\...\Run: [Lenovo EE Boot Optimizer] => C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe [206176 2011-11-09] (Lenovo) HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [9753024 2011-11-09] (Lenovo (Beijing) Limited) HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [5908928 2011-11-09] (Lenovo(beijing) Limited) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [499608 2011-03-30] (Adobe Systems Incorporated) HKLM\...\Run: [ShadowPlay] => C:\windows\system32\nvspcap64.dll [1225920 2014-04-30] (NVIDIA Corporation) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2199840 2014-04-30] (NVIDIA Corporation) HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2011-01-12] (Intel Corporation) HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation) HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2010-07-26] (CyberLink Corp.) HKLM-x32\...\Run: [VeriFaceManager] => C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe [329056 2011-11-09] (Lenovo) HKLM-x32\...\Run: [UpdatePRCShortCut] => C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe [222504 2009-05-13] (CyberLink Corp.) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated) HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.) HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) HKLM-x32\...\Run: [AdobeCS5.5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [1523360 2011-01-12] (Adobe Systems Incorporated) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [41336 2014-05-08] (Adobe Systems Incorporated) HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [840568 2014-05-08] (Adobe Systems Inc.) HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2014-04-03] (DivX, LLC) HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3888648 2014-05-26] (AVAST Software) HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] () HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-3143199781-2537010271-4102635995-1001\...\Run: [AdobeBridge] => [X] HKU\S-1-5-21-3143199781-2537010271-4102635995-1001\...\MountPoints2: E - E:\AutoRun.exe HKU\S-1-5-21-3143199781-2537010271-4102635995-1001\...\MountPoints2: {69f0672b-7615-11e3-bb24-b870f44c47a2} - E:\AutoRun.exe HKU\S-1-5-21-3143199781-2537010271-4102635995-1001\...\MountPoints2: {6d15c394-5c23-11e3-a302-b870f44c47a2} - E:\AutoRun.exe IFEO\bitguard.exe: [Debugger] tasklist.exe IFEO\bprotect.exe: [Debugger] tasklist.exe IFEO\bpsvc.exe: [Debugger] tasklist.exe IFEO\browserdefender.exe: [Debugger] tasklist.exe IFEO\browserprotect.exe: [Debugger] tasklist.exe IFEO\browsersafeguard.exe: [Debugger] tasklist.exe IFEO\dprotectsvc.exe: [Debugger] tasklist.exe IFEO\jumpflip: [Debugger] tasklist.exe IFEO\protectedsearch.exe: [Debugger] tasklist.exe IFEO\searchinstaller.exe: [Debugger] tasklist.exe IFEO\searchprotection.exe: [Debugger] tasklist.exe IFEO\searchprotector.exe: [Debugger] tasklist.exe IFEO\searchsettings.exe: [Debugger] tasklist.exe IFEO\searchsettings64.exe: [Debugger] tasklist.exe IFEO\snapdo.exe: [Debugger] tasklist.exe IFEO\stinst32.exe: [Debugger] tasklist.exe IFEO\stinst64.exe: [Debugger] tasklist.exe IFEO\umbrella.exe: [Debugger] tasklist.exe IFEO\utiljumpflip.exe: [Debugger] tasklist.exe IFEO\volaro: [Debugger] tasklist.exe IFEO\vonteera: [Debugger] tasklist.exe IFEO\websteroids.exe: [Debugger] tasklist.exe IFEO\websteroidsservice.exe: [Debugger] tasklist.exe Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk ShortcutTarget: Bluetooth.lnk -> C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe (Broadcom Corporation.) Startup: C:\Users\Anton Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk ShortcutTarget: Dropbox.lnk -> C:\Users\Anton Peter\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) Startup: C:\Users\Anton Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation) HKLM\...\AppCertDlls: [x86] -> C:\Program Files (x86)\Settings Manager\systemk\sysapcrt.dll HKLM\...\AppCertDlls: [x64] -> C:\Program Files (x86)\Settings Manager\systemk\x64\sysapcrt.dll ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://de.yahoo.com?fr=hp-avast&type=prc265 HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://de.yhs4.search.yahoo.com/yhs/search?type=prc265&hspart=avast&hsimp=yhs-001&p={searchTerms} HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://de.yahoo.com?fr=hp-avast&type=prc265 HKLM\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/ HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = https://de.yahoo.com?fr=hp-avast&type=prc265 SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = hxxp://www.default-search.net/search?sid=476&aid=122&itype=a&ver=12692&tm=358&src=ds&p={searchTerms} SearchScopes: HKLM-x32 - DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?type=prc265&hspart=avast&hsimp=yhs-001&p={searchTerms} SearchScopes: HKLM-x32 - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = hxxp://www.default-search.net/search?sid=476&aid=122&itype=a&ver=12692&tm=358&src=ds&p={searchTerms} SearchScopes: HKLM-x32 - {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?type=prc265&hspart=avast&hsimp=yhs-001&p={searchTerms} SearchScopes: HKCU - DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?type=prc265&hspart=avast&hsimp=yhs-001&p={searchTerms} SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = hxxp://www.default-search.net/search?sid=476&aid=122&itype=a&ver=12692&tm=358&src=ds&p={searchTerms} SearchScopes: HKCU - {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?type=prc265&hspart=avast&hsimp=yhs-001&p={searchTerms} BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation) BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) BHO: No Name - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - No File BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Norton Identity Protection - {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} - C:\Program Files (x86)\Norton Identity Safe\Engine\2013.4.0.10\coIEPlg.dll (Symantec Corporation) BHO-x32: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: No Name - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - No File BHO-x32: SmartSelect Class - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) Toolbar: HKLM-x32 - Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine\2013.4.0.10\coIEPlg.dll (Symantec Corporation) Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 FireFox: ======== FF ProfilePath: C:\Users\Anton Peter\AppData\Roaming\Mozilla\Firefox\Profiles\cnn757xn.default FF SearchEngineOrder.1: Yahoo! (Avast) FF Homepage: hxxp://google.de/ FF Keyword.URL: hxxp://de.yhs4.search.yahoo.com/yhs/search FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll () FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll () FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC) FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB) FF Plugin-x32: @esn/esnlaunch,version=2.1.7 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll (ESN Social Software AB) FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: Adobe Acrobat - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.) FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\McSiteAdvisor.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml FF Extension: ProxTube - Unblock YouTube - C:\Users\Anton Peter\AppData\Roaming\Mozilla\Firefox\Profiles\cnn757xn.default\Extensions\ich@maltegoetz.de [2013-12-12] FF Extension: Print pages to PDF - C:\Users\Anton Peter\AppData\Roaming\Mozilla\Firefox\Profiles\cnn757xn.default\Extensions\printPages2Pdf@reinhold.ripper [2013-09-16] FF Extension: LavaFox V2-Green - C:\Users\Anton Peter\AppData\Roaming\Mozilla\Firefox\Profiles\cnn757xn.default\Extensions\zigboom@ymail.com [2014-05-12] FF Extension: Settings Manager - C:\Users\Anton Peter\AppData\Roaming\Mozilla\Firefox\Profiles\cnn757xn.default\Extensions\{19D73812-1701-1B61-CBA2-12A70C87A0B0} [2014-05-26] FF Extension: 8 Ultimo - C:\Users\Anton Peter\AppData\Roaming\Mozilla\Firefox\Profiles\cnn757xn.default\Extensions\{2b6788a0-0ccd-11e1-be50-0800200c9a66} [2012-11-08] FF Extension: convert2mp3.net YouTube2MP3 Converter - C:\Users\Anton Peter\AppData\Roaming\Mozilla\Firefox\Profiles\cnn757xn.default\Extensions\info@convert2mp3.net.xpi [2013-12-19] FF Extension: NASA Night Launch - C:\Users\Anton Peter\AppData\Roaming\Mozilla\Firefox\Profiles\cnn757xn.default\Extensions\nasanightlaunch@example.com.xpi [2012-11-08] FF Extension: Save as PDF - C:\Users\Anton Peter\AppData\Roaming\Mozilla\Firefox\Profiles\cnn757xn.default\Extensions\save-as-pdf-ff@pdfcrowd.com.xpi [2013-02-19] FF Extension: Thumbnail Zoom Plus - C:\Users\Anton Peter\AppData\Roaming\Mozilla\Firefox\Profiles\cnn757xn.default\Extensions\thumbnailZoom@dadler.github.com.xpi [2013-10-27] FF Extension: Adblock Plus - C:\Users\Anton Peter\AppData\Roaming\Mozilla\Firefox\Profiles\cnn757xn.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-10-27] FF HKLM-x32\...\Firefox\Extensions: [{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}] - C:\Program Files (x86)\Adobe\Adobe Contribute CS5.1\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9} FF Extension: Adobe Contribute Toolbar - C:\Program Files (x86)\Adobe\Adobe Contribute CS5.1\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9} [2012-04-01] FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2012-04-01] FF HKLM-x32\...\Firefox\Extensions: [{ACAA314B-EEBA-48e4-AD47-84E31C44796C}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\ FF HKLM-x32\...\Firefox\Extensions: [{F04D2D30-776C-4d02-8627-8E4385ECA58D}] - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2013.2.1.33\coFFPlgn\ FF Extension: Norton Identity Safe Toolbar - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2013.2.1.33\coFFPlgn\ [] FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-02-23] Chrome: ======= CHR RestoreOnStartup: "hxxp://www.default-search.net?sid=476&aid=122&itype=a&ver=12692&tm=358&src=hmp" CHR StartupUrls: "hxxp://www.default-search.net?sid=476&aid=122&itype=a&ver=12692&tm=358&src=hmp" CHR DefaultSearchProvider: default-search.net CHR Extension: (avast! Online Security) - C:\Users\Anton Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-02-23] CHR Extension: (Google Wallet) - C:\Users\Anton Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23] CHR Extension: (Norton Identity Safe for Google Chrome™) - C:\Users\Anton Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\nppllibpnmahfaklnpggkibhkapjkeob [2013-02-19] CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Users\Anton Peter\AppData\Roaming\DVDVideoSoft\dvsYoutubeDownload.crx [2012-10-20] CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-05-11] CHR HKLM-x32\...\Chrome\Extension: [nppllibpnmahfaklnpggkibhkapjkeob] - C:\Program Files (x86)\Norton Identity Safe\Engine\2013.4.0.10\Exts\Chrome.crx [2013-06-18] ==================== Services (Whitelisted) ================= R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-05-11] (AVAST Software) R2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [970016 2011-05-12] (Broadcom Corporation.) R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2266296 2014-05-16] (Microsoft Corporation) R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation) R2 NCO; C:\Program Files (x86)\Norton Identity Safe\Engine\2013.4.0.10\ccSvcHst.exe [144368 2013-05-21] (Symantec Corporation) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1617696 2014-04-30] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21007192 2014-04-30] (NVIDIA Corporation) R2 PnkBstrA; C:\windows\SysWOW64\PnkBstrA.exe [76888 2013-08-20] () ==================== Drivers (Whitelisted) ==================== R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-05-11] () R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-05-11] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-05-11] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-05-11] () R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-05-15] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-05-15] (AVAST Software) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [85328 2014-05-15] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208416 2014-05-11] () R3 AVerPola; C:\Windows\System32\DRIVERS\AVerPola.sys [534144 2011-01-04] (AVerMedia TECHNOLOGIES, Inc.) R3 AVPolDIR; C:\Windows\System32\DRIVERS\AVPolDIR.sys [7168 2011-01-04] (AVerMedia TECHNOLOGIES, Inc.) S3 BTWDPAN; C:\Windows\System32\DRIVERS\btwdpan.sys [89640 2011-05-13] (Broadcom Corporation.) R1 ccSet_NST; C:\Windows\system32\drivers\NSTx64\7DD04000.00A\ccSetx64.sys [169048 2013-04-16] (Symantec Corporation) R3 DelayMan; C:\Windows\System32\DRIVERS\delayman.sys [20064 2011-11-09] (Ensurebit Inc.) R3 JmUsbCcgp; C:\Windows\System32\DRIVERS\jmccgp.sys [17880 2010-07-21] (JMicron Technology Corp.) R3 JmUsbVideo; C:\Windows\System32\Drivers\jmcam.sys [57816 2010-08-27] (JMicron Technology Corp.) R3 JmUsbVideo2; C:\Windows\System32\Drivers\jmcam_lo.sys [32088 2010-08-27] (JMicron Technology Corp.) R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-05-26] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [18776 2014-04-30] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation) S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-14] (Brother Industries Ltd.) R1 winioex; C:\Windows\System32\drivers\winioex.sys [15456 2011-11-09] (Ensurebit Inc.) U3 BcmSqlStartupSvc; U2 CLKMSVC10_3A60B698; U2 CLKMSVC10_C3B3B687; U2 DriverService; S3 ewusbnet; system32\DRIVERS\ewusbnet.sys [X] S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X] S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X] U2 iATAgentService; U2 idealife Update Service; U3 IGRS; U2 IviRegMgr; U2 Oasis2Service; U2 PCCarerService; U2 ReadyComm.DirectRouter; U2 RichVideo; U2 RtLedService; U2 SeaPort; U2 SoftwareService; U3 SQLWriter; ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-05-26 19:11 - 2014-05-26 19:11 - 00030229 _____ () C:\Users\Anton Peter\Downloads\FRST.txt 2014-05-26 19:11 - 2014-05-26 19:11 - 00000000 ____D () C:\FRST 2014-05-26 19:10 - 2014-05-26 19:10 - 02066944 _____ (Farbar) C:\Users\Anton Peter\Downloads\FRST64.exe 2014-05-26 17:14 - 2014-05-26 17:38 - 00122584 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys 2014-05-26 17:14 - 2014-05-26 17:14 - 00001066 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-05-26 17:14 - 2014-05-26 17:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-05-26 17:14 - 2014-05-26 17:14 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-05-26 17:14 - 2014-05-26 17:14 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-05-26 17:14 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys 2014-05-26 17:14 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys 2014-05-26 17:14 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys 2014-05-26 17:05 - 2014-05-26 17:05 - 00719128 _____ ( ) C:\Users\Anton Peter\Downloads\mbam-setup-2.0.2.1012_CB-DL-Manager.exe 2014-05-26 16:57 - 2014-05-26 16:57 - 00000000 __SHD () C:\Users\Anton Peter\AppData\Local\EmieUserList 2014-05-26 16:57 - 2014-05-26 16:57 - 00000000 __SHD () C:\Users\Anton Peter\AppData\Local\EmieSiteList 2014-05-26 00:19 - 2014-05-26 17:33 - 00000000 ____D () C:\Program Files (x86)\Settings Manager 2014-05-26 00:19 - 2013-12-01 15:10 - 00218200 _____ () C:\windows\SysWOW64\unrar.dll 2014-05-21 13:12 - 2014-05-26 17:34 - 00020212 _____ () C:\windows\PFRO.log 2014-05-16 16:20 - 2014-05-16 16:20 - 00000000 ____D () C:\Users\Anton Peter\AppData\Roaming\ARecEngine 2014-05-16 15:23 - 2014-05-26 17:38 - 00000000 ____D () C:\Users\Anton Peter\AppData\Roaming\DropboxMaster 2014-05-16 02:49 - 2014-05-06 06:40 - 23544320 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll 2014-05-16 02:49 - 2014-05-06 06:17 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb 2014-05-16 02:49 - 2014-05-06 05:25 - 17382912 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll 2014-05-16 02:49 - 2014-05-06 05:07 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb 2014-05-16 02:49 - 2014-05-06 05:00 - 00084992 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll 2014-05-16 02:49 - 2014-05-06 04:10 - 00069632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll 2014-05-15 14:02 - 2014-05-09 08:14 - 00477184 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll 2014-05-15 14:02 - 2014-05-09 08:11 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll 2014-05-15 14:02 - 2014-04-12 04:22 - 00155072 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys 2014-05-15 14:02 - 2014-04-12 04:22 - 00095680 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys 2014-05-15 14:02 - 2014-04-12 04:19 - 01460736 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll 2014-05-15 14:02 - 2014-04-12 04:19 - 00136192 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll 2014-05-15 14:02 - 2014-04-12 04:19 - 00031232 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe 2014-05-15 14:02 - 2014-04-12 04:19 - 00029184 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll 2014-05-15 14:02 - 2014-04-12 04:19 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll 2014-05-15 14:02 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll 2014-05-15 14:02 - 2014-04-12 04:10 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll 2014-05-15 14:02 - 2014-03-25 04:43 - 14175744 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll 2014-05-15 14:02 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll 2014-05-15 14:02 - 2014-03-04 11:47 - 05550016 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe 2014-05-15 14:02 - 2014-03-04 11:44 - 00728064 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll 2014-05-15 14:02 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) C:\windows\system32\objsel.dll 2014-05-15 14:02 - 2014-03-04 11:44 - 00424960 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll 2014-05-15 14:02 - 2014-03-04 11:44 - 00340992 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll 2014-05-15 14:02 - 2014-03-04 11:44 - 00314880 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll 2014-05-15 14:02 - 2014-03-04 11:44 - 00210944 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll 2014-05-15 14:02 - 2014-03-04 11:44 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll 2014-05-15 14:02 - 2014-03-04 11:44 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\wincredprovider.dll 2014-05-15 14:02 - 2014-03-04 11:43 - 00455168 _____ (Microsoft Corporation) C:\windows\system32\winlogon.exe 2014-05-15 14:02 - 2014-03-04 11:43 - 00057344 _____ (Microsoft Corporation) C:\windows\system32\cngprovider.dll 2014-05-15 14:02 - 2014-03-04 11:43 - 00056832 _____ (Microsoft Corporation) C:\windows\system32\adprovider.dll 2014-05-15 14:02 - 2014-03-04 11:43 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\capiprovider.dll 2014-05-15 14:02 - 2014-03-04 11:43 - 00052736 _____ (Microsoft Corporation) C:\windows\system32\dpapiprovider.dll 2014-05-15 14:02 - 2014-03-04 11:43 - 00044544 _____ (Microsoft Corporation) C:\windows\system32\dimsroam.dll 2014-05-15 14:02 - 2014-03-04 11:43 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll 2014-05-15 14:02 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe 2014-05-15 14:02 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe 2014-05-15 14:02 - 2014-03-04 11:17 - 00550912 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll 2014-05-15 14:02 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\windows\SysWOW64\objsel.dll 2014-05-15 14:02 - 2014-03-04 11:17 - 00259584 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll 2014-05-15 14:02 - 2014-03-04 11:17 - 00247808 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll 2014-05-15 14:02 - 2014-03-04 11:17 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll 2014-05-15 14:02 - 2014-03-04 11:17 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll 2014-05-15 14:02 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\cngprovider.dll 2014-05-15 14:02 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\windows\SysWOW64\adprovider.dll 2014-05-15 14:02 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\windows\SysWOW64\capiprovider.dll 2014-05-15 14:02 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\dpapiprovider.dll 2014-05-15 14:02 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\windows\SysWOW64\dimsroam.dll 2014-05-15 14:02 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\windows\SysWOW64\wincredprovider.dll 2014-05-15 14:02 - 2014-03-04 11:17 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll 2014-05-15 14:02 - 2014-03-04 11:16 - 00274944 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll 2014-05-15 03:25 - 2014-05-15 03:25 - 00000000 _____ () C:\windows\SysWOW64\sho1AFC.tmp 2014-05-14 22:24 - 2014-05-26 17:35 - 00002016 _____ () C:\windows\setupact.log 2014-05-14 22:24 - 2014-05-14 22:24 - 00000000 _____ () C:\windows\setuperr.log 2014-05-14 21:47 - 2014-05-14 21:47 - 00000000 ____D () C:\windows\pss 2014-05-14 21:46 - 2014-05-14 21:46 - 00000000 ____D () C:\Users\Anton Peter\Documents\CC Cleaner Registrys 2014-05-13 01:50 - 2014-05-13 01:50 - 00000000 ____D () C:\windows\SysWOW64\NV 2014-05-13 01:50 - 2014-05-13 01:50 - 00000000 ____D () C:\windows\system32\NV 2014-05-13 01:50 - 2014-05-13 01:50 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies 2014-05-13 01:45 - 2014-03-04 16:35 - 31474976 _____ (NVIDIA Corporation) C:\windows\system32\nvoglv64.dll 2014-05-13 01:45 - 2014-03-04 16:35 - 25255256 _____ (NVIDIA Corporation) C:\windows\system32\nvcompiler.dll 2014-05-13 01:45 - 2014-03-04 16:35 - 23716640 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvoglv32.dll 2014-05-13 01:45 - 2014-03-04 16:35 - 18302384 _____ (NVIDIA Corporation) C:\windows\system32\nvwgf2umx.dll 2014-05-13 01:45 - 2014-03-04 16:35 - 17755424 _____ (NVIDIA Corporation) C:\windows\system32\nvd3dumx.dll 2014-05-13 01:45 - 2014-03-04 16:35 - 17561544 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvcompiler.dll 2014-05-13 01:45 - 2014-03-04 16:35 - 15783992 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvwgf2um.dll 2014-05-13 01:45 - 2014-03-04 16:35 - 12708128 _____ (NVIDIA Corporation) C:\windows\system32\Drivers\nvlddmkm.sys 2014-05-13 01:45 - 2014-03-04 16:35 - 11636176 _____ (NVIDIA Corporation) C:\windows\system32\nvcuda.dll 2014-05-13 01:45 - 2014-03-04 16:35 - 11589272 _____ (NVIDIA Corporation) C:\windows\system32\nvopencl.dll 2014-05-13 01:45 - 2014-03-04 16:35 - 09728064 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvcuda.dll 2014-05-13 01:45 - 2014-03-04 16:35 - 09690424 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvopencl.dll 2014-05-13 01:45 - 2014-03-04 16:35 - 03143456 _____ (NVIDIA Corporation) C:\windows\system32\nvcuvid.dll 2014-05-13 01:45 - 2014-03-04 16:35 - 02958792 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvcuvid.dll 2014-05-13 01:45 - 2014-03-04 16:35 - 02783008 _____ (NVIDIA Corporation) C:\windows\system32\nvcuvenc.dll 2014-05-13 01:45 - 2014-03-04 16:35 - 02411976 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvcuvenc.dll 2014-05-13 01:45 - 2014-03-04 16:35 - 01885472 _____ (NVIDIA Corporation) C:\windows\system32\nvdispco6433523.dll 2014-05-13 01:45 - 2014-03-04 16:35 - 01516488 _____ (NVIDIA Corporation) C:\windows\system32\nvdispgenco6433523.dll 2014-05-13 01:45 - 2014-03-04 16:35 - 00892704 _____ (NVIDIA Corporation) C:\windows\system32\NvIFR64.dll 2014-05-13 01:45 - 2014-03-04 16:35 - 00877856 _____ (NVIDIA Corporation) C:\windows\system32\NvFBC64.dll 2014-05-13 01:45 - 2014-03-04 16:35 - 00863064 _____ (NVIDIA Corporation) C:\windows\SysWOW64\NvIFR.dll 2014-05-13 01:45 - 2014-03-04 16:35 - 00846168 _____ (NVIDIA Corporation) C:\windows\SysWOW64\NvFBC.dll 2014-05-13 01:45 - 2014-03-04 16:35 - 00353504 _____ (NVIDIA Corporation) C:\windows\system32\nvoglshim64.dll 2014-05-13 01:45 - 2014-03-04 16:35 - 00305600 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvoglshim32.dll 2014-05-13 01:45 - 2014-03-04 16:35 - 00033736 _____ (NVIDIA Corporation) C:\windows\system32\Drivers\nvpciflt.sys 2014-05-13 01:31 - 2014-03-31 18:42 - 00040392 _____ (NVIDIA Corporation) C:\windows\system32\Drivers\nvvad64v.sys 2014-05-13 01:31 - 2014-03-31 18:42 - 00034760 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvaudcap32v.dll 2014-05-13 01:28 - 2014-05-13 01:29 - 28033792 _____ (NVIDIA Corporation) C:\Users\Anton Peter\Downloads\GeForce_Experience_v2.0.1.0.exe 2014-05-11 17:07 - 2014-05-11 17:07 - 00043152 _____ (AVAST Software) C:\windows\avastSS.scr 2014-05-11 17:07 - 2014-05-11 17:07 - 00029208 _____ () C:\windows\system32\Drivers\aswHwid.sys 2014-05-10 22:23 - 2014-05-10 22:23 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-05-07 03:00 - 2014-05-16 15:15 - 00000000 ___SD () C:\windows\system32\CompatTel 2014-05-06 21:32 - 2014-05-06 21:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-05-06 21:32 - 2014-04-14 20:13 - 00096168 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll 2014-05-06 21:32 - 2014-04-14 20:05 - 00264616 _____ (Oracle Corporation) C:\windows\SysWOW64\javaws.exe 2014-05-06 21:32 - 2014-04-14 20:05 - 00175528 _____ (Oracle Corporation) C:\windows\SysWOW64\javaw.exe 2014-05-06 21:32 - 2014-04-14 20:04 - 00175016 _____ (Oracle Corporation) C:\windows\SysWOW64\java.exe 2014-05-06 21:31 - 2014-05-06 21:32 - 00004299 _____ () C:\windows\SysWOW64\jupdate-1.7.0_55-b14.log 2014-04-30 03:01 - 2014-03-06 11:31 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll 2014-04-30 03:01 - 2014-03-06 10:59 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll 2014-04-30 03:01 - 2014-03-06 10:57 - 00548352 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll 2014-04-30 03:01 - 2014-03-06 10:40 - 00051200 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll 2014-04-30 03:01 - 2014-03-06 10:39 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll 2014-04-30 03:01 - 2014-03-06 10:32 - 00574976 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll 2014-04-30 03:01 - 2014-03-06 10:29 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe 2014-04-30 03:01 - 2014-03-06 10:28 - 00752640 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll 2014-04-30 03:01 - 2014-03-06 10:09 - 00453120 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll 2014-04-30 03:01 - 2014-03-06 10:03 - 00586240 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe 2014-04-30 03:01 - 2014-03-06 10:02 - 00455168 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll 2014-04-30 03:01 - 2014-03-06 10:02 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll 2014-04-30 03:01 - 2014-03-06 09:56 - 00038400 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll 2014-04-30 03:01 - 2014-03-06 09:48 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll 2014-04-30 03:01 - 2014-03-06 09:46 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll 2014-04-30 03:01 - 2014-03-06 09:45 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll 2014-04-30 03:01 - 2014-03-06 09:42 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll 2014-04-30 03:01 - 2014-03-06 09:40 - 00440832 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll 2014-04-30 03:01 - 2014-03-06 09:38 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe 2014-04-30 03:01 - 2014-03-06 09:22 - 00367616 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll 2014-04-30 03:01 - 2014-03-06 09:21 - 00628736 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll 2014-04-30 03:01 - 2014-03-06 09:13 - 00032256 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-04-30 03:01 - 2014-03-06 09:07 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll 2014-04-30 03:01 - 2014-03-06 09:01 - 00244224 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll 2014-04-30 03:01 - 2014-03-06 08:46 - 00524288 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll 2014-04-30 03:00 - 2014-03-06 10:57 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll 2014-04-30 03:00 - 2014-03-06 10:53 - 02767360 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll 2014-04-30 03:00 - 2014-03-06 10:29 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe 2014-04-30 03:00 - 2014-03-06 10:15 - 00940032 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe 2014-04-30 03:00 - 2014-03-06 10:11 - 05784064 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll 2014-04-30 03:00 - 2014-03-06 10:01 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll 2014-04-30 03:00 - 2014-03-06 09:47 - 02178048 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll 2014-04-30 03:00 - 2014-03-06 09:46 - 04254720 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll 2014-04-30 03:00 - 2014-03-06 09:36 - 00592896 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll 2014-04-30 03:00 - 2014-03-06 09:11 - 02043904 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl 2014-04-30 03:00 - 2014-03-06 08:53 - 13551104 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll 2014-04-30 03:00 - 2014-03-06 08:40 - 01967104 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl 2014-04-30 03:00 - 2014-03-06 08:36 - 11745792 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll 2014-04-30 03:00 - 2014-03-06 08:22 - 02260480 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll 2014-04-30 03:00 - 2014-03-06 07:58 - 01400832 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll 2014-04-30 03:00 - 2014-03-06 07:50 - 00846336 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll 2014-04-30 03:00 - 2014-03-06 07:43 - 00704512 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll 2014-04-30 03:00 - 2014-03-06 07:41 - 01789440 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll 2014-04-30 03:00 - 2014-03-06 07:36 - 01143808 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll ==================== One Month Modified Files and Folders ======= 2014-05-26 19:11 - 2014-05-26 19:11 - 00030229 _____ () C:\Users\Anton Peter\Downloads\FRST.txt 2014-05-26 19:11 - 2014-05-26 19:11 - 00000000 ____D () C:\FRST 2014-05-26 19:10 - 2014-05-26 19:10 - 02066944 _____ (Farbar) C:\Users\Anton Peter\Downloads\FRST64.exe 2014-05-26 19:06 - 2012-10-17 15:34 - 00000884 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job 2014-05-26 18:59 - 2013-02-19 14:26 - 00001120 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-05-26 18:22 - 2012-02-15 15:51 - 00000000 ____D () C:\Users\Anton Peter\AppData\Roaming\Dropbox 2014-05-26 17:58 - 2013-02-19 14:26 - 00001116 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-05-26 17:45 - 2009-07-14 06:45 - 00021072 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-05-26 17:45 - 2009-07-14 06:45 - 00021072 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-05-26 17:41 - 2011-11-09 10:39 - 01670540 _____ () C:\windows\WindowsUpdate.log 2014-05-26 17:38 - 2014-05-26 17:14 - 00122584 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys 2014-05-26 17:38 - 2014-05-16 15:23 - 00000000 ____D () C:\Users\Anton Peter\AppData\Roaming\DropboxMaster 2014-05-26 17:38 - 2012-02-15 15:54 - 00000000 ___RD () C:\Users\Anton Peter\Dropbox 2014-05-26 17:38 - 2011-11-09 11:41 - 00512212 _____ () C:\windows\system32\fastboot.set 2014-05-26 17:38 - 2011-11-09 11:34 - 00000000 ____D () C:\ProgramData\VeriFace 2014-05-26 17:35 - 2014-05-14 22:24 - 00002016 _____ () C:\windows\setupact.log 2014-05-26 17:35 - 2014-02-23 01:32 - 00000352 _____ () C:\windows\Tasks\dsmonitor.job 2014-05-26 17:35 - 2012-02-15 19:17 - 02798276 _____ () C:\FaceProv.log 2014-05-26 17:34 - 2014-05-21 13:12 - 00020212 _____ () C:\windows\PFRO.log 2014-05-26 17:34 - 2009-07-14 07:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT 2014-05-26 17:33 - 2014-05-26 00:19 - 00000000 ____D () C:\Program Files (x86)\Settings Manager 2014-05-26 17:16 - 2012-02-15 16:49 - 00003974 _____ () C:\windows\System32\Tasks\User_Feed_Synchronization-{FDABD589-98A4-45B8-A1D5-C03A013B778B} 2014-05-26 17:14 - 2014-05-26 17:14 - 00001066 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-05-26 17:14 - 2014-05-26 17:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-05-26 17:14 - 2014-05-26 17:14 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-05-26 17:14 - 2014-05-26 17:14 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-05-26 17:05 - 2014-05-26 17:05 - 00719128 _____ ( ) C:\Users\Anton Peter\Downloads\mbam-setup-2.0.2.1012_CB-DL-Manager.exe 2014-05-26 16:57 - 2014-05-26 16:57 - 00000000 __SHD () C:\Users\Anton Peter\AppData\Local\EmieUserList 2014-05-26 16:57 - 2014-05-26 16:57 - 00000000 __SHD () C:\Users\Anton Peter\AppData\Local\EmieSiteList 2014-05-26 16:52 - 2012-07-22 10:56 - 00000000 ____D () C:\ProgramData\Microsoft Help 2014-05-26 16:46 - 2014-01-08 15:06 - 00000000 ____D () C:\Program Files\Microsoft Office 15 2014-05-26 16:45 - 2012-11-08 14:35 - 00001139 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2014-05-26 16:43 - 2014-02-23 01:21 - 00004182 _____ () C:\windows\System32\Tasks\avast! Emergency Update 2014-05-26 16:25 - 2012-02-15 15:51 - 00000000 ____D () C:\Users\Anton Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox 2014-05-26 16:25 - 2012-02-15 12:19 - 00000000 ___RD () C:\Users\Anton Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2014-05-25 16:50 - 2012-02-15 17:04 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk 2014-05-23 01:49 - 2012-02-26 15:12 - 00000000 ____D () C:\Users\Anton Peter\AppData\Local\CrashDumps 2014-05-21 13:29 - 2013-05-22 17:44 - 00001986 _____ () C:\Users\Public\Desktop\Adobe Acrobat X Pro.lnk 2014-05-21 13:29 - 2012-04-01 11:36 - 00002465 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller X.lnk 2014-05-21 13:29 - 2012-04-01 11:36 - 00002453 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat X Pro.lnk 2014-05-21 13:29 - 2012-04-01 11:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe LiveCycle ES2 2014-05-21 03:21 - 2013-08-20 04:49 - 00000000 ____D () C:\ProgramData\Origin 2014-05-16 20:26 - 2013-08-20 04:49 - 00000000 ____D () C:\Program Files (x86)\Origin 2014-05-16 19:33 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\rescache 2014-05-16 16:33 - 2014-01-12 20:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013 2014-05-16 16:22 - 2014-02-23 01:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX 2014-05-16 16:22 - 2012-06-11 17:56 - 00000000 ____D () C:\Program Files (x86)\DivX 2014-05-16 16:22 - 2012-06-11 17:53 - 00000000 ____D () C:\ProgramData\DivX 2014-05-16 16:20 - 2014-05-16 16:20 - 00000000 ____D () C:\Users\Anton Peter\AppData\Roaming\ARecEngine 2014-05-16 15:20 - 2012-02-15 12:19 - 00000000 ___RD () C:\Users\Anton Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools 2014-05-16 15:15 - 2014-05-07 03:00 - 00000000 ___SD () C:\windows\system32\CompatTel 2014-05-16 02:47 - 2013-08-20 04:56 - 00000000 ____D () C:\windows\system32\MRT 2014-05-16 02:44 - 2012-02-15 12:40 - 93223848 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe 2014-05-15 13:55 - 2014-02-23 01:21 - 01039096 _____ (AVAST Software) C:\windows\system32\Drivers\aswsnx.sys 2014-05-15 13:55 - 2014-02-23 01:21 - 00423240 _____ (AVAST Software) C:\windows\system32\Drivers\aswsp.sys 2014-05-15 13:55 - 2014-02-23 01:21 - 00085328 _____ (AVAST Software) C:\windows\system32\Drivers\aswstm.sys 2014-05-15 03:25 - 2014-05-15 03:25 - 00000000 _____ () C:\windows\SysWOW64\sho1AFC.tmp 2014-05-14 22:24 - 2014-05-14 22:24 - 00000000 _____ () C:\windows\setuperr.log 2014-05-14 21:51 - 2012-09-27 11:14 - 00000000 ____D () C:\Users\Anton Peter\Documents\Wohnung 2014-05-14 21:47 - 2014-05-14 21:47 - 00000000 ____D () C:\windows\pss 2014-05-14 21:47 - 2009-07-14 05:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup 2014-05-14 21:46 - 2014-05-14 21:46 - 00000000 ____D () C:\Users\Anton Peter\Documents\CC Cleaner Registrys 2014-05-14 02:06 - 2012-10-17 15:34 - 00692400 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe 2014-05-14 02:06 - 2012-10-17 15:34 - 00003822 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater 2014-05-14 02:06 - 2012-02-15 16:11 - 00070832 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-05-14 01:17 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\system32\NDF 2014-05-13 01:50 - 2014-05-13 01:50 - 00000000 ____D () C:\windows\SysWOW64\NV 2014-05-13 01:50 - 2014-05-13 01:50 - 00000000 ____D () C:\windows\system32\NV 2014-05-13 01:50 - 2014-05-13 01:50 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies 2014-05-13 01:50 - 2011-11-09 10:56 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation 2014-05-13 01:49 - 2011-11-09 10:57 - 00000000 ____D () C:\ProgramData\NVIDIA 2014-05-13 01:36 - 2013-08-13 21:12 - 00000000 ____D () C:\Users\Anton Peter\AppData\Local\NVIDIA 2014-05-13 01:33 - 2013-08-13 21:11 - 00001311 _____ () C:\Users\Public\Desktop\GeForce Experience.lnk 2014-05-13 01:31 - 2013-12-09 19:08 - 00000000 ____D () C:\Users\Anton Peter\AppData\Local\NVIDIA Corporation 2014-05-13 01:31 - 2011-11-09 10:56 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation 2014-05-13 01:29 - 2014-05-13 01:28 - 28033792 _____ (NVIDIA Corporation) C:\Users\Anton Peter\Downloads\GeForce_Experience_v2.0.1.0.exe 2014-05-12 07:26 - 2014-05-26 17:14 - 00091352 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys 2014-05-12 07:26 - 2014-05-26 17:14 - 00063704 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys 2014-05-12 07:25 - 2014-05-26 17:14 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys 2014-05-11 17:07 - 2014-05-11 17:07 - 00043152 _____ (AVAST Software) C:\windows\avastSS.scr 2014-05-11 17:07 - 2014-05-11 17:07 - 00029208 _____ () C:\windows\system32\Drivers\aswHwid.sys 2014-05-11 17:07 - 2014-02-23 01:21 - 01039096 _____ (AVAST Software) C:\windows\system32\Drivers\aswsnx.sys.1400154877624 2014-05-11 17:07 - 2014-02-23 01:21 - 00423240 _____ (AVAST Software) C:\windows\system32\Drivers\aswsp.sys.1400154877624 2014-05-11 17:07 - 2014-02-23 01:21 - 00334648 _____ (AVAST Software) C:\windows\system32\aswBoot.exe 2014-05-11 17:07 - 2014-02-23 01:21 - 00208416 _____ () C:\windows\system32\Drivers\aswVmm.sys 2014-05-11 17:07 - 2014-02-23 01:21 - 00093568 _____ (AVAST Software) C:\windows\system32\Drivers\aswRdr2.sys 2014-05-11 17:07 - 2014-02-23 01:21 - 00079184 _____ (AVAST Software) C:\windows\system32\Drivers\aswMonFlt.sys 2014-05-11 17:07 - 2014-02-23 01:21 - 00065776 _____ () C:\windows\system32\Drivers\aswRvrt.sys 2014-05-11 15:37 - 2012-11-08 14:35 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-05-10 22:35 - 2012-02-25 12:34 - 00000000 ____D () C:\Program Files (x86)\Steam 2014-05-10 22:33 - 2013-05-21 14:02 - 00000822 _____ () C:\Users\Public\Desktop\CCleaner.lnk 2014-05-10 22:33 - 2013-05-21 14:02 - 00000000 ____D () C:\Program Files\CCleaner 2014-05-10 22:23 - 2014-05-10 22:23 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-05-09 08:14 - 2014-05-15 14:02 - 00477184 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll 2014-05-09 08:11 - 2014-05-15 14:02 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll 2014-05-06 21:32 - 2014-05-06 21:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-05-06 21:32 - 2014-05-06 21:31 - 00004299 _____ () C:\windows\SysWOW64\jupdate-1.7.0_55-b14.log 2014-05-06 21:32 - 2013-10-25 01:03 - 00000000 ____D () C:\ProgramData\Oracle 2014-05-06 21:32 - 2012-02-23 22:10 - 00000000 ____D () C:\Program Files (x86)\Java 2014-05-06 17:54 - 2013-02-19 14:26 - 00004116 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA 2014-05-06 17:53 - 2013-02-19 14:26 - 00003864 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore 2014-05-06 06:40 - 2014-05-16 02:49 - 23544320 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll 2014-05-06 06:17 - 2014-05-16 02:49 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb 2014-05-06 05:25 - 2014-05-16 02:49 - 17382912 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll 2014-05-06 05:07 - 2014-05-16 02:49 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb 2014-05-06 05:00 - 2014-05-16 02:49 - 00084992 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll 2014-05-06 04:10 - 2014-05-16 02:49 - 00069632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll 2014-04-30 20:27 - 2013-11-01 15:46 - 01081112 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvspcap.dll 2014-04-30 20:26 - 2013-11-01 15:46 - 01225920 _____ (NVIDIA Corporation) C:\windows\system32\nvspcap64.dll 2014-04-30 07:19 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\PolicyDefinitions 2014-04-29 21:42 - 2012-09-13 22:21 - 00000000 ____D () C:\Users\Anton Peter\Documents\Arbeit (Bahner) 2014-04-28 16:28 - 2012-02-15 13:25 - 00007598 _____ () C:\Users\Anton Peter\AppData\Local\Resmon.ResmonCfg Some content of TEMP: ==================== C:\Users\Anton Peter\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpnvvizb.dll C:\Users\Anton Peter\AppData\Local\Temp\ICReinstall_mbam-setup-2.0.2.1012_CB-DL-Manager.exe C:\Users\Anton Peter\AppData\Local\Temp\SettingsManagerSetup.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2014-05-19 01:20 ==================== End Of Log ============================ |
|
27.05.2014, 17:59
| #5 | |
| /// the machine /// TB-Ausbilder | Win32 Injector-BSY[TRJ] AVAST VirenfundZitat:
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Win32 Injector-BSY[TRJ] AVAST Virenfund |
| install.exe, preferences, pup.optional.aztecmedia.a, pup.optional.defaultsearch.a, pup.optional.iminent.a, pup.optional.linkey.a, pup.optional.opencandy, pup.optional.settingsmanager.a, pup.optional.softonic.a, pup.optional.systemk.a |
![Win32 Injector-BSY[TRJ] AVAST Virenfund](iconimages/plagegeister-aller-art-deren-bekaempfung/win32-injector-bsy-trj-avast-virenfund_ltr.gif)
Linear-Darstellung
