| |
| |||||||
Log-Analyse und Auswertung: Flash Player Update VirusWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
11.06.2014, 06:56
| #1 | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| |  Flash Player Update Virus Morgen TrojanerBoard Team, Seit kurzem habe ich das Problem wenn ich im Internet Surfe, dass sich der aktuelle Tab auf eine neue Seite lädt und dort dann die Meldung kommt die Seite kann nicht Angezeigt werden und man solle doch den Flashplayer aktualisieren wenn man die Seite nicht schnell genug schließt startet er einen automatischen Download. Und seit gestern Abend kann man das Internet kaum noch nutzen weil er das bei jeder Seite macht die man Öffnet. Ich habe die Logfiles mit Eset Online Scaner erstellt.
|
|
11.06.2014, 06:57
| #2 |
| /// the machine /// TB-Ausbilder    | Flash Player Update Virus hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
11.06.2014, 07:32
| #3 |
| | Flash Player Update Virus Hi,
__________________danke für die schnelle Antwort. Hier die FRST FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:11-06-2014
Ran by yannick (administrator) on YANNICK-PC on 11-06-2014 08:16:54
Running from C:\Users\yannick\Downloads
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Cherished Technololgy LIMITED) C:\ProgramData\IePluginService\PluginService.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EBAPI\eEBSvc.exe
(ABBYY) C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
(APN LLC.) C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVM Berlin) C:\Program Files\avmwlanstick\WLanNetService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
(Iminent) C:\Program Files\Common Files\Umbrella\Umbrella263.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
() C:\Users\yannick\AppData\Local\fst_de_6\upfst_de_6.exe
(JME) C:\Program Files\jmesoft\hotkey.exe
(Lenovo) C:\Program Files\Lenovo\HealthCare\HealthCare.exe
(CyberLink) C:\Program Files\Lenovo\Power2Go\CLMLSvc.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVM Berlin) C:\Program Files\avmwlanstick\WLanGUI.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Geek Software GmbH) C:\Program Files\PDF24\pdf24.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Akamai Technologies, Inc.) C:\Users\yannick\AppData\Local\Akamai\netsession_win.exe
(Sony) C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\w32x86\3\E_FATIHLE.EXE
() C:\Users\yannick\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Akamai Technologies, Inc.) C:\Users\yannick\AppData\Local\Akamai\netsession_win.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
() C:\Program Files\Sony\Sony PC Companion\PCCompanionInfo.exe
(OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.bin
(Valve Corporation) C:\Program Files\Steam\Steam.exe
(Valve Corporation) C:\Program Files\Common Files\Steam\SteamService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Freeven) C:\Program Files\MediaPlayerplus\MediaPlayerplus-bg.exe
(Freeven) C:\Program Files\Freeven pro 1.2\Freeven pro 1.2-bg.exe
() C:\Program Files\ConstaSurf\bin\utilConstaSurf.exe
() C:\Program Files\ConstaSurf\bin\ConstaSurf.PurBrowse.exe
() C:\Program Files\ConstaSurf\bin\ConstaSurf.BrowserAdapter.exe
() C:\Program Files\ConstaSurf\updateConstaSurf.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil32_11_7_700_224_ActiveX.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [Unattend0000000001{BFA3D12B-66DD-4617-923A-E864BC7D20B5}] => C:\Windows\test.bat
HKLM\...\Run: [jmekey] => C:\Program Files\jmesoft\hotkey.exe [114688 2009-07-16] (JME)
HKLM\...\Run: [Healthcare] => C:\Program Files\Lenovo\HealthCare\HealthCare.exe [827392 2009-09-28] (Lenovo)
HKLM\...\Run: [CLMLServer] => C:\Program Files\Lenovo\Power2Go\CLMLSvc.exe [103720 2009-06-03] (CyberLink)
HKLM\...\Run: [UpdateP2GoShortCut] => C:\Program Files\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
HKLM\...\Run: [SwitchBoard] => C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
HKLM\...\Run: [AdobeCS5ServiceManager] => "C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2010-11-29] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [421160 2011-06-07] (Apple Inc.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [10828392 2011-08-26] (Realtek Semiconductor)
HKLM\...\Run: [IMBooster] => C:\Program Files\Iminent\IMBooster\imbooster.exe /warmup
HKLM\...\Run: [avast] => C:\Program Files\AVAST Software\Avast\avastUI.exe [3744552 2011-11-28] (AVAST Software)
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [641704 2012-07-04] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [AMD AVT] => C:\Program Files\AMD AVT\bin\kdbsync.exe [20992 2012-03-19] ()
HKLM\...\Run: [HKLM] => C:\windows\system32\install\svchost.exe [1169224 2010-11-05] (Microsoft Corporation)
HKLM\...\Run: [AVMWlanClient] => C:\Program Files\avmwlanstick\wlangui.exe [2105344 2010-10-22] (AVM Berlin)
HKLM\...\Run: [ApnTBMon] => "C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
HKLM\...\Run: [PDFPrint] => C:\Program Files\PDF24\pdf24.exe [162856 2013-07-22] (Geek Software GmbH)
HKLM\...\Run: [fst_de_6] => "C:\Program Files\fst_de_6\fst_de_6.exe"
HKLM\...\Run: [Iminent] => C:\Program Files\Iminent\Iminent.exe /warmup "F77F87E5-A6BD-4922-A530-EDF63D7E9F8C"
HKLM\...\Run: [IminentMessenger] => C:\Program Files\Iminent\Iminent.Messengers.exe
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\RunOnce: [upfst_de_6.exe] - C:\Users\yannick\AppData\Local\fst_de_6\upfst_de_6.exe -runonce [3267536 2014-04-23] ()
HKLM\...\Policies\Explorer\Run: [Policies] => C:\windows\system32\install\svchost.exe [1169224 2010-11-05] ( (Microsoft Corporation))
HKU\.DEFAULT\...\RunOnce: [WLStart] - C:\Program Files\Windows Live\Installer\wlstart.exe [786760 2009-07-26] (Microsoft Corporation)
HKU\S-1-5-21-2025006070-1347641037-3508674067-1004\...\Run: [Steam] => C:\Program Files\Steam\steam.exe [1754816 2014-05-29] (Valve Corporation)
HKU\S-1-5-21-2025006070-1347641037-3508674067-1004\...\Run: [msnmsgr] => C:\Program Files\Windows Live\Messenger\msnmsgr.exe [4283256 2011-05-13] (Microsoft Corporation)
HKU\S-1-5-21-2025006070-1347641037-3508674067-1004\...\Run: [Akamai NetSession Interface] => C:\Users\yannick\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)
HKU\S-1-5-21-2025006070-1347641037-3508674067-1004\...\Run: [Sony PC Companion] => C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe [466144 2014-04-01] (Sony)
HKU\S-1-5-21-2025006070-1347641037-3508674067-1004\...\Run: [Epson Stylus SX235(Netzwerk)] => C:\windows\system32\spool\DRIVERS\W32X86\3\E_FATIHLE.EXE [212480 2011-01-21] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2025006070-1347641037-3508674067-1004\...\Run: [HKCU] => C:\windows\system32\install\svchost.exe [1169224 2010-11-05] (Microsoft Corporation)
HKU\S-1-5-21-2025006070-1347641037-3508674067-1004\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [20922016 2014-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-2025006070-1347641037-3508674067-1004\...\Run: [Raptr] => C:\Program Files\Raptr\raptrstub.exe [55360 2014-05-15] (Raptr, Inc)
HKU\S-1-5-21-2025006070-1347641037-3508674067-1004\...\Run: [BearShare] => "C:\Program Files\BearShare Applications\BearShare\BearShare.exe" --lightmode
HKU\S-1-5-21-2025006070-1347641037-3508674067-1004\...\Run: [Amazon Cloud Player] => C:\Users\yannick\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe [3145536 2014-05-08] ()
HKU\S-1-5-21-2025006070-1347641037-3508674067-1004\...\Policies\Explorer\Run: [Policies] => C:\windows\system32\install\svchost.exe [1169224 2010-11-05] (Microsoft Corporation)
HKU\S-1-5-21-2025006070-1347641037-3508674067-1004\...\MountPoints2: {7387cd9c-1565-11e2-b31d-4487fc9e57ac} - I:\Startme.exe
HKU\S-1-5-21-2025006070-1347641037-3508674067-1004\...\MountPoints2: {da0d761d-cdeb-11e2-bdb3-4487fc9e57ac} - I:\pushinst.exe
AppInit_DLLs: C:\PROGRA~1\SearchProtect\SearchProtect\bin\SPVC32Loader.dll => C:\Program Files\SearchProtect\SearchProtect\bin\SPVC32Loader.dll [171840 2014-05-23] (Client Connect LTD)
IFEO\DatamngrCoordinator.exe: [Debugger] tasklist.exe
Startup: C:\Users\yannick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk
ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.trovi.com/?gd=&ctid=CT3319733&octid=EB_ORIGINAL_CTID&ISID=M1BA6B614-115C-448C-A2DF-8A5CE66A4267&SearchSource=55&CUI=&UM=5&UP=SP07AF3300-791C-4601-9B8E-58A794567F02&SSPV=
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.bing.com/search?q={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://istart.webssearches.com/?type=hp&ts=1398507814&from=tugs&uid=ST3500418AS_5VMCWRRAXXXX5VMCWRRA
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1398507814&from=tugs&uid=ST3500418AS_5VMCWRRAXXXX5VMCWRRA&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://istart.webssearches.com/?type=hp&ts=1398507814&from=tugs&uid=ST3500418AS_5VMCWRRAXXXX5VMCWRRA
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://istart.webssearches.com/?type=hp&ts=1398507814&from=tugs&uid=ST3500418AS_5VMCWRRAXXXX5VMCWRRA
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://istart.webssearches.com/web/?type=ds&ts=1398507814&from=tugs&uid=ST3500418AS_5VMCWRRAXXXX5VMCWRRA&q={searchTerms}
URLSearchHook: HKCU - (No Name) - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - No File
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://istart.webssearches.com/?type=sc&ts=1398507814&from=tugs&uid=ST3500418AS_5VMCWRRAXXXX5VMCWRRA
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://www.bing.com/search?q={searchTerms}
SearchScopes: HKLM - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL =
SearchScopes: HKLM - {460C3D19-B3D4-4964-A550-77D263B0CCCB} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1398507814&from=tugs&uid=ST3500418AS_5VMCWRRAXXXX5VMCWRRA&q={searchTerms}
SearchScopes: HKLM - {BFFED5CA-8BDF-47CC-AED0-23F4E6D77732} URL = hxxp://search.iminent.com/?appId=0EF2FFF4-5EEA-4172-B406-9547B6EFF3E2&ref=toolbox&q={searchTerms}
SearchScopes: HKCU - DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3319733&octid=EB_ORIGINAL_CTID&ISID=M1BA6B614-115C-448C-A2DF-8A5CE66A4267&SearchSource=58&CUI=&UM=5&UP=SP07AF3300-791C-4601-9B8E-58A794567F02&q={searchTerms}&SSPV=
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://www.bing.com/search?q={searchTerms}
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3319733&octid=EB_ORIGINAL_CTID&ISID=M1BA6B614-115C-448C-A2DF-8A5CE66A4267&SearchSource=58&CUI=&UM=5&UP=SP07AF3300-791C-4601-9B8E-58A794567F02&q={searchTerms}&SSPV=
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://search.iminent.com/?appId=0EF2FFF4-5EEA-4172-B406-9547B6EFF3E2&ref=toolbox&q={searchTerms}
SearchScopes: HKCU - {460C3D19-B3D4-4964-A550-77D263B0CCCB} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1398507814&from=tugs&uid=ST3500418AS_5VMCWRRAXXXX5VMCWRRA&q={searchTerms}
SearchScopes: HKCU - {BFFED5CA-8BDF-47CC-AED0-23F4E6D77732} URL = hxxp://search.iminent.com/?appId=0EF2FFF4-5EEA-4172-B406-9547B6EFF3E2&ref=toolbox&q={searchTerms}
BHO: MediaPlayerplus - {11111111-1111-1111-1111-110511421146} - C:\Program Files\MediaPlayerplus\MediaPlayerplus-bho.dll (Freeven)
BHO: Freeven pro 1.2 - {11111111-1111-1111-1111-110511421153} - C:\Program Files\Freeven pro 1.2\Freeven pro 1.2-bho.dll (Freeven)
BHO: iminent Helper Object - {112BA211-334C-4A90-90EC-2AD1CDAB287C} - C:\Program Files\IminentToolbar\1.8.28.3\bh\iminent.dll No File
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: No Name - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - No File
BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: IMinent WebBooster (BHO) - {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} - C:\Program Files\Iminent\Minibar.InternetExplorer.BHOx86.dll No File
BHO: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO: delta Helper Object - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files\Delta\delta\1.8.10.0\bh\delta.dll No File
BHO: ConstaSurf - {d7356335-81bf-4769-bfbd-2e2889138641} - C:\Program Files\ConstaSurf\EDCE48AF-11E8-4769-BF6A-D2123918CC1C.dll (ConstaSurf)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: DVDVideoSoft IE Extension - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
Toolbar: HKLM - avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM - loadtbs - {DFEFCDEE-CF1A-4FC8-88AD-129872198372} - C:\Users\yannick\AppData\Roaming\loadtbs\toolbar.dll (InfiniAd GmbH)
Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} - No File
Toolbar: HKLM - Iminent Toolbar - {1FAFD711-ABF9-4F6A-8130-5166C7371427} - C:\Program Files\IminentToolbar\1.8.28.3\iminentTlbr.dll No File
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
Toolbar: HKCU - No Name - {40C3CC16-7269-4B32-9531-17F2950FB06F} - No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.8.1
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @java.com/DTPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin: @SonyCreativeSoftware.com/Media Go,version=1.0 - C:\Program Files\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @eximion.com/KalydoPlayer - C:\Users\yannick\AppData\Roaming\Kalydo\KalydoPlayer\bin2\npkalydo.dll (Eximion B.V.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\yannick\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: BearSharePlugin - C:\Program Files\BearShare Applications\BearShare\npBearSharePlugin.dll No File
FF HKCU\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files\Common Files\DVDVideoSoft\plugins\ff\
FF Extension: Download videos and MP3s from YouTube - C:\Program Files\Common Files\DVDVideoSoft\plugins\ff\ []
Chrome:
=======
CHR HomePage: hxxp://istart.webssearches.com/?type=hppp&ts=1402428578&from=tugs&uid=ST3500418AS_5VMCWRRAXXXX5VMCWRRA
CHR StartupUrls: "hxxp://istart.webssearches.com/?type=hppp&ts=1402428578&from=tugs&uid=ST3500418AS_5VMCWRRAXXXX5VMCWRRA"
CHR DefaultSearchKeyword: webssearches
CHR DefaultSearchProvider: webssearches
CHR DefaultSearchURL: hxxp://istart.webssearches.com/web/?type=dspp&ts=1402428578&from=tugs&uid=ST3500418AS_5VMCWRRAXXXX5VMCWRRA&q={searchTerms}
CHR DefaultNewTabURL:
CHR Extension: (Google Drive) - C:\Users\yannick\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-04-29]
CHR Extension: (YouTube) - C:\Users\yannick\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-04-29]
CHR Extension: (Google-Suche) - C:\Users\yannick\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-04-29]
CHR Extension: (Freeven pro 1.2) - C:\Users\yannick\AppData\Local\Google\Chrome\User Data\Default\Extensions\dmgpbjjcdccinnndjdgmegndbmhbgglb [2014-05-30]
CHR Extension: (avast! WebRep) - C:\Users\yannick\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda [2011-10-18]
CHR Extension: (MediaPlayerplus) - C:\Users\yannick\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd [2014-06-10]
CHR Extension: (Google Wallet) - C:\Users\yannick\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-21]
CHR Extension: (Google Mail) - C:\Users\yannick\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-04-29]
CHR HKLM\...\Chrome\Extension: [aaaajpkhjdkhhnkmgfjodbkfpbmibkkk] - C:\ProgramData\AskPartnerNetwork\Toolbar\ORJ-V7\CRX\ToolbarCR.crx [2014-04-29]
CHR HKLM\...\Chrome\Extension: [icmlaeflemplmjndnaapfdbbnpncnbda] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2011-09-20]
CHR HKLM\...\Chrome\Extension: [igdhbblpcellaljokkpfhcjlagemhgjl] - "C:\Program Files\Iminent\Iminent.crx" [2011-09-20]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2012-01-17]
CHR HKLM\...\Chrome\Extension: [ngnjhfpfhadncgafgbneeljaginimmmk] - C:\Users\yannick\AppData\Local\Temp\tbch.crx [2012-01-17]
CHR HKLM\...\Chrome\Extension: [pelmeidfhdlhlbjimpabfcbnnojbboma] - C:\Users\yannick\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv3.crx [2014-04-26]
CHR HKLM\...\Chrome\Extension: [plmlpkfpkijnlijgalnjaacllnjmoamo] - C:\Users\yannick\AppData\Local\Temp\tbch.crx [2014-04-26]
CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx [2014-04-18]
========================== Services (Whitelisted) =================
R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
R2 APNMCP; C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe [166352 2014-04-05] (APN LLC.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [44768 2011-11-28] (AVAST Software)
R2 AVM WLAN Connection Service; C:\Program Files\avmwlanstick\WlanNetService.exe [376832 2010-10-22] (AVM Berlin) [File not signed]
R2 EpsonBidirectionalService; C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe [94208 2006-12-19] (SEIKO EPSON CORPORATION) [File not signed]
R2 IePluginService; C:\ProgramData\IePluginService\PluginService.exe [705136 2014-04-11] (Cherished Technololgy LIMITED)
S4 MSSQLServerADHelper; c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [44384 2010-12-10] (Microsoft Corporation)
S3 npggsvc; C:\windows\system32\GameMon.des [4092408 2011-05-03] (INCA Internet Co., Ltd.) [File not signed]
S3 Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software)
R2 SProtection; C:\Program Files\Common Files\Umbrella\Umbrella263.exe [3088192 2014-05-28] (Iminent)
R2 Update ConstaSurf; C:\Program Files\ConstaSurf\updateConstaSurf.exe [317728 2014-06-11] ()
R2 Util ConstaSurf; C:\Program Files\ConstaSurf\bin\utilConstaSurf.exe [317728 2014-06-11] ()
S3 SwitchBoard; "C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [X]
==================== Drivers (Whitelisted) ====================
R2 aswFsBlk; C:\windows\system32\Drivers\aswFsBlk.sys [20568 2011-11-28] (AVAST Software)
R2 aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [55128 2011-11-28] (AVAST Software)
R1 aswRdr; C:\windows\system32\Drivers\aswRdr.sys [34392 2011-11-28] (AVAST Software)
R1 aswSnx; C:\windows\system32\Drivers\aswSnx.sys [435032 2011-11-28] (AVAST Software)
R1 aswSP; C:\windows\system32\Drivers\aswSP.sys [314456 2011-11-28] (AVAST Software)
R1 aswTdi; C:\windows\system32\Drivers\aswTdi.sys [52952 2011-11-28] (AVAST Software)
S3 avmeject; C:\windows\System32\drivers\avmeject.sys [4352 2010-10-01] (AVM Berlin) [File not signed]
S3 fwlanusb4; C:\windows\System32\DRIVERS\fwlanusb4.sys [926080 2010-10-01] (AVM GmbH)
S3 hamachi; C:\windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)
S3 InputFilter_Hid_FlexDef2b; C:\windows\System32\DRIVERS\InputFilter_FlexDef2b.sys [14848 2010-06-19] (Siliten)
S3 netr28u; C:\windows\System32\DRIVERS\netr28u.sys [657408 2009-07-14] (Ralink Technology Corp.)
S3 SCREAMINGBDRIVER; C:\windows\System32\drivers\ScreamingBAudio.sys [34896 2010-07-01] (Screaming Bee LLC)
R2 WinI2C-DDC; C:\windows\system32\drivers\DDCDrv.sys [16200 2009-03-02] (Nicomsoft Ltd.)
S3 wsvd; C:\windows\System32\DRIVERS\wsvd.sys [81704 2009-07-21] (CyberLink)
R1 {0782648b-1717-4fef-ac58-8cb3ce03adb3}w; C:\windows\System32\drivers\{0782648b-1717-4fef-ac58-8cb3ce03adb3}w.sys [52928 2014-06-09] (StdLib)
R1 {9acd1534-e8f8-40cb-b5ac-4996fe01175b}w; C:\windows\System32\drivers\{9acd1534-e8f8-40cb-b5ac-4996fe01175b}w.sys [52920 2014-04-24] (StdLib)
S3 EagleXNt; \??\C:\windows\system32\drivers\EagleXNt.sys [X]
S3 RTL8192su; system32\DRIVERS\RTL8192su.sys [X]
S3 XDva396; \??\C:\windows\system32\XDva396.sys [X]
S3 XDva400; \??\C:\windows\system32\XDva400.sys [X]
S3 XDva404; \??\C:\windows\system32\XDva404.sys [X]
S3 XDva407; \??\C:\windows\system32\XDva407.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-06-11 08:16 - 2014-06-11 08:17 - 00025488 _____ () C:\Users\yannick\Downloads\FRST.txt
2014-06-11 08:16 - 2014-06-11 08:17 - 00000000 ____D () C:\FRST
2014-06-11 08:14 - 2014-06-11 08:15 - 01072640 _____ (Farbar) C:\Users\yannick\Downloads\FRST.exe
2014-06-10 22:29 - 2014-06-10 22:29 - 00000000 ____D () C:\Program Files\ESET
2014-06-10 22:24 - 2014-06-10 22:26 - 02347384 _____ (ESET) C:\Users\yannick\Downloads\esetsmartinstaller_deu.exe
2014-06-10 21:48 - 2014-06-10 21:48 - 00000000 ____D () C:\Users\yannick\AppData\Local\{8BD49405-C7AB-4499-A485-4987181E6385}
2014-06-10 21:33 - 2014-06-10 21:33 - 00008256 _____ () C:\windows\DPINST.LOG
2014-06-10 21:32 - 2014-06-10 21:32 - 00000000 ____D () C:\Users\yannick\AppData\Local\{C4E4006D-7508-44E4-BD90-06DEEF3D803D}
2014-06-10 21:28 - 2014-06-10 21:28 - 00004272 _____ () C:\windows\PFRO.log
2014-06-10 20:37 - 2014-06-09 12:17 - 00052928 _____ (StdLib) C:\windows\system32\Drivers\{0782648b-1717-4fef-ac58-8cb3ce03adb3}w.sys
2014-06-10 20:30 - 2014-06-10 21:46 - 00000168 _____ () C:\windows\setupact.log
2014-06-10 20:30 - 2014-06-10 20:30 - 00000000 _____ () C:\windows\setuperr.log
2014-06-10 19:44 - 2014-06-10 19:45 - 00000000 ____D () C:\Program Files\Google
2014-06-10 19:32 - 2014-06-10 21:28 - 00000000 ____D () C:\Program Files\ConstaSurf
2014-06-10 19:31 - 2014-06-10 19:36 - 00000000 ____D () C:\Users\yannick\AppData\Roaming\Systweak
2014-06-10 19:31 - 2013-08-22 18:36 - 00018776 _____ (Systweak Inc., (www.systweak.com)) C:\windows\system32\roboot.exe
2014-06-10 17:36 - 2014-06-10 17:37 - 00000000 ____D () C:\Users\yannick\AppData\Local\Amazon Cloud Player
2014-06-10 17:36 - 2014-06-10 17:36 - 00001184 _____ () C:\Users\yannick\Desktop\Amazon Cloud Player.lnk
2014-06-10 17:36 - 2014-06-10 17:36 - 00000000 ____D () C:\Users\yannick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon Cloud Player
2014-06-10 14:05 - 2014-06-10 14:08 - 00001004 _____ () C:\Users\yannick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BearShare.lnk
2014-06-10 14:05 - 2014-06-10 14:05 - 00000000 ____D () C:\Users\yannick\AppData\Local\BearShare
2014-06-07 08:51 - 2014-06-07 08:51 - 00000000 ____D () C:\Users\yannick\AppData\Local\{09E9E3D6-9AA0-415D-96BB-E18E1280F397}
2014-06-06 21:05 - 2014-06-06 21:05 - 00000000 ____D () C:\Users\yannick\Documents\Diablo III
2014-06-06 18:22 - 2014-06-06 18:22 - 00001120 _____ () C:\Users\Public\Desktop\Diablo III.lnk
2014-06-06 18:22 - 2014-06-06 18:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III
2014-06-06 18:18 - 2014-06-09 12:41 - 00000000 ____D () C:\Program Files\Diablo III
2014-06-06 10:02 - 2014-06-06 10:02 - 00000000 ____D () C:\Users\yannick\AppData\Local\Blizzard
2014-06-06 09:20 - 2014-06-06 10:02 - 00000000 ____D () C:\Program Files\Hearthstone
2014-06-06 09:20 - 2014-06-06 09:20 - 00001119 _____ () C:\Users\Public\Desktop\Hearthstone.lnk
2014-06-06 09:20 - 2014-06-06 09:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone
2014-06-06 09:07 - 2014-06-10 13:43 - 00000000 ____D () C:\Users\yannick\AppData\Local\Battle.net
2014-06-06 09:07 - 2014-06-06 09:19 - 00000000 ____D () C:\Users\yannick\AppData\Roaming\Battle.net
2014-06-06 09:07 - 2014-06-06 09:07 - 00000000 ____D () C:\Users\yannick\AppData\Local\Blizzard Entertainment
2014-06-06 09:05 - 2014-06-06 09:05 - 00001082 _____ () C:\Users\Public\Desktop\Battle.net.lnk
2014-06-06 09:04 - 2014-06-06 09:07 - 00000000 ____D () C:\Program Files\Battle.net
2014-06-06 09:04 - 2014-06-06 09:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2014-05-22 14:32 - 2014-05-22 14:32 - 00000000 ____D () C:\ProgramData\Oracle
2014-05-22 14:32 - 2014-05-22 14:32 - 00000000 ____D () C:\Program Files\Common Files\Java
2014-05-22 14:31 - 2014-04-14 20:13 - 00094632 _____ (Oracle Corporation) C:\windows\system32\WindowsAccessBridge.dll
2014-05-22 14:31 - 2014-04-14 20:05 - 00264616 _____ (Oracle Corporation) C:\windows\system32\javaws.exe
2014-05-22 14:31 - 2014-04-14 20:05 - 00175528 _____ (Oracle Corporation) C:\windows\system32\javaw.exe
2014-05-22 14:31 - 2014-04-14 20:04 - 00175016 _____ (Oracle Corporation) C:\windows\system32\java.exe
2014-05-22 14:30 - 2014-05-22 14:31 - 00006043 _____ () C:\windows\system32\jupdate-1.7.0_55-b14.log
2014-05-22 14:30 - 2014-05-22 14:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-05-22 08:23 - 2014-05-22 08:23 - 00000000 ____D () C:\Users\yannick\AppData\Local\UWebKit
2014-05-22 08:23 - 2014-05-22 08:23 - 00000000 ____D () C:\ProgramData\boost_interprocess
2014-05-17 10:15 - 2014-05-17 10:15 - 00000213 _____ () C:\Users\yannick\Desktop\Dota 2.url
2014-05-15 03:27 - 2014-05-15 03:27 - 00000000 ____D () C:\Users\yannick\AppData\Local\{032C3304-528D-471F-8DE8-FDCF71E9E26A}
2014-05-15 03:03 - 2014-05-15 03:03 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-05-15 03:02 - 2014-05-06 05:25 - 17382912 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-05-15 03:02 - 2014-05-06 05:07 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-05-15 03:02 - 2014-05-06 04:10 - 00069632 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-05-14 11:42 - 2014-05-09 09:06 - 00369664 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-05-14 11:42 - 2014-05-09 09:04 - 00302592 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-05-14 11:41 - 2014-04-12 04:15 - 00136640 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2014-05-14 11:41 - 2014-04-12 04:15 - 00067520 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2014-05-14 11:41 - 2014-04-12 04:12 - 00100352 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2014-05-14 11:41 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2014-05-14 11:41 - 2014-04-12 04:12 - 00015872 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2014-05-14 11:41 - 2014-04-12 04:11 - 01059840 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2014-05-14 11:41 - 2014-04-12 04:11 - 00022528 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2014-05-14 11:41 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2014-05-14 11:41 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\windows\system32\ntkrnlpa.exe
2014-05-14 11:41 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2014-05-14 11:41 - 2014-03-04 11:17 - 00550912 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2014-05-14 11:41 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\windows\system32\objsel.dll
2014-05-14 11:41 - 2014-03-04 11:17 - 00304128 _____ (Microsoft Corporation) C:\windows\system32\winlogon.exe
2014-05-14 11:41 - 2014-03-04 11:17 - 00293376 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2014-05-14 11:41 - 2014-03-04 11:17 - 00259584 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2014-05-14 11:41 - 2014-03-04 11:17 - 00247808 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2014-05-14 11:41 - 2014-03-04 11:17 - 00172032 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2014-05-14 11:41 - 2014-03-04 11:17 - 00065536 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2014-05-14 11:41 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\windows\system32\cngprovider.dll
2014-05-14 11:41 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\windows\system32\adprovider.dll
2014-05-14 11:41 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\windows\system32\capiprovider.dll
2014-05-14 11:41 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\windows\system32\dpapiprovider.dll
2014-05-14 11:41 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\windows\system32\dimsroam.dll
2014-05-14 11:41 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\windows\system32\wincredprovider.dll
2014-05-14 11:41 - 2014-03-04 11:17 - 00017408 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2014-05-13 06:29 - 2014-05-13 07:23 - 00000000 ____D () C:\Users\yannick\Documents\dragoon
2014-05-13 06:28 - 2014-06-10 21:47 - 00000000 ____D () C:\Users\yannick\AppData\Roaming\Raptr
2014-05-13 06:28 - 2014-06-07 08:53 - 00000000 ____D () C:\Program Files\Raptr
2014-05-13 06:28 - 2014-05-13 06:28 - 00000000 ____D () C:\Users\yannick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Raptr
2014-05-13 06:28 - 2014-05-13 06:28 - 00000000 ____D () C:\Users\yannick\AppData\Roaming\library_dir
==================== One Month Modified Files and Folders =======
2014-06-11 08:17 - 2014-06-11 08:16 - 00025488 _____ () C:\Users\yannick\Downloads\FRST.txt
2014-06-11 08:17 - 2014-06-11 08:16 - 00000000 ____D () C:\FRST
2014-06-11 08:17 - 2011-06-10 15:06 - 00000000 ____D () C:\Users\yannick\AppData\Local\Temp
2014-06-11 08:15 - 2014-06-11 08:14 - 01072640 _____ (Farbar) C:\Users\yannick\Downloads\FRST.exe
2014-06-11 07:49 - 2011-10-18 01:09 - 00001100 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-11 06:58 - 2014-04-26 12:23 - 00000000 ____D () C:\Users\yannick\AppData\Local\fst_de_6
2014-06-11 06:58 - 2010-06-18 09:53 - 01105413 _____ () C:\windows\WindowsUpdate.log
2014-06-11 06:27 - 2014-04-26 12:27 - 00001528 _____ () C:\windows\Tasks\0e98351f-2d8e-459d-a4f9-c8ad5ef1d1fb-5.job
2014-06-11 06:27 - 2014-04-26 12:27 - 00001480 _____ () C:\windows\Tasks\4990dbc4-063d-41b4-a280-e9fab40f04de-5.job
2014-06-11 06:26 - 2014-04-26 12:25 - 00001456 _____ () C:\windows\Tasks\0e98351f-2d8e-459d-a4f9-c8ad5ef1d1fb-1.job
2014-06-11 06:26 - 2014-04-26 12:25 - 00001408 _____ () C:\windows\Tasks\4990dbc4-063d-41b4-a280-e9fab40f04de-1.job
2014-06-11 06:24 - 2014-04-26 12:24 - 00003112 _____ () C:\windows\Tasks\4990dbc4-063d-41b4-a280-e9fab40f04de-3.job
2014-06-11 06:24 - 2014-04-26 12:24 - 00003112 _____ () C:\windows\Tasks\0e98351f-2d8e-459d-a4f9-c8ad5ef1d1fb-3.job
2014-06-11 01:50 - 2009-07-14 04:04 - 00000580 _____ () C:\windows\win.ini
2014-06-10 22:29 - 2014-06-10 22:29 - 00000000 ____D () C:\Program Files\ESET
2014-06-10 22:26 - 2014-06-10 22:24 - 02347384 _____ (ESET) C:\Users\yannick\Downloads\esetsmartinstaller_deu.exe
2014-06-10 21:54 - 2009-07-14 06:34 - 00013424 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-10 21:54 - 2009-07-14 06:34 - 00013424 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-10 21:51 - 2014-04-26 12:27 - 00000000 ____D () C:\Program Files\SupTab
2014-06-10 21:49 - 2011-06-10 15:43 - 00000000 ____D () C:\Users\yannick\AppData\Roaming\Skype
2014-06-10 21:48 - 2014-06-10 21:48 - 00000000 ____D () C:\Users\yannick\AppData\Local\{8BD49405-C7AB-4499-A485-4987181E6385}
2014-06-10 21:48 - 2011-06-10 15:40 - 00000000 ____D () C:\Program Files\Steam
2014-06-10 21:48 - 2011-06-10 15:40 - 00000000 ____D () C:\Program Files\Common Files\Steam
2014-06-10 21:47 - 2014-05-13 06:28 - 00000000 ____D () C:\Users\yannick\AppData\Roaming\Raptr
2014-06-10 21:47 - 2011-10-18 01:09 - 00001096 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-10 21:47 - 2011-06-30 15:16 - 00000000 ____D () C:\Users\yannick\Tracing
2014-06-10 21:47 - 2009-07-14 06:53 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-06-10 21:46 - 2014-06-10 20:30 - 00000168 _____ () C:\windows\setupact.log
2014-06-10 21:33 - 2014-06-10 21:33 - 00008256 _____ () C:\windows\DPINST.LOG
2014-06-10 21:33 - 2014-03-26 14:04 - 00001972 _____ () C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
2014-06-10 21:33 - 2012-10-15 06:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2014-06-10 21:32 - 2014-06-10 21:32 - 00000000 ____D () C:\Users\yannick\AppData\Local\{C4E4006D-7508-44E4-BD90-06DEEF3D803D}
2014-06-10 21:32 - 2010-06-18 09:52 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-06-10 21:28 - 2014-06-10 21:28 - 00004272 _____ () C:\windows\PFRO.log
2014-06-10 21:28 - 2014-06-10 19:32 - 00000000 ____D () C:\Program Files\ConstaSurf
2014-06-10 21:28 - 2014-04-29 15:58 - 00000000 ____D () C:\Program Files\Common Files\Umbrella
2014-06-10 20:47 - 2014-04-26 12:24 - 00000000 ____D () C:\Program Files\MediaPlayerplus
2014-06-10 20:30 - 2014-06-10 20:30 - 00000000 _____ () C:\windows\setuperr.log
2014-06-10 20:26 - 2009-07-14 04:37 - 00000000 ____D () C:\windows\system32\LogFiles
2014-06-10 19:45 - 2014-06-10 19:44 - 00000000 ____D () C:\Program Files\Google
2014-06-10 19:45 - 2011-10-18 01:10 - 00002197 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-06-10 19:44 - 2011-06-10 15:37 - 00000000 ____D () C:\Users\yannick\AppData\Local\Deployment
2014-06-10 19:36 - 2014-06-10 19:31 - 00000000 ____D () C:\Users\yannick\AppData\Roaming\Systweak
2014-06-10 19:31 - 2014-05-03 12:27 - 00000000 ____D () C:\Program Files\SearchProtect
2014-06-10 19:26 - 2011-09-12 18:03 - 00000000 ____D () C:\Users\yannick\AppData\Local\CrashDumps
2014-06-10 17:37 - 2014-06-10 17:36 - 00000000 ____D () C:\Users\yannick\AppData\Local\Amazon Cloud Player
2014-06-10 17:36 - 2014-06-10 17:36 - 00001184 _____ () C:\Users\yannick\Desktop\Amazon Cloud Player.lnk
2014-06-10 17:36 - 2014-06-10 17:36 - 00000000 ____D () C:\Users\yannick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon Cloud Player
2014-06-10 14:08 - 2014-06-10 14:05 - 00001004 _____ () C:\Users\yannick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BearShare.lnk
2014-06-10 14:05 - 2014-06-10 14:05 - 00000000 ____D () C:\Users\yannick\AppData\Local\BearShare
2014-06-10 13:43 - 2014-06-06 09:07 - 00000000 ____D () C:\Users\yannick\AppData\Local\Battle.net
2014-06-10 08:52 - 2009-07-14 06:52 - 00000000 ____D () C:\windows\system32\FxsTmp
2014-06-09 12:41 - 2014-06-06 18:18 - 00000000 ____D () C:\Program Files\Diablo III
2014-06-09 12:17 - 2014-06-10 20:37 - 00052928 _____ (StdLib) C:\windows\system32\Drivers\{0782648b-1717-4fef-ac58-8cb3ce03adb3}w.sys
2014-06-07 08:58 - 2011-09-28 17:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2014-06-07 08:58 - 2011-09-28 17:23 - 00000000 ____D () C:\Program Files\DVDVideoSoft
2014-06-07 08:58 - 2011-08-04 22:51 - 00000000 ____D () C:\Users\yannick\AppData\Local\Conduit
2014-06-07 08:58 - 2011-06-14 01:16 - 00000000 ____D () C:\Users\yannick\AppData\Roaming\DVDVideoSoft
2014-06-07 08:58 - 2011-06-14 01:16 - 00000000 ____D () C:\Program Files\Common Files\DVDVideoSoft
2014-06-07 08:53 - 2014-05-13 06:28 - 00000000 ____D () C:\Program Files\Raptr
2014-06-07 08:51 - 2014-06-07 08:51 - 00000000 ____D () C:\Users\yannick\AppData\Local\{09E9E3D6-9AA0-415D-96BB-E18E1280F397}
2014-06-07 08:50 - 2014-04-26 12:26 - 00000000 ____D () C:\ProgramData\WPM
2014-06-06 21:05 - 2014-06-06 21:05 - 00000000 ____D () C:\Users\yannick\Documents\Diablo III
2014-06-06 18:22 - 2014-06-06 18:22 - 00001120 _____ () C:\Users\Public\Desktop\Diablo III.lnk
2014-06-06 18:22 - 2014-06-06 18:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III
2014-06-06 18:22 - 2012-03-29 13:08 - 00000000 ____D () C:\Program Files\Common Files\Blizzard Entertainment
2014-06-06 10:02 - 2014-06-06 10:02 - 00000000 ____D () C:\Users\yannick\AppData\Local\Blizzard
2014-06-06 10:02 - 2014-06-06 09:20 - 00000000 ____D () C:\Program Files\Hearthstone
2014-06-06 10:01 - 2012-03-29 13:08 - 00000000 ____D () C:\Program Files\StarCraft II
2014-06-06 09:34 - 2012-10-01 22:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II
2014-06-06 09:20 - 2014-06-06 09:20 - 00001119 _____ () C:\Users\Public\Desktop\Hearthstone.lnk
2014-06-06 09:20 - 2014-06-06 09:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone
2014-06-06 09:19 - 2014-06-06 09:07 - 00000000 ____D () C:\Users\yannick\AppData\Roaming\Battle.net
2014-06-06 09:07 - 2014-06-06 09:07 - 00000000 ____D () C:\Users\yannick\AppData\Local\Blizzard Entertainment
2014-06-06 09:07 - 2014-06-06 09:04 - 00000000 ____D () C:\Program Files\Battle.net
2014-06-06 09:05 - 2014-06-06 09:05 - 00001082 _____ () C:\Users\Public\Desktop\Battle.net.lnk
2014-06-06 09:05 - 2014-06-06 09:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2014-06-03 21:13 - 2014-05-03 12:26 - 00000000 ____D () C:\Users\yannick\Desktop\Neuer Ordner
2014-05-22 14:32 - 2014-05-22 14:32 - 00000000 ____D () C:\ProgramData\Oracle
2014-05-22 14:32 - 2014-05-22 14:32 - 00000000 ____D () C:\Program Files\Common Files\Java
2014-05-22 14:31 - 2014-05-22 14:30 - 00006043 _____ () C:\windows\system32\jupdate-1.7.0_55-b14.log
2014-05-22 14:31 - 2011-07-15 13:08 - 00000000 ____D () C:\Program Files\Java
2014-05-22 14:30 - 2014-05-22 14:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-05-22 11:59 - 2014-02-12 00:21 - 00000000 ____D () C:\Users\yannick\AppData\Local\DayZ
2014-05-22 08:23 - 2014-05-22 08:23 - 00000000 ____D () C:\Users\yannick\AppData\Local\UWebKit
2014-05-22 08:23 - 2014-05-22 08:23 - 00000000 ____D () C:\ProgramData\boost_interprocess
2014-05-18 00:26 - 2014-04-26 12:24 - 00000000 ____D () C:\Program Files\Freeven pro 1.2
2014-05-17 10:15 - 2014-05-17 10:15 - 00000213 _____ () C:\Users\yannick\Desktop\Dota 2.url
2014-05-15 05:21 - 2013-08-15 03:10 - 00000000 ____D () C:\windows\system32\MRT
2014-05-15 03:52 - 2009-07-14 04:37 - 00000000 ____D () C:\windows\rescache
2014-05-15 03:37 - 2009-07-14 04:37 - 00000000 ____D () C:\windows\Microsoft.NET
2014-05-15 03:27 - 2014-05-15 03:27 - 00000000 ____D () C:\Users\yannick\AppData\Local\{032C3304-528D-471F-8DE8-FDCF71E9E26A}
2014-05-15 03:23 - 2014-05-06 21:52 - 00000000 ___SD () C:\windows\system32\CompatTel
2014-05-15 03:23 - 2009-07-14 04:37 - 00000000 ____D () C:\windows\system32\de-DE
2014-05-15 03:07 - 2010-06-18 10:08 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-05-15 03:04 - 2011-09-12 05:09 - 90547776 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-05-15 03:03 - 2014-05-15 03:03 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-05-13 07:23 - 2014-05-13 06:29 - 00000000 ____D () C:\Users\yannick\Documents\dragoon
2014-05-13 06:28 - 2014-05-13 06:28 - 00000000 ____D () C:\Users\yannick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Raptr
2014-05-13 06:28 - 2014-05-13 06:28 - 00000000 ____D () C:\Users\yannick\AppData\Roaming\library_dir
2014-05-13 06:05 - 2013-08-22 19:41 - 00000000 ____D () C:\ProgramData\Solid State Networks
2014-05-12 14:19 - 2009-07-14 06:52 - 00000000 ____D () C:\Program Files\Microsoft Games
Files to move or delete:
====================
C:\ProgramData\flashax10.exe
Some content of TEMP:
====================
C:\Users\yannick\AppData\Local\Temp\12-6-legacy_vista_win7_32_dd_ccc_whql.exe
C:\Users\yannick\AppData\Local\Temp\6_Offer_9.exe
C:\Users\yannick\AppData\Local\Temp\APNSetup.exe
C:\Users\yannick\AppData\Local\Temp\AskSLib.dll
C:\Users\yannick\AppData\Local\Temp\BackupSetup.exe
C:\Users\yannick\AppData\Local\Temp\contentDATs.exe
C:\Users\yannick\AppData\Local\Temp\converter.exe
C:\Users\yannick\AppData\Local\Temp\dlLogic.exe
C:\Users\yannick\AppData\Local\Temp\dltr.exe
C:\Users\yannick\AppData\Local\Temp\DseShExt-x86.dll
C:\Users\yannick\AppData\Local\Temp\EBU793A.exe
C:\Users\yannick\AppData\Local\Temp\EBU83E4.DLL
C:\Users\yannick\AppData\Local\Temp\f.exe
C:\Users\yannick\AppData\Local\Temp\FileSystemView.dll
C:\Users\yannick\AppData\Local\Temp\GCVerifier.dll
C:\Users\yannick\AppData\Local\Temp\gkc.exe
C:\Users\yannick\AppData\Local\Temp\i4jdel0.exe
C:\Users\yannick\AppData\Local\Temp\i4jdel1.exe
C:\Users\yannick\AppData\Local\Temp\kpinstaller.exe
C:\Users\yannick\AppData\Local\Temp\nse4A50.exe
C:\Users\yannick\AppData\Local\Temp\nseAE68.exe
C:\Users\yannick\AppData\Local\Temp\nso4D4D.exe
C:\Users\yannick\AppData\Local\Temp\nsp23AB.exe
C:\Users\yannick\AppData\Local\Temp\nsp2754.exe
C:\Users\yannick\AppData\Local\Temp\nspB166.exe
C:\Users\yannick\AppData\Local\Temp\nsz9E9B.exe
C:\Users\yannick\AppData\Local\Temp\nszA4B4.exe
C:\Users\yannick\AppData\Local\Temp\pdf24-creator-update.exe
C:\Users\yannick\AppData\Local\Temp\SDShelEx-win32.dll
C:\Users\yannick\AppData\Local\Temp\SearchProtectINT.exe
C:\Users\yannick\AppData\Local\Temp\sonarinst.exe
C:\Users\yannick\AppData\Local\Temp\swt-win32-3349.dll
C:\Users\yannick\AppData\Local\Temp\tbWinl.dll
C:\Users\yannick\AppData\Local\Temp\ubiE610.tmp.exe
C:\Users\yannick\AppData\Local\Temp\uninst1.exe
C:\Users\yannick\AppData\Local\Temp\Uninstaller-4340.exe
C:\Users\yannick\AppData\Local\Temp\verifier.exe
==================== Bamital & volsnap Check =================
C:\windows\explorer.exe => File is digitally signed
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-06-08 00:58
==================== End Of Log ============================
Hier die Addition Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x86) Version:11-06-2014
Ran by yannick at 2014-06-11 08:18:29
Running from C:\Users\yannick\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: avast! Antivirus (Enabled - Up to date) {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AS: avast! Antivirus (Enabled - Up to date) {904CF271-6431-DA47-5FCE-A87D98DFB681}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
Update for Microsoft Office 2007 (KB2508958) (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version: - Microsoft)
2007 Microsoft Office system (HKLM\...\PROHYBRIDR) (Version: 12.0.6612.1000 - Microsoft Corporation)
ABBYY FineReader 9.0 Sprint (HKLM\...\ABBYY FineReader 9.0 Sprint) (Version: 9.01.513.58212 - ABBYY)
ABBYY FineReader 9.0 Sprint (Version: 9.01.513.58212 - ABBYY) Hidden
Adobe AIR (HKLM\...\Adobe AIR) (Version: 2.6.0.19140 - Adobe Systems Incorporated)
Adobe AIR (Version: 2.6.0.19140 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 11 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 11.7.700.224 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 11.7.700.224 - Adobe Systems Incorporated)
Akamai NetSession Interface (HKCU\...\Akamai) (Version: - Akamai Technologies, Inc)
Amazon Cloud Player (HKCU\...\Amazon Amazon Cloud Player) (Version: 2.4.0.33 - Amazon Services LLC)
AMD Accelerated Video Transcoding (Version: 12.5.100.20704 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 10.0.937.2 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{EAB74CB6-760C-2136-FC77-9549721FB84A}) (Version: 8.0.877.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Media Foundation Decoders (Version: 1.0.70704.0230 - Advanced Micro Devices, Inc.) Hidden
Apple Application Support (HKLM\...\{B3575D00-27EF-49C2-B9E0-14B3D954E992}) (Version: 1.5.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C23CD6DA-1958-43A5-ADD0-59396572E02E}) (Version: 3.4.1.2 - Apple Inc.)
Ask Toolbar (HKLM\...\{4F524A2D-5637-006A-76A7-A758B70C0A06}) (Version: 12.10.6.54 - APN, LLC) <==== ATTENTION
avast! Free Antivirus (HKLM\...\avast) (Version: 6.0.1367.0 - AVAST Software)
AVM FRITZ!WLAN (HKLM\...\AVMWLANCLI) (Version: - AVM Berlin)
Battle.net (HKLM\...\Battle.net) (Version: - Blizzard Entertainment)
Business Contact Manager für Outlook 2007 SP2 (HKLM\...\Business Contact Manager) (Version: 3.0.8619.1 - Microsoft Corporation)
Business Contact Manager für Outlook 2007 SP2 (Version: 3.0.8619.1 - Microsoft Corporation) Hidden
Camtasia Studio 7 (HKLM\...\{DE042823-C359-4B87-B66B-308057E8B6AF}) (Version: 7.0.1 - TechSmith Corporation)
Catalyst Control Center - Branding (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center (Version: 2012.0704.122.388 - Ihr Firmenname) Hidden
Catalyst Control Center Graphics Previews Common (Version: 2012.0704.122.388 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (Version: 2009.0710.1127.18698 - ATI Technologies, Inc.) Hidden
Catalyst Control Center InstallProxy (Version: 2012.0704.122.388 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (Version: 2012.0704.122.388 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (Version: 2012.0704.0121.388 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (Version: 2012.0704.0121.388 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (Version: 2012.0704.0121.388 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (Version: 2012.0704.0121.388 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (Version: 2012.0704.0121.388 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (Version: 2012.0704.0121.388 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (Version: 2012.0704.0121.388 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (Version: 2012.0704.0121.388 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (Version: 2012.0704.0121.388 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (Version: 2012.0704.0121.388 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (Version: 2012.0704.0121.388 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (Version: 2012.0704.0121.388 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (Version: 2012.0704.0121.388 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (Version: 2012.0704.0121.388 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (Version: 2012.0704.0121.388 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (Version: 2012.0704.0121.388 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (Version: 2012.0704.0121.388 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (Version: 2012.0704.0121.388 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (Version: 2012.0704.0121.388 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (Version: 2012.0704.0121.388 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (Version: 2012.0704.0121.388 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (Version: 2012.0704.0121.388 - Advanced Micro Devices, Inc.) Hidden
ccc-utility (Version: 2012.0704.122.388 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 3.07 - Piriform)
ConstaSurf (HKLM\...\ConstaSurf) (Version: 2014.06.10.170150 - ConstaSurf)
Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version: - Valve)
Counter-Strike: Source (HKLM\...\Steam App 240) (Version: - Valve)
CutePDF Writer 2.8 (HKLM\...\CutePDF Writer Installation) (Version: - )
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
DayZ (HKLM\...\Steam App 221100) (Version: - Bohemia Interactive)
Diablo III (HKLM\...\Diablo III) (Version: - Blizzard Entertainment)
Dota 2 (HKLM\...\Steam App 570) (Version: - Valve)
DriverTuner 3.1.0.0 (HKLM\...\{520C1D80-935C-42B9-9340-E883849D804F}_is1) (Version: 3.1.0.0 - LionSea SoftWare)
EAX4 Unified Redist (HKLM\...\{89661B04-C646-4412-B6D3-5E19F02F1F37}) (Version: 4.001 - Creative Labs)
EPSON Scan (HKLM\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
EPSON SX235 Series Printer Uninstall (HKLM\...\EPSON SX235 Series) (Version: - SEIKO EPSON Corporation)
EpsonNet Print (HKLM\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.5.00 - SEIKO EPSON CORPORATION)
Free YouTube to MP3 Converter version 3.12.32.327 (HKLM\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.32.327 - DVDVideoSoft Ltd.)
Freeven pro 1.2 (HKLM\...\Freeven pro 1.2) (Version: 1.34.4.10 - Freeven) <==== ATTENTION
fst_de_6 (HKLM\...\fst_de_6_is1) (Version: - free_soft_today)
Genesys USB Mass Storage Device (HKLM\...\{A1D8BA53-66A9-43CE-9CBD-63CFDC0316F1}) (Version: 1.0.0.0 - Genesys Logic)
Google Chrome (HKLM\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)
Google Update Helper (Version: 1.3.24.7 - Google Inc.) Hidden
Hearthstone (HKLM\...\Hearthstone) (Version: - Blizzard Entertainment)
Iminent (HKLM\...\IMBoosterARP) (Version: 8.18.1.1 - Iminent) <==== ATTENTION
Iminent (Version: 4.10.0.0 - Iminent) Hidden <==== ATTENTION
Iminent Toolbar on IE and Chrome (HKLM\...\iminent) (Version: 1.8.28.3 - IminentToolbar) <==== ATTENTION
iTunes (HKLM\...\{C897FCB3-2F8B-4185-8035-79E2AF3A92A4}) (Version: 10.3.1.55 - Apple Inc.)
Java 7 Update 55 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 22 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216022F0}) (Version: 6.0.220 - Oracle)
Java(TM) 6 Update 26 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216026FF}) (Version: 6.0.260 - Oracle)
JavaFX 2.1.1 (HKLM\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Junk Mail filter update (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kalydo Player 4.10.02 (HKCU\...\KalydoPlayer) (Version: 4.10.02 - Eximion B.V.)
Lavalon Dragonica (HKLM\...\Lavalon Dragonica1.0) (Version: 1.0 - LavalonDR)
League of Legends (HKLM\...\{918A9082-6287-4D25-9002-5E5D5E4971CB}) (Version: 1.02.0000 - Riot Games)
Lenovo Healthcare Software (HKLM\...\{9610EC3A-C7A0-4C31-9F3B-F9020C582B47}) (Version: 3.0.0.090928 - Lenovo)
Lenovo Power2Go (HKLM\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.3321a3 - CyberLink Corp.)
Lenovo Power2Go (Version: 6.0.3321a3 - CyberLink Corp.) Hidden
Lenovo Rescue System (HKLM\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 3.0.1029 - CyberLink Corp.)
Lenovo Rescue System (Version: 3.0.1029 - CyberLink Corp.) Hidden
Lenovo Software Instruction (HKLM\...\{A79C1D34-2831-4A5D-91C7-279EF892B5CF}) (Version: 1.0.0.090907 - Lenovo)
Lenovo Treiber- und Anwendungsinstallation (HKLM\...\{45970CD1-D599-47D4-938F-3E9800D54ED1}) (Version: 5.1.0.1126 - Lenovo)
LibreOffice 4.1.1.2 (HKLM\...\{F1EE568A-171F-4C06-9BE6-2395BED067A3}) (Version: 4.1.1.2 - The Document Foundation)
loadtbs-2.1 (HKLM\...\loadtbs-2.1) (Version: - )
LVT (HKLM\...\{D3063097-EC84-4D21-84A4-9D852E974355}) (Version: 4.1.1.0930 - Lenovo)
LXH-JME2207FN Hotkey Driver (HKLM\...\{42B21298-C850-4272-AFD9-636CBC005421}) (Version: 5.1.0804 - Lenovo)
Media Go (HKLM\...\{2BF9702B-52EE-4841-83C4-B5E640B6C97A}) (Version: 2.2.223 - Sony)
Media Go Video Playback Engine 1.92.170.06150 (HKLM\...\{A4F094CE-9B05-FB0C-DD73-A85DE5D8D283}) (Version: 1.92.170.06150 - Sony)
MediaPlayerplus (HKLM\...\MediaPlayerplus) (Version: 1.34.4.10 - Freeven) <==== ATTENTION
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1 (1033)) (Version: - )
Microsoft .NET Framework 1.1 (Version: 1.1.4322 - Microsoft) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Office 2003 Web Components (HKLM\...\{90A40407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8003.0 - Microsoft Corporation)
Microsoft Office 2007 Primary Interop Assemblies (HKLM\...\{50120000-1105-0000-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (Version: - Microsoft) Hidden
Microsoft Office Access MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Outlook MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Hybrid 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (Version: - Microsoft) Hidden
Microsoft Office Publisher MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Small Business Connectivity Components (HKLM\...\{A939D341-5A04-4E0A-BB55-3E65B386432D}) (Version: 2.0.7024.0 - Microsoft Corporation)
Microsoft Office Suite Activation Assistant (HKLM\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.7 - Microsoft Corporation)
Microsoft Office Word MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 (HKLM\...\Microsoft SQL Server 2005) (Version: - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2005 Express Edition (MSSMLBIZ) (Version: 9.4.5000.00 - Microsoft Corporation) Hidden
Microsoft SQL Server 2005 Tools Express Edition (Version: 9.4.5000.00 - Microsoft Corporation) Hidden
Microsoft SQL Server Native Client (HKLM\...\{F46E21DF-5BE1-48E2-8390-5EEA8B25E36A}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server Setup Support Files (English) (HKLM\...\{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{FDE96E86-7780-431C-92F7-679C6A7CEC51}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft_VC80_ATL_x86 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (Version: 1.00.0000 - Adobe) Hidden
MP4 To MP3 Converter V3.0.4 (HKLM\...\MP4 To MP3 Converter_is1) (Version: - hxxp://www.MP4ToMP3Converter.net)
MSVCRT (Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML4 Parser (HKLM\...\{01501EBA-EC35-4F9F-8889-3BE346E5DA13}) (Version: 1.0.0 - Microsoft Game Studios)
NVIDIA PhysX (HKLM\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation)
OpenOffice.org 3.3 (HKLM\...\{4286716B-1287-48E7-9078-3DC8248DBA96}) (Version: 3.3.9567 - OpenOffice.org)
PDF Settings CS5 (Version: 10.0 - Adobe Systems Incorporated) Hidden
PDF24 Creator 5.7.0 (HKLM\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
QuickTime (HKLM\...\{57752979-A1C9-4C02-856B-FBB27AC4E02C}) (Version: 7.69.80.9 - Apple Inc.)
Raptr (HKLM\...\Raptr) (Version: - )
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6449 - Realtek Semiconductor Corp.)
Search Protect (HKLM\...\SearchProtect) (Version: 2.13.3.38 - Client Connect LTD) <==== ATTENTION
Skype Click to Call (HKLM\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.9.9216 - Skype Technologies S.A.)
Skype™ 6.14 (HKLM\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
Sony Ericsson Update Engine (HKLM\...\Update Engine) (Version: 2.13.6.201305161305 - Sony Ericsson Communications AB)
Sony PC Companion 2.10.206 (HKLM\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.206 - Sony)
StarCraft II (HKLM\...\StarCraft II) (Version: - Blizzard Entertainment)
Steam (HKLM\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch) (HKLM\...\{07629207-FAA0-4F1A-8092-BF5085BE511F}) (Version: 9.00.5000.00 - Microsoft Corporation)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM\...\{90120000-001A-0407-0000-0000000FF1CE}_PROHYBRIDR_{EA54F104-79D2-48CC-9ABC-91A63C43D353}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2880505) 32-Bit Edition (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{2720451F-5D04-43EC-AB1F-26D948FD971B}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0407-0000-0000000FF1CE}_PROHYBRIDR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM\...\{90120000-001A-0407-0000-0000000FF1CE}_PROHYBRIDR_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0407-0000-0000000FF1CE}_PROHYBRIDR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0407-0000-0000000FF1CE}_PROHYBRIDR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden
Windows Live Communications Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Essentials (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mail (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Messenger (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live SOXE (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM\...\{76618402-179D-4699-A66B-D351C59436BC}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live UX Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
WinRAR 4.01 (32-Bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
Wise Registry Cleaner 2.9.6 (HKLM\...\Wise Registry Cleaner_is1) (Version: - WiseCleaner.com, Inc.)
WPM18.8.0.212 (HKLM\...\WPM) (Version: 18.8.0.212 - Cherished Technololgy LIMITED) <==== ATTENTION
==================== Restore Points =========================
07-06-2014 06:56:33 Camtasia Studio 7 wird entfernt
10-06-2014 09:28:21 Windows Update
==================== Hosts content: ==========================
2009-07-14 04:04 - 2009-06-10 23:39 - 00000824 ____N C:\windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {042A2129-66AD-43F0-B556-DA4BC300F552} - System32\Tasks\{68D42C8F-72D6-440A-A06B-E559521ED7F5} => C:\Program Files\Skype\\Phone\Skype.exe [2014-02-10] (Skype Technologies S.A.)
Task: {1B1CBCA8-2821-4190-AD59-4C2A515FA9E7} - System32\Tasks\{8B3FA0AA-B0AE-4FE4-943B-B3D296DED8E4} => C:\Program Files\Skype\\Phone\Skype.exe [2014-02-10] (Skype Technologies S.A.)
Task: {273A2C57-B593-45CF-A4AA-309663A9A011} - System32\Tasks\0e98351f-2d8e-459d-a4f9-c8ad5ef1d1fb-5 => C:\Program Files\MediaPlayerplus\0e98351f-2d8e-459d-a4f9-c8ad5ef1d1fb-5.exe [2014-04-26] (Freeven) <==== ATTENTION
Task: {410AB9F8-DFBE-4FFE-859A-15D2D4A7ADA5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-06-10] (Google Inc.)
Task: {45B3568A-6DA5-4FD2-96A2-CE05E4695A5A} - System32\Tasks\AdobeAAMUpdater-1.0-yannick-PC-yannick => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
Task: {AC0C3EFB-A414-4503-B4FA-1569D4C21D7A} - System32\Tasks\4990dbc4-063d-41b4-a280-e9fab40f04de-1 => C:\Program Files\Freeven pro 1.2\Freeven pro 1.2-codedownloader.exe [2014-04-26] (Freeven) <==== ATTENTION
Task: {B9DD1FB6-EACA-4A0E-8AB3-ACD6CA35CEFE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-06-10] (Google Inc.)
Task: {BF86295E-19F5-4C7F-984F-17DCE6AAE5FB} - System32\Tasks\4990dbc4-063d-41b4-a280-e9fab40f04de-3 => C:\Program Files\Freeven pro 1.2\4990dbc4-063d-41b4-a280-e9fab40f04de-3.exe [2014-04-26] (Freeven) <==== ATTENTION
Task: {C0B418E8-8361-40E1-8C32-7A36D132F3C5} - System32\Tasks\4990dbc4-063d-41b4-a280-e9fab40f04de-5 => C:\Program Files\Freeven pro 1.2\4990dbc4-063d-41b4-a280-e9fab40f04de-5.exe [2014-04-26] (Freeven) <==== ATTENTION
Task: {D783381A-B98D-4F93-B2B7-E8B12F3ECC8A} - System32\Tasks\0e98351f-2d8e-459d-a4f9-c8ad5ef1d1fb-3 => C:\Program Files\MediaPlayerplus\0e98351f-2d8e-459d-a4f9-c8ad5ef1d1fb-3.exe [2014-04-26] (Freeven) <==== ATTENTION
Task: {EEED8ECA-5151-4982-9FC8-D266B806A97F} - System32\Tasks\0e98351f-2d8e-459d-a4f9-c8ad5ef1d1fb-1 => C:\Program Files\MediaPlayerplus\MediaPlayerplus-codedownloader.exe [2014-04-26] (Freeven) <==== ATTENTION
Task: C:\windows\Tasks\0e98351f-2d8e-459d-a4f9-c8ad5ef1d1fb-1.job => C:\Program Files\MediaPlayerplus\MediaPlayerplus-codedownloader.exe <==== ATTENTION
Task: C:\windows\Tasks\0e98351f-2d8e-459d-a4f9-c8ad5ef1d1fb-3.job => C:\Program Files\MediaPlayerplus\0e98351f-2d8e-459d-a4f9-c8ad5ef1d1fb-3.exe <==== ATTENTION
Task: C:\windows\Tasks\0e98351f-2d8e-459d-a4f9-c8ad5ef1d1fb-5.job => C:\Program Files\MediaPlayerplus\0e98351f-2d8e-459d-a4f9-c8ad5ef1d1fb-5.exe <==== ATTENTION
Task: C:\windows\Tasks\4990dbc4-063d-41b4-a280-e9fab40f04de-1.job => C:\Program Files\Freeven pro 1.2\Freeven pro 1.2-codedownloader.exe <==== ATTENTION
Task: C:\windows\Tasks\4990dbc4-063d-41b4-a280-e9fab40f04de-3.job => C:\Program Files\Freeven pro 1.2\4990dbc4-063d-41b4-a280-e9fab40f04de-3.exe <==== ATTENTION
Task: C:\windows\Tasks\4990dbc4-063d-41b4-a280-e9fab40f04de-5.job => C:\Program Files\Freeven pro 1.2\4990dbc4-063d-41b4-a280-e9fab40f04de-5.exe <==== ATTENTION
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2014-06-11 02:27 - 2014-06-10 22:02 - 02810880 _____ () C:\Program Files\AVAST Software\Avast\defs\14061002\algo.dll
2011-06-10 16:45 - 2011-05-28 22:04 - 00140288 _____ () C:\Program Files\WinRAR\rarext.dll
2012-12-02 13:24 - 2012-03-11 15:55 - 00088656 _____ () C:\windows\System32\cpwmon2k.dll
2014-04-26 12:23 - 2014-04-23 13:13 - 03267536 _____ () C:\Users\yannick\AppData\Local\fst_de_6\upfst_de_6.exe
2010-06-18 09:55 - 2009-07-16 09:20 - 00032768 _____ () C:\Program Files\jmesoft\Keyhook.dll
2010-06-18 09:55 - 2007-12-31 10:27 - 00007168 _____ () C:\Program Files\jmesoft\VistaVolume.dll
2010-06-18 10:03 - 2008-09-27 08:39 - 00045056 _____ () C:\Program Files\Lenovo\HealthCare\HOOK.dll
2010-06-18 10:03 - 2009-09-09 09:24 - 00057344 _____ () C:\Program Files\Lenovo\HealthCare\de-de\de-de.dll
2009-06-03 20:59 - 2009-06-03 20:59 - 00619816 ____N () C:\Program Files\Lenovo\Power2Go\CLMediaLibrary.dll
2009-06-03 20:59 - 2009-06-03 20:59 - 00013096 ____N () C:\Program Files\Lenovo\Power2Go\CLMLSvcPS.dll
2011-05-26 13:42 - 2011-05-26 13:42 - 00067872 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2012-10-15 06:07 - 2012-04-30 11:57 - 00039936 _____ () C:\Program Files\Sony\Sony PC Companion\TMonitorAPI.dll
2012-10-15 06:07 - 2013-09-13 11:02 - 00208896 _____ () C:\Program Files\Sony\Sony PC Companion\MExplorer.dll
2014-06-10 17:36 - 2014-05-08 19:26 - 03145536 _____ () C:\Users\yannick\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
2012-07-04 02:16 - 2012-07-04 02:16 - 00369152 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2012-10-15 06:07 - 2013-10-31 12:35 - 00070880 _____ () C:\Program Files\Sony\Sony PC Companion\PCCompanionInfo.exe
2011-01-17 16:19 - 2011-10-29 14:08 - 00985088 _____ () C:\Program Files\OpenOffice.org 3\program\libxml2.dll
2014-06-07 08:50 - 2014-04-30 02:08 - 01135104 _____ () C:\Program Files\Steam\libavcodec-55.dll
2014-05-04 03:22 - 2014-04-30 02:08 - 00471552 _____ () C:\Program Files\Steam\libavutil-53.dll
2014-06-07 08:50 - 2014-04-30 02:08 - 00404992 _____ () C:\Program Files\Steam\libavformat-55.dll
2014-02-11 15:29 - 2014-04-30 02:08 - 00340992 _____ () C:\Program Files\Steam\libavresample-1.dll
2013-03-12 18:10 - 2014-05-17 03:36 - 00756224 _____ () C:\Program Files\Steam\SDL2.dll
2014-06-07 08:51 - 2014-05-29 19:37 - 02139840 _____ () C:\Program Files\Steam\video.dll
2014-06-07 08:50 - 2014-04-29 02:37 - 00519168 _____ () C:\Program Files\Steam\libswscale-2.dll
2013-08-11 16:55 - 2014-05-29 19:36 - 01116864 _____ () C:\Program Files\Steam\bin\chromehtml.DLL
2011-06-10 15:42 - 2014-05-02 01:35 - 20628160 _____ () C:\Program Files\Steam\bin\libcef.dll
2012-03-15 17:43 - 2013-06-15 01:49 - 01100800 _____ () C:\Program Files\Steam\bin\avcodec-53.dll
2012-03-15 17:43 - 2013-06-15 01:49 - 00124416 _____ () C:\Program Files\Steam\bin\avutil-51.dll
2012-03-15 17:43 - 2013-06-15 01:49 - 00192000 _____ () C:\Program Files\Steam\bin\avformat-53.dll
2014-06-10 20:36 - 2014-06-11 01:50 - 00317728 _____ () C:\Program Files\ConstaSurf\bin\utilConstaSurf.exe
2014-06-10 20:37 - 2014-06-09 12:17 - 00239392 _____ () C:\Program Files\ConstaSurf\bin\ConstaSurf.PurBrowse.exe
2014-06-10 20:37 - 2014-06-10 23:50 - 00096544 _____ () C:\Program Files\ConstaSurf\bin\ConstaSurf.BrowserAdapter.exe
2014-06-10 19:02 - 2014-06-11 01:55 - 00317728 _____ () C:\Program Files\ConstaSurf\updateConstaSurf.exe
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
==================== EXE Association (whitelisted) =============
==================== Disabled items from MSCONFIG ==============
==================== Faulty Device Manager Devices =============
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (06/11/2014 01:46:54 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (06/11/2014 01:45:37 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (06/10/2014 07:26:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: AvastUI.exe, Version: 6.0.1367.0, Zeitstempel: 0x4ed3cb98
Name des fehlerhaften Moduls: MSVCR90.dll, Version: 9.0.30729.6161, Zeitstempel: 0x4dace5b9
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0003af1c
ID des fehlerhaften Prozesses: 0xf08
Startzeit der fehlerhaften Anwendung: 0xAvastUI.exe0
Pfad der fehlerhaften Anwendung: AvastUI.exe1
Pfad des fehlerhaften Moduls: AvastUI.exe2
Berichtskennung: AvastUI.exe3
Error: (06/10/2014 11:28:34 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddWin32ServiceFiles: Unable to back up image of service Wpm Service since QueryServiceConfig API failed
System Error:
Das System kann die angegebene Datei nicht finden.
.
Error: (06/09/2014 04:51:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: PluginService.exe, Version: 13.27.0.223, Zeitstempel: 0x53474b44
Name des fehlerhaften Moduls: DpInterface32.dll, Version: 3.0.2.3481, Zeitstempel: 0x533bad50
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0009b3b0
ID des fehlerhaften Prozesses: 0x180
Startzeit der fehlerhaften Anwendung: 0xPluginService.exe0
Pfad der fehlerhaften Anwendung: PluginService.exe1
Pfad des fehlerhaften Moduls: PluginService.exe2
Berichtskennung: PluginService.exe3
Error: (06/09/2014 04:51:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: RSHP.exe, Version: 2.0.3.199, Zeitstempel: 0x5344bf21
Name des fehlerhaften Moduls: RSHP.exe, Version: 2.0.3.199, Zeitstempel: 0x5344bf21
Ausnahmecode: 0x40000015
Fehleroffset: 0x00017300
ID des fehlerhaften Prozesses: 0x16e4
Startzeit der fehlerhaften Anwendung: 0xRSHP.exe0
Pfad der fehlerhaften Anwendung: RSHP.exe1
Pfad des fehlerhaften Moduls: RSHP.exe2
Berichtskennung: RSHP.exe3
Error: (06/07/2014 00:58:33 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (06/07/2014 00:57:08 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (06/07/2014 08:56:42 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddWin32ServiceFiles: Unable to back up image of service Wpm Service since QueryServiceConfig API failed
System Error:
Das System kann die angegebene Datei nicht finden.
.
Error: (06/04/2014 01:21:42 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
System errors:
=============
Error: (06/10/2014 09:59:33 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.
Error: (06/10/2014 09:59:33 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.
Error: (06/10/2014 09:48:37 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (06/10/2014 09:48:37 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht.
Error: (06/10/2014 09:29:57 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Search Protect Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (06/09/2014 04:51:52 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "IePlugin Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (06/07/2014 08:52:19 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (06/07/2014 08:52:19 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht.
Error: (06/07/2014 08:50:27 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Wpm Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (06/02/2014 05:20:06 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "IePlugin Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Microsoft Office Sessions:
=========================
==================== Memory info ===========================
Percentage of memory in use: 70%
Total physical RAM: 2047.24 MB
Available physical RAM: 609.95 MB
Total Pagefile: 4094.48 MB
Available Pagefile: 1787.83 MB
Total Virtual: 2047.88 MB
Available Virtual: 1893.27 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:440.59 GB) (Free:295.44 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: C21E59E0)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=441 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=25 GB) - (Type=12)
==================== End Of Log ============================
|
|
11.06.2014, 20:34
| #4 |
| /// the machine /// TB-Ausbilder | Flash Player Update Virus Adware & Co. deinstallieren
Solltest Du ein Programm nicht finden oder nicht deinstallieren können, mache bitte mit dem nächsten Schritt weiter: Scan mit Combofix
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
Revo Uninstaller herunter.
dann auf 
und dann auf 
.
WARNUNG an die MITLESER: 
Linear-Darstellung
