sooo .. jetzt wieder die Ergebnisse der scans:
1) FRST Fix: Code:
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 02-06-2014
Ran by Hannah at 2014-06-06 13:35:22 Run:1
Running from C:\Users\Hannah\Desktop
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
ZoneAlarm Security Toolbar (x32 Version: 1.8.22.0 - Check Point Software Technologies LTD) Hidden
*****************
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\ZoneAlarm Security Toolbar\\SystemComponent => Value deleted successfully.
==== End of Fixlog ====
2) Ich konnte die ZoneAlarm LTD Toolbar nicht finden, weder über die normale Deinstallation via Win7, noch über das andere Programm.
3) Das log-file aus maleware-bits Code:
Malwarebytes Anti-Malware
www.malwarebytes.org
Suchlauf Datum: 06.06.2014
Suchlauf-Zeit: 13:48:49
Logdatei:
Administrator: Ja
Version: 2.00.2.1012
Malware Datenbank: v2014.06.06.04
Rootkit Datenbank: v2014.06.02.01
Lizenz: Testversion
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Self-protection: Deaktiviert
Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Hannah
Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 320602
Verstrichene Zeit: 17 Min, 26 Sek
Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Heuristics: Aktiviert
PUP: Aktiviert
PUM: Aktiviert
Prozesse: 0
(No malicious items detected)
Module: 0
(No malicious items detected)
Registrierungsschlüssel: 8
PUP.Optional.MixiDJToolbar.A, HKLM\SOFTWARE\CLASSES\APPID\{A2773ED4-83BD-488A-A186-73590706C916}, In Quarantäne, [a60cfa79d0abb383cd8074fc4eb4cd33],
PUP.Optional.MixiDJToolbar.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{A2773ED4-83BD-488A-A186-73590706C916}, In Quarantäne, [a60cfa79d0abb383cd8074fc4eb4cd33],
PUP.Optional.DataMangr.A, HKLM\SOFTWARE\WOW6432NODE\DataMngr, In Quarantäne, [bbf73b3898e3c27445eb6832d82aff01],
PUP.Optional.BabylonToolBar.A, HKU\S-1-5-21-2341146605-734141027-1570152291-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\BabylonToolbar, In Quarantäne, [52605221116ae94d8b7ef7dbc340a45c],
PUP.Optional.DataMngr.A, HKU\S-1-5-21-2341146605-734141027-1570152291-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\DataMngr, In Quarantäne, [4a68551ecdaeff3791a2a22ca75cce32],
PUP.Optional.DataMngr.A, HKU\S-1-5-21-2341146605-734141027-1570152291-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\DataMngr_Toolbar, In Quarantäne, [e6ccdb98cfac0c2a36fc3a9457ac7789],
Adware.QWO, HKU\S-1-5-21-2341146605-734141027-1570152291-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS\ZONEMAP\DOMAINS\qword.com, In Quarantäne, [8131551eb1cab284ee600226996ae31d],
PUP.Optional.Softonic.A, HKU\S-1-5-21-2341146605-734141027-1570152291-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SOFTONIC\Universal Downloader, In Quarantäne, [cbe7551ee398be78d716f3b305fd4bb5],
Registrierungswerte: 1
Adware.QWO, HKU\S-1-5-21-2341146605-734141027-1570152291-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\NEW WINDOWS\ALLOW|www.qword.com, In Quarantäne, [6e449dd65328fb3baca2ad7a768d25db],
Registrierungsdaten: 1
Hijack.Homepage, HKU\S-1-5-21-2341146605-734141027-1570152291-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, hxxp://www.qword.com/?s=1, Gut: (hxxp://www.Google.com/), Schlecht: (hxxp://www.qword.com/?s=1),Ersetzt,[f2c0bab9a9d20333fb6a293eb05415eb]
Ordner: 3
PUP.Optional.MixiDJToolBar.A, C:\Users\Hannah\AppData\Local\Temp\mt_ffx\mixidj, In Quarantäne, [654d383b483352e46dc9483bfc06768a],
PUP.Optional.MixiDJToolBar.A, C:\Users\Hannah\AppData\Local\Temp\mt_ffx\mixidj\mixidj, In Quarantäne, [654d383b483352e46dc9483bfc06768a],
PUP.Optional.MixiDJToolBar.A, C:\Users\Hannah\AppData\Local\Temp\mt_ffx\mixidj\mixidj\1.8.18.8, In Quarantäne, [654d383b483352e46dc9483bfc06768a],
Dateien: 3
PUP.Optional.Babylon.A, C:\Users\Hannah\AppData\Roaming\Mozilla\Firefox\Profiles\sa4bz478.default\searchplugins\babylon.xml, In Quarantäne, [793996dd4a3149ed8ab5aa03c93937c9],
PUP.Optional.MixiDJ.A, C:\Users\Hannah\AppData\Roaming\Mozilla\Firefox\Profiles\sa4bz478.default\searchplugins\mixidj.xml, In Quarantäne, [cfe389ea5e1def474d98634a8e742dd3],
Adware.QWO, C:\Users\Hannah\Favorites\Qword Search Engine.url, In Quarantäne, [40723e3599e2a88e5015955aec1637c9],
Physische Sektoren: 0
(No malicious items detected)
(end)
4) ESET online scanner Code:
ESETSmartInstaller@High as downloader log:
all ok
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7587
# api_version=3.0.2
# EOSSerial=d99d3e8c92bdff4995fbdb89c54f03fe
# engine=18591
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-06-06 01:39:44
# local_time=2014-06-06 03:39:44 (+0100, Mitteleuropäische Sommerzeit)
# country="Austria"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='avast! Antivirus'
# compatibility_mode=783 16777213 100 97 326650 166482474 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 14432 153691834 0 0
# scanned=217090
# found=3
# cleaned=0
# scan_time=4522
sh=D091582E794A0528D396B291F4A56BD7A7477F37 ft=1 fh=49669a25f0d7e4fc vn="Variante von Win32/Toolbar.Babylon.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Hannah\AppData\Local\Temp\MixiDJToolbar_yh.exe"
sh=255A1393477F52E494BE53DD377432CCF53A06D7 ft=1 fh=efd1f805c19d10a7 vn="Win32/DownWare.N evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Hannah\AppData\Local\Temp\MixiYD.exe"
sh=91FD0C68DC46843917C8FEA976D8DDF7B941D897 ft=1 fh=fe05ab993baef410 vn="Win32/Toolbar.Babylon.P evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Hannah\AppData\Local\Temp\bus718C\BabMaint.x"
5) und wieder der FRST log
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-06-2014
Ran by Hannah (administrator) on SCHNUCKI on 06-06-2014 16:27:10
Running from C:\Users\Hannah\Desktop
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\CamMute.exe
(UPEK Inc.) C:\Program Files\ThinkVantage Fingerprint Software\upeksvr.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlk.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Ulead Systems, Inc.) C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(X-Rite Inc.) C:\Program Files (x86)\X-Rite\Devices\Services\xritedeviced.exe
(X-Rite Inc.) C:\Program Files (x86)\X-Rite\Devices\Services\i1Display\i1DisplayDeviceService.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ZOOM\TpScrex.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Lenovo.) C:\Windows\System32\TpShocks.exe
() C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\AutoLock\ALCKRESI.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe
(Ricoh co.,Ltd.) C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
() C:\Program Files (x86)\X-Rite\PANTONE Color Calibrator\Color Calibrator Tray.exe
(X-Rite Inc.) C:\Program Files (x86)\X-Rite\Devices\Lib\xritelegacyd.exe
() C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Dropbox, Inc.) C:\Users\Hannah\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Lenovo Group Limited) C:\Program Files (x86)\ThinkPad\Utilities\SCHTASK.EXE
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\ControlCenter3\BrccMCtl.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\Brmfcmon\BrMfimon.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\BTStackServer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\System Update\SUService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Message Center Plus\MCPLaunch.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2789160 2011-05-19] (Synaptics Incorporated)
HKLM\...\Run: [TpShocks] => C:\Windows\system32\TpShocks.exe [380776 2010-12-09] (Lenovo.)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] ()
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SAIICpl.exe [316032 2011-03-14] (Conexant systems, Inc.)
HKLM\...\Run: [LENOVO.TPKNRRES] => C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [40808 2011-05-31] (Lenovo Group Limited)
HKLM\...\Run: [ALCKRESI.EXE] => C:\Program Files\Lenovo\AutoLock\ALCKRESI.EXE [281960 2011-05-25] (Lenovo Group Limited)
HKLM-x32\...\Run: [RotateImage] => C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe [55808 2008-10-30] (Ricoh co.,Ltd.)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [PWMTRV] => rundll32 C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor
HKLM-x32\...\Run: [X-Rite Legacy Device] => C:\Program Files (x86)\X-Rite\Devices\Lib\xritelegacyd.exe [105984 2010-09-28] (X-Rite Inc.)
HKLM-x32\...\Run: [Lenovo Registration] => C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe [4351712 2011-07-13] (Lenovo, Inc.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [BrMfcWnd] => C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe [1163264 2011-04-01] ()
HKLM-x32\...\Run: [ControlCenter3] => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3888648 2014-05-27] (AVAST Software)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311152 2013-12-11] (Samsung Electronics Co., Ltd.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\psfus: C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll (UPEK Inc.)
HKU\S-1-5-21-2341146605-734141027-1570152291-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-2341146605-734141027-1570152291-1001\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [427520 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-2341146605-734141027-1570152291-1001\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1564528 2013-12-11] (Samsung)
HKU\S-1-5-21-2341146605-734141027-1570152291-1001\...\Run: [KiesAirMessage] => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
HKU\S-1-5-21-2341146605-734141027-1570152291-1001\...\Run: [EA Core] => "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent
HKU\S-1-5-21-2341146605-734141027-1570152291-1001\...\MountPoints2: {b9421f26-69cd-11e1-b60c-806e6f6e6963} - Q:\LenovoQDrive.exe
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [226920 2011-06-01] (NVIDIA Corporation)
AppInit_DLLs-x32: c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [192616 2011-06-01] (NVIDIA Corporation)
Lsa: [Notification Packages] scecli C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Color Calibrator Gamma.lnk
ShortcutTarget: Color Calibrator Gamma.lnk -> C:\Program Files (x86)\X-Rite\PANTONE Color Calibrator\Gamma\CalibrationLoader.exe (LOGO Kommunikations- und Drucktechnik GmbH & Co. KG)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Color Calibrator Tray.lnk
ShortcutTarget: Color Calibrator Tray.lnk -> C:\Program Files (x86)\X-Rite\PANTONE Color Calibrator\Color Calibrator Tray.exe ()
Startup: C:\Users\Hannah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Hannah\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/welcome/thinkpad
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=LENP&bmod=LENP
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.zonealarm.com/?src=hp&tbid=goughDev3&Lan=en&gu=4a238e04ab8d427bb8301041e793a533&tu=10GXz00AD2B0Ca0&sku=&tstsId=&ver=&
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com/welcome/thinkpad
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - DefaultScope {F48DA960-0FD9-4BB5-9826-C0C271C6C74D} URL = hxxp://www.qword.com/search.php?q={searchTerms}&s=2
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://mixidj.delta-search.com/?q={searchTerms}&affID=121124&babsrc=SP_ss&mntrId=4EA224770359138D
SearchScopes: HKCU - {65CB503F-F67A-48F1-8886-32F0884DB27E} URL = hxxp://search.zonealarm.com/search?src=sp&tbid=goughDev3&Lan=en&q={searchTerms}&gu=4a238e04ab8d427bb8301041e793a533&tu=10GXz00AD2B0Ca0&sku=&tstsId=&ver=&&r=156
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7LENP_deAT476
SearchScopes: HKCU - {F48DA960-0FD9-4BB5-9826-C0C271C6C74D} URL = hxxp://www.qword.com/search.php?q={searchTerms}&s=2
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKCU - No Name - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138 10.0.0.138
FireFox:
========
FF ProfilePath: C:\Users\Hannah\AppData\Roaming\Mozilla\Firefox\Profiles\sa4bz478.default
FF Homepage: https://www.google.at/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll No File
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @canon.com/EPPEX - C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin-x32: @checkpoint.com/FFApi - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\npFFApi.dll No File
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF user.js: detected! => C:\Users\Hannah\AppData\Roaming\Mozilla\Firefox\Profiles\sa4bz478.default\user.js
FF SearchPlugin: C:\Users\Hannah\AppData\Roaming\Mozilla\Firefox\Profiles\sa4bz478.default\searchplugins\BrowserProtect.xml
FF SearchPlugin: C:\Users\Hannah\AppData\Roaming\Mozilla\Firefox\Profiles\sa4bz478.default\searchplugins\zonealarm.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Add Google Search To New Tab Page - C:\Users\Hannah\AppData\Roaming\Mozilla\Firefox\Profiles\sa4bz478.default\Extensions\newtabgoogle@graememcc.co.uk.xpi [2013-04-21]
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-10-11]
FF HKLM-x32\...\Firefox\Extensions: [{FFB96CC1-7EB3-449D-B827-DB661701C6BB}] - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-10-11]
Chrome:
=======
CHR HomePage: hxxp://search.zonealarm.com/?src=hp&tbid=goughDev3&Lan=en&gu=4a238e04ab8d427bb8301041e793a533&tu=10GXz00AD2B0Ca0&sku=&tstsId=&ver=&
CHR RestoreOnStartup: "hxxp://search.zonealarm.com/?src=hp&tbid=goughDev3&Lan=en&gu=4a238e04ab8d427bb8301041e793a533&tu=10GXz00AD2B0Ca0&sku=&tstsId=&ver=&"
CHR DefaultSearchProvider: Search By ZoneAlarm
CHR DefaultSearchURL: hxxp://search.zonealarm.com/search?src=sp&tbid=goughDev3&Lan=en&q={searchTerms}&gu=4a238e04ab8d427bb8301041e793a533&tu=10GXz00AD2B0Ca0&sku=&tstsId=&ver=&
CHR Extension: (YouTube) - C:\Users\Hannah\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-10-05]
CHR Extension: (Google Search) - C:\Users\Hannah\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-10-05]
CHR Extension: (MixiDj Chrome Toolbar) - C:\Users\Hannah\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpepfkjapeclaafmhoelccknpfedainn [2013-04-30]
CHR Extension: (Gmail) - C:\Users\Hannah\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-10-05]
==================== Services (Whitelisted) =================
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-05-05] (AVAST Software)
S3 DozeSvc; C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE [478056 2011-08-31] (Lenovo.)
R2 i1 Display Service; C:\Program Files (x86)\X-Rite\Devices\Services\i1Display\i1DisplayDeviceService.exe [163328 2010-09-28] (X-Rite Inc.)
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [133992 2011-07-12] (Lenovo Group Limited)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 xritedeviced; C:\Program Files (x86)\X-Rite\Devices\Services\xritedeviced.exe [142848 2010-09-28] (X-Rite Inc.)
==================== Drivers (Whitelisted) ====================
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-05-05] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-05-05] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-05-05] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-05-05] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-05-23] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-05-23] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [85328 2014-05-23] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208416 2014-05-05] ()
U5 klflt; C:\Windows\System32\Drivers\klflt.sys [89432 2012-11-15] (Kaspersky Lab)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-06-06] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R2 smihlp; C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys [13840 2009-03-13] (UPEK Inc.)
R3 TVTI2C; C:\Windows\System32\DRIVERS\Tvti2c.sys [41536 2009-09-24] (Lenovo (United States) Inc.)
S3 vpnva; system32\DRIVERS\vpnva64.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-06-06 14:17 - 2014-06-06 14:17 - 02347384 _____ (ESET) C:\Users\Hannah\Downloads\esetsmartinstaller_deu.exe
2014-06-06 13:47 - 2014-06-06 14:12 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-06 13:46 - 2014-06-06 13:46 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Hannah\Downloads\mbam-setup-2.0.2.1012.exe
2014-06-06 13:46 - 2014-06-06 13:46 - 00001113 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-06-06 13:46 - 2014-06-06 13:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-06-06 13:46 - 2014-06-06 13:46 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-06 13:46 - 2014-06-06 13:46 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-06-06 13:46 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-06-06 13:46 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-06-06 13:46 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-06-06 13:42 - 2014-06-06 13:43 - 00000000 ____D () C:\Users\Hannah\Desktop\revouninstaller-portable
2014-06-06 13:42 - 2014-06-06 13:42 - 03007700 _____ () C:\Users\Hannah\Downloads\revouninstaller.zip
2014-06-06 07:34 - 2014-06-06 16:27 - 00021196 _____ () C:\Users\Hannah\Desktop\FRST.txt
2014-06-06 07:34 - 2014-06-06 16:27 - 00000000 ____D () C:\FRST
2014-06-06 07:34 - 2014-06-06 07:35 - 00045591 _____ () C:\Users\Hannah\Desktop\Addition.txt
2014-06-06 07:29 - 2014-06-06 07:30 - 02068992 _____ (Farbar) C:\Users\Hannah\Desktop\FRST64.exe
2014-06-05 21:12 - 2014-06-05 21:18 - 01380150 _____ () C:\Users\Hannah\Desktop\reportdatei_20140605.txt
2014-06-05 20:14 - 2014-06-05 20:14 - 00000000 ____D () C:\Users\Hannah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth-Geräte
2014-06-04 11:23 - 2014-06-04 11:23 - 03144261 _____ () C:\Users\Hannah\Downloads\VO PlMolBiol_Pitzschke literature.zip
2014-06-04 08:11 - 2014-01-09 04:22 - 05694464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-06-04 08:11 - 2014-01-04 00:44 - 06574592 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-06-03 13:00 - 2013-10-02 04:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2014-06-03 13:00 - 2013-10-02 04:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2014-06-03 13:00 - 2013-10-02 04:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2014-06-03 13:00 - 2013-10-02 03:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2014-06-03 13:00 - 2013-10-02 03:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2014-06-03 13:00 - 2013-10-02 03:29 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-06-03 13:00 - 2013-10-02 03:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2014-06-03 13:00 - 2013-10-02 02:15 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2014-06-03 13:00 - 2013-10-02 02:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2014-06-03 13:00 - 2013-10-02 02:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2014-06-03 13:00 - 2013-10-02 02:08 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2014-06-03 13:00 - 2013-10-02 02:01 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2014-06-03 13:00 - 2013-10-02 01:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-06-03 13:00 - 2013-10-02 01:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-06-03 13:00 - 2013-10-02 01:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2014-06-03 13:00 - 2013-10-02 00:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-06-03 12:58 - 2013-09-25 04:23 - 01030144 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-06-03 12:58 - 2013-09-25 03:57 - 00792576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-06-02 22:14 - 2014-06-02 22:14 - 00011370 _____ () C:\Users\Hannah\Desktop\Bierliste_märz14.xlsx
2014-06-02 15:28 - 2014-06-02 15:28 - 00001107 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Abflußbemessung 1.7.LNK
2014-06-02 15:27 - 2014-06-02 15:28 - 00000000 ____D () C:\Program Files (x86)\Abflußbemessung
2014-06-02 15:27 - 2014-06-02 15:27 - 00253952 ____N (Microsoft Corporation) C:\Windows\Setup1.exe
2014-06-02 15:27 - 2014-06-02 15:27 - 00074752 _____ (Microsoft Corporation) C:\Windows\ST6UNST.EXE
2014-06-02 15:22 - 2014-06-02 15:22 - 03121664 _____ () C:\Users\Hannah\Downloads\abfluss.exe
2014-05-25 19:51 - 2014-05-25 19:51 - 00000000 __SHD () C:\Users\Hannah\AppData\Local\EmieUserList
2014-05-25 19:51 - 2014-05-25 19:51 - 00000000 __SHD () C:\Users\Hannah\AppData\Local\EmieSiteList
2014-05-23 17:30 - 2014-05-25 09:16 - 00000000 ____D () C:\Users\Hannah\AppData\Local\Windows Live
2014-05-23 17:29 - 2014-05-23 17:30 - 00000000 ____D () C:\Users\Hannah\AppData\Local\{B176C387-888B-4222-9C67-6CF2648E6EBA}
2014-05-23 17:29 - 2014-05-23 17:30 - 00000000 ____D () C:\Users\Hannah\AppData\Local\{A897147A-86C3-4295-9B55-A1D2F01B9355}
2014-05-16 21:07 - 2014-05-16 21:07 - 00000000 ____D () C:\Windows\System32\Tasks\Games
2014-05-14 16:55 - 2014-05-06 06:40 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-14 16:55 - 2014-05-06 06:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-14 16:55 - 2014-05-06 05:25 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-14 16:55 - 2014-05-06 05:07 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-14 16:55 - 2014-05-06 05:00 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-14 16:55 - 2014-05-06 04:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-14 15:31 - 2014-05-09 08:14 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-14 15:31 - 2014-05-09 08:11 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-14 15:31 - 2014-03-25 04:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-14 15:31 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-05-14 15:27 - 2014-04-12 04:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-05-14 15:27 - 2014-04-12 04:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-05-14 15:27 - 2014-04-12 04:19 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-05-14 15:27 - 2014-04-12 04:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-05-14 15:27 - 2014-04-12 04:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-05-14 15:27 - 2014-04-12 04:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-05-14 15:27 - 2014-04-12 04:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-05-14 15:27 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-05-14 15:27 - 2014-04-12 04:10 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-05-14 15:27 - 2014-03-04 11:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-05-14 15:27 - 2014-03-04 11:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-05-14 15:27 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-05-14 15:27 - 2014-03-04 11:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-05-14 15:27 - 2014-03-04 11:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-05-14 15:27 - 2014-03-04 11:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-05-14 15:27 - 2014-03-04 11:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-05-14 15:27 - 2014-03-04 11:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-05-14 15:27 - 2014-03-04 11:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-05-14 15:27 - 2014-03-04 11:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-05-14 15:27 - 2014-03-04 11:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-05-14 15:27 - 2014-03-04 11:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-05-14 15:27 - 2014-03-04 11:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-05-14 15:27 - 2014-03-04 11:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-05-14 15:27 - 2014-03-04 11:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-05-14 15:27 - 2014-03-04 11:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-05-14 15:27 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-05-14 15:27 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-05-14 15:27 - 2014-03-04 11:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-05-14 15:27 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-05-14 15:27 - 2014-03-04 11:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-05-14 15:27 - 2014-03-04 11:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-05-14 15:27 - 2014-03-04 11:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-05-14 15:27 - 2014-03-04 11:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-05-14 15:27 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-05-14 15:27 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-05-14 15:27 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-05-14 15:27 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-05-14 15:27 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-05-14 15:27 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-05-14 15:27 - 2014-03-04 11:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-05-14 15:27 - 2014-03-04 11:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-05-14 11:02 - 2014-05-14 11:02 - 03112960 _____ () C:\Windows\system32\eed_ec.dll
2014-05-14 11:02 - 2014-05-14 11:02 - 00686384 _____ (Samsung Electronics) C:\Windows\system32\eed_sl.exe
2014-05-13 11:35 - 2014-05-13 11:36 - 13987068 _____ () C:\Users\Hannah\Downloads\ganttproject-2.6.6-r1715.exe
2014-05-10 21:58 - 2014-05-10 21:58 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-07 07:58 - 2014-06-06 14:12 - 00000000 ____D () C:\Users\Hannah\AppData\Roaming\DropboxMaster
==================== One Month Modified Files and Folders =======
2014-06-06 16:27 - 2014-06-06 07:34 - 00021196 _____ () C:\Users\Hannah\Desktop\FRST.txt
2014-06-06 16:27 - 2014-06-06 07:34 - 00000000 ____D () C:\FRST
2014-06-06 16:27 - 2012-03-23 18:04 - 00000000 ____D () C:\Users\Hannah\AppData\Local\Temp
2014-06-06 16:26 - 2012-06-11 09:13 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-06-06 16:13 - 2012-03-09 11:56 - 02018618 _____ () C:\Windows\WindowsUpdate.log
2014-06-06 14:19 - 2012-03-09 20:40 - 00699682 _____ () C:\Windows\system32\perfh007.dat
2014-06-06 14:19 - 2012-03-09 20:40 - 00149790 _____ () C:\Windows\system32\perfc007.dat
2014-06-06 14:19 - 2009-07-14 07:13 - 01620684 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-06 14:18 - 2009-07-14 06:45 - 00031296 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-06 14:18 - 2009-07-14 06:45 - 00031296 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-06 14:17 - 2014-06-06 14:17 - 02347384 _____ (ESET) C:\Users\Hannah\Downloads\esetsmartinstaller_deu.exe
2014-06-06 14:13 - 2012-04-07 13:58 - 00000000 ___RD () C:\Users\Hannah\Dropbox
2014-06-06 14:13 - 2012-04-07 13:54 - 00000000 ____D () C:\Users\Hannah\AppData\Roaming\Dropbox
2014-06-06 14:12 - 2014-06-06 13:47 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-06 14:12 - 2014-05-07 07:58 - 00000000 ____D () C:\Users\Hannah\AppData\Roaming\DropboxMaster
2014-06-06 14:09 - 2012-03-09 12:11 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-06-06 14:09 - 2010-11-21 05:47 - 01020880 _____ () C:\Windows\PFRO.log
2014-06-06 14:09 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-06 14:09 - 2009-07-14 06:51 - 00146331 _____ () C:\Windows\setupact.log
2014-06-06 13:46 - 2014-06-06 13:46 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Hannah\Downloads\mbam-setup-2.0.2.1012.exe
2014-06-06 13:46 - 2014-06-06 13:46 - 00001113 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-06-06 13:46 - 2014-06-06 13:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-06-06 13:46 - 2014-06-06 13:46 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-06 13:46 - 2014-06-06 13:46 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-06-06 13:43 - 2014-06-06 13:42 - 00000000 ____D () C:\Users\Hannah\Desktop\revouninstaller-portable
2014-06-06 13:42 - 2014-06-06 13:42 - 03007700 _____ () C:\Users\Hannah\Downloads\revouninstaller.zip
2014-06-06 13:34 - 2012-03-23 18:37 - 00000000 ____D () C:\Users\Hannah\Documents\Outlook-Dateien
2014-06-06 07:35 - 2014-06-06 07:34 - 00045591 _____ () C:\Users\Hannah\Desktop\Addition.txt
2014-06-06 07:30 - 2014-06-06 07:29 - 02068992 _____ (Farbar) C:\Users\Hannah\Desktop\FRST64.exe
2014-06-06 07:23 - 2012-03-09 12:11 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Temp
2014-06-06 07:21 - 2012-10-11 17:02 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-06-05 21:18 - 2014-06-05 21:12 - 01380150 _____ () C:\Users\Hannah\Desktop\reportdatei_20140605.txt
2014-06-05 20:21 - 2012-05-17 16:04 - 00000000 ____D () C:\Program Files (x86)\Ubisoft
2014-06-05 20:21 - 2012-03-09 12:00 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-06-05 20:20 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-06-05 20:14 - 2014-06-05 20:14 - 00000000 ____D () C:\Users\Hannah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth-Geräte
2014-06-05 14:48 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-06-04 11:23 - 2014-06-04 11:23 - 03144261 _____ () C:\Users\Hannah\Downloads\VO PlMolBiol_Pitzschke literature.zip
2014-06-04 10:05 - 2012-05-09 17:35 - 00000099 _____ () C:\Users\Public\LMDebug.log
2014-06-04 09:24 - 2013-09-29 09:56 - 00041872 _____ () C:\Users\Hannah\Desktop\Ausgaben_1013-0914.xlsx
2014-06-03 15:12 - 2013-04-16 10:24 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-06-03 12:52 - 2012-03-09 12:14 - 00000000 ____D () C:\Windows\System32\Tasks\Lenovo
2014-06-03 12:45 - 2013-04-30 16:54 - 00000000 ____D () C:\ProgramData\Cisco
2014-06-03 12:45 - 2012-03-09 12:02 - 00000000 ____D () C:\Program Files (x86)\Cisco
2014-06-03 10:19 - 2012-03-23 22:34 - 00000000 ____D () C:\Users\Hannah\Documents\Heim
2014-06-02 22:14 - 2014-06-02 22:14 - 00011370 _____ () C:\Users\Hannah\Desktop\Bierliste_märz14.xlsx
2014-06-02 15:28 - 2014-06-02 15:28 - 00001107 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Abflußbemessung 1.7.LNK
2014-06-02 15:28 - 2014-06-02 15:27 - 00000000 ____D () C:\Program Files (x86)\Abflußbemessung
2014-06-02 15:27 - 2014-06-02 15:27 - 00253952 ____N (Microsoft Corporation) C:\Windows\Setup1.exe
2014-06-02 15:27 - 2014-06-02 15:27 - 00074752 _____ (Microsoft Corporation) C:\Windows\ST6UNST.EXE
2014-06-02 15:27 - 2012-03-23 18:07 - 00000000 ___RD () C:\Users\Hannah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-06-02 15:27 - 2012-03-23 18:04 - 00000000 ____D () C:\Users\Hannah
2014-06-02 15:22 - 2014-06-02 15:22 - 03121664 _____ () C:\Users\Hannah\Downloads\abfluss.exe
2014-05-29 18:24 - 2012-04-22 19:17 - 00000000 ____D () C:\Users\Hannah\AppData\Local\CrashDumps
2014-05-28 15:01 - 2012-04-07 13:58 - 00001032 _____ () C:\Users\Hannah\Desktop\Dropbox.lnk
2014-05-28 15:01 - 2012-04-07 13:54 - 00000000 ____D () C:\Users\Hannah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-05-27 21:34 - 2014-03-01 10:15 - 00000000 ____D () C:\Users\Hannah\AppData\Roaming\Skype
2014-05-26 17:31 - 2013-10-07 19:41 - 00000000 ____D () C:\Users\Hannah\Documents\BT
2014-05-25 19:51 - 2014-05-25 19:51 - 00000000 __SHD () C:\Users\Hannah\AppData\Local\EmieUserList
2014-05-25 19:51 - 2014-05-25 19:51 - 00000000 __SHD () C:\Users\Hannah\AppData\Local\EmieSiteList
2014-05-25 09:16 - 2014-05-23 17:30 - 00000000 ____D () C:\Users\Hannah\AppData\Local\Windows Live
2014-05-23 17:30 - 2014-05-23 17:29 - 00000000 ____D () C:\Users\Hannah\AppData\Local\{B176C387-888B-4222-9C67-6CF2648E6EBA}
2014-05-23 17:30 - 2014-05-23 17:29 - 00000000 ____D () C:\Users\Hannah\AppData\Local\{A897147A-86C3-4295-9B55-A1D2F01B9355}
2014-05-23 10:51 - 2014-01-07 16:11 - 00085328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-05-23 10:51 - 2012-10-11 17:02 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-05-23 10:51 - 2012-10-11 17:02 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-05-16 21:07 - 2014-05-16 21:07 - 00000000 ____D () C:\Windows\System32\Tasks\Games
2014-05-16 21:07 - 2012-04-03 16:26 - 00000000 ____D () C:\Users\Hannah\AppData\Local\Microsoft Games
2014-05-14 20:26 - 2012-06-11 09:13 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-05-14 20:26 - 2012-06-11 09:13 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-05-14 20:26 - 2012-03-25 18:41 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-05-14 18:43 - 2012-03-23 18:07 - 00000000 ___RD () C:\Users\Hannah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-14 18:39 - 2014-05-06 11:04 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-14 18:38 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-05-14 16:56 - 2012-03-23 18:23 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-05-14 16:54 - 2013-07-11 22:13 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-14 16:52 - 2012-03-23 22:52 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-14 11:02 - 2014-05-14 11:02 - 03112960 _____ () C:\Windows\system32\eed_ec.dll
2014-05-14 11:02 - 2014-05-14 11:02 - 00686384 _____ (Samsung Electronics) C:\Windows\system32\eed_sl.exe
2014-05-13 11:36 - 2014-05-13 11:35 - 13987068 _____ () C:\Users\Hannah\Downloads\ganttproject-2.6.6-r1715.exe
2014-05-12 08:59 - 2012-05-02 15:51 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-12 07:26 - 2014-06-06 13:46 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-12 07:26 - 2014-06-06 13:46 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-12 07:25 - 2014-06-06 13:46 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-10 21:58 - 2014-05-10 21:58 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-09 13:30 - 2012-03-23 18:23 - 00000000 ____D () C:\Users\Hannah\AppData\Local\Microsoft Help
2014-05-09 08:14 - 2014-05-14 15:31 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-09 08:11 - 2014-05-14 15:31 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-08 14:10 - 2009-07-14 07:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
Files to move or delete:
====================
C:\Users\Hannah\setup.exe
Some content of TEMP:
====================
C:\Users\Hannah\AppData\Local\Temp\AskSLib.dll
C:\Users\Hannah\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpfzw052.dll
C:\Users\Hannah\AppData\Local\Temp\FP_PL_PFS_INSTALLER_32bit.exe
C:\Users\Hannah\AppData\Local\Temp\installerdll20201599.dll
C:\Users\Hannah\AppData\Local\Temp\installerdll20219866.dll
C:\Users\Hannah\AppData\Local\Temp\installerdll23159378.dll
C:\Users\Hannah\AppData\Local\Temp\installerdll23169174.dll
C:\Users\Hannah\AppData\Local\Temp\install_flashplayer11x32_mssd_aaa_aih.exe
C:\Users\Hannah\AppData\Local\Temp\install_flashplayer11x32_mssd_aaa_aih_1.exe
C:\Users\Hannah\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\Hannah\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\Hannah\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\Hannah\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\Hannah\AppData\Local\Temp\MixiDJToolbar_yh.exe
C:\Users\Hannah\AppData\Local\Temp\MixiYD.exe
C:\Users\Hannah\AppData\Local\Temp\ose00000.exe
C:\Users\Hannah\AppData\Local\Temp\rootsupd.exe
C:\Users\Hannah\AppData\Local\Temp\SecurityScan_Release.exe
C:\Users\Hannah\AppData\Local\Temp\Setup.exe
C:\Users\Hannah\AppData\Local\Temp\SEVINST64x86.EXE
C:\Users\Hannah\AppData\Local\Temp\uninst1.exe
C:\Users\Hannah\AppData\Local\Temp\Uninstall.exe
C:\Users\Hannah\AppData\Local\Temp\UninstallEADM.dll
C:\Users\Hannah\AppData\Local\Temp\vcredist_x64.exe
C:\Users\Hannah\AppData\Local\Temp\vcredist_x86.exe
C:\Users\Hannah\AppData\Local\Temp\vlc-2.0.5-win32.exe
C:\Users\Hannah\AppData\Local\Temp\vlc-2.1.3-win32.exe
C:\Users\Hannah\AppData\Local\Temp\WindowsInstaller-KB893803-v2-x86.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-05-29 10:14
==================== End Of Log ============================
--- --- ---
und der addition log Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-06-2014
Ran by Hannah at 2014-06-06 16:27:36
Running from C:\Users\Hannah\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
Abflußbemessung Version 1.7 (HKLM-x32\...\ST6UNST #1) (Version: - )
ACD/Labs Software in C:\ACDFREE12\ (HKLM-x32\...\ACDLabs in C__ACDFREE12_) (Version: v12.00, FREE - ACD/Labs)
ActiveX Download Control Trial Version (HKLM-x32\...\UFileDownloadD) (Version: - )
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 4.0.0.1390 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 4.0.0.1390 - Adobe Systems Incorporated) Hidden
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.6 - Adobe Systems Incorporated)
Adobe Download Assistant (x32 Version: 1.2.6 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 10 ActiveX (HKLM-x32\...\{B7B3E9B3-FB14-4927-894B-E9124509AF5A}) (Version: 10.0.32.18 - Adobe Systems, Inc.)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.07) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Anzeige am Bildschirm (HKLM\...\OnScreenDisplay) (Version: 6.60.03 - )
avast! Free Antivirus (HKLM-x32\...\avast) (Version: 9.0.2018 - Avast Software)
Broadcom InConcert Maestro (HKLM\...\{57DD35E9-D9BB-4089-BB05-EF933C586CB3}) (Version: 1.0.1.1500 - Broadcom Corporation)
Brother MFL-Pro Suite DCP-9010CN (HKLM-x32\...\{A1BBEE16-49B1-42F2-95B8-54C8C6A1C0C3}) (Version: 2.0.1.0 - Brother Industries, Ltd.)
Burn.Now 4.5 (x32 Version: 4.5.0 - Corel Corporation) Hidden
Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: 4.1.6 - Canon Inc.)
Conexant 20672 SmartAudio HD (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.32.23.0 - Conexant)
Corel Burn.Now Lenovo Edition (HKLM-x32\...\InstallShield_{A3BE3F1E-2472-4211-8735-E8239BE49D9F}) (Version: 4.5.0 - Corel Corporation)
Corel DVD MovieFactory 7 (x32 Version: 7.0.0 - Corel Corporation) Hidden
Corel DVD MovieFactory Lenovo Edition (HKLM-x32\...\InstallShield_{50F68032-B5B7-4513-9116-C978DBD8F27A}) (Version: 7.0.0 - Corel Corporation)
Corel WinDVD (HKLM-x32\...\{5C1F18D2-F6B7-4242-B803-B5A78648185D}) (Version: 10.0.5.828 - Corel Inc.)
Counter-Strike 1.6 (HKLM-x32\...\{13B792AA-C078-43A4-8A3A-8B12D629940D}) (Version: 1.00.0000 - )
Create Recovery Media (HKLM-x32\...\{50DC5136-21E8-48BC-97E5-1AD055F6B0B6}) (Version: 1.20.0.00 - Lenovo Group Limited)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{349F73CA-653A-43A6-AE77-970B07D6EDA0}) (Version: - Microsoft)
Die Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.67.2 - Electronic Arts)
Die Sims™ 3 Einfach tierisch (HKLM-x32\...\{C12631C6-804D-4B32-B0DD-8A496462F106}) (Version: 10.0.96 - Electronic Arts)
Die Sims™ 3 Jahreszeiten (HKLM-x32\...\{3DE92282-CB49-434F-81BF-94E5B380E889}) (Version: 16.0.136 - Electronic Arts)
Die Sims™ 3 Reiseabenteuer (HKLM-x32\...\{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}) (Version: 2.0.86 - Electronic Arts)
Die Sims™ 3 Traumkarrieren (HKLM-x32\...\{910F4A29-1134-49E0-AD8B-56E4A3152BD1}) (Version: 4.0.87 - Electronic Arts)
Dienstprogramm "ThinkPad UltraNav" (HKLM-x32\...\{17CBC505-D1AE-459D-B445-3D2000A85842}) (Version: 2.13.0 - Lenovo)
Direct DiscRecorder (x32 Version: 1.00.0000 - Corel Corporation) Hidden
Disable AMT Profile Synchronization Pop-up for Windows XP/Vista/7 (HKLM\...\DisableAMTPopup) (Version: 1.00 - )
Dropbox (HKCU\...\Dropbox) (Version: 2.8.2 - Dropbox, Inc.)
Evernote v. 4.2.3 (HKLM-x32\...\{F761359C-9CED-45AE-9A51-9D6605CD55C4}) (Version: 4.2.3.15 - Evernote Corp.)
FileZilla Client 3.7.3 (HKCU\...\FileZilla Client) (Version: 3.7.3 - Tim Kosse)
Integrated Camera Driver Installer Package Ver.1.1.0.1147 (HKLM-x32\...\{B2CA6F37-1602-4823-81B5-0384B6888AA6}) (Version: 1.1.0.1147 - RICOH)
Integrated Camera TWAIN (HKLM-x32\...\{9CA0DEE4-E84B-466F-9B96-FC255F3A929F}) (Version: 1.0.11.1223 - Chicony Electronics Co.,Ltd.)
Intel PROSet Wireless (Version: - ) Hidden
Intel PROSet Wireless (x32 Version: - ) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Identity Protection Technology 1.1.2.0 (HKLM-x32\...\{C01A86F5-56E7-101F-9BC9-E3F1025EB779}) (Version: 1.1.2.0 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2321 - Intel Corporation)
Intel(R) PROSet/Wireless WiFi-Software (HKLM\...\{25FBDA9A-E868-4B3B-B9FF-D923818511A1}) (Version: 14.2.0000 - Intel Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Lenovo Auto Scroll Utility (HKLM\...\LenovoAutoScrollUtility) (Version: 1.11 - )
Lenovo Patch Utility (HKLM-x32\...\{24E92E7A-6848-4747-A3EA-3AAC0576BE52}) (Version: 1.0.1.1 - Lenovo Group Limited)
Lenovo Patch Utility 64 bit (HKLM\...\{39A04221-294E-4D90-A0F2-CCB1EF15CB56}) (Version: 1.2.0.1 - Lenovo Group Limited)
Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.03.13 - )
Lenovo Registration (HKLM-x32\...\{6707C034-ED6B-4B6A-B21F-969B3606FBDE}) (Version: 1.0.4 - Lenovo Inc.)
Lenovo SimpleTap (HKLM\...\{EFC9FE7C-ECE8-4282-8F77-FEDCAD374C77}) (Version: 3.0.0010.00 - Lenovo Group Limited)
Lenovo Solution Center (HKLM\...\{828CE72E-718B-4FDC-A469-8DE674CE8C4D}) (Version: 1.0.006.00 - Lenovo Group Limited)
Lenovo System Interface Driver (HKLM\...\LENOVO.SMIIF) (Version: 1.05 - )
Lenovo User Guide (HKLM-x32\...\{13F59938-C595-479C-B479-F171AB9AF64F}) (Version: 1.0.0008.00 - Ihr Firmenname)
Lenovo Warranty Information (HKLM-x32\...\{FD4EC278-C1B1-4496-99ED-C0BE1B0AA521}) (Version: 1.0.0005.00 - Lenovo)
Lenovo Welcome (HKLM-x32\...\Lenovo Welcome_is1) (Version: 3.00.006.0 - Lenovo)
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Message Center Plus (HKLM-x32\...\{7F8205DE-DDFA-4156-ADA2-766E9CB4FABC}) (Version: 3.0.0011.00 - Lenovo Group Limited)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Mozilla Firefox 29.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 29.0.1 (x86 de)) (Version: 29.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NVIDIA 3D Vision Treiber 268.71 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 268.71 - NVIDIA Corporation)
NVIDIA Grafiktreiber 268.71 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 268.71 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.2.23.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.2.23.3 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.265.41.0 - NVIDIA Corporation) Hidden
NVIDIA Optimus 1.0.21 (Version: 1.0.21 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6871 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 268.71 (Version: 268.71 - NVIDIA Corporation) Hidden
NVIDIA Update Components (Version: 1.0.21 - NVIDIA Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 9.2.1.4399 - Electronic Arts, Inc.)
PANTONE Color Calibrator 1.0 (HKLM-x32\...\PANTONE Color Calibrator_is1) (Version: - X-Rite)
PhotoScape (HKLM-x32\...\PhotoScape) (Version: - )
R for Windows 3.0.2 (HKLM\...\R for Windows 3.0.2_is1) (Version: 3.0.2 - R Core Team)
RapidBoot (HKLM\...\{5E2652DF-743F-482B-A593-C95F431A5769}) (Version: 1.11 - Lenovo)
Registry Patch to Enable Maximum Power Saving on WiFi Adapters for Windows 7 (HKLM\...\EnablePS) (Version: 1.00 - )
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.32.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.32.0 - Renesas Electronics Corporation) Hidden
RICOH_Media_Driver_v2.14.18.01 (HKLM-x32\...\{FE041B02-234C-4AAA-9511-80DF6482A458}) (Version: 2.14.18.01 - RICOH)
RStudio (HKLM-x32\...\RStudio) (Version: 0.97.551 - RStudio)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.1.13105_7 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.1.13105_7 - Samsung Electronics Co., Ltd.) Hidden
Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.29.0 - SAMSUNG Electronics Co., Ltd.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version: - Microsoft) Hidden
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
System Update (HKLM-x32\...\{25C64847-B900-48AD-A164-1B4F9B774650}) (Version: 4.01.0015 - Lenovo)
ThinkPad Bluetooth with Enhanced Data Rate Software (HKLM\...\{C6C9D5F7-630C-4125-8C4E-94AF77C1896E}) (Version: 6.4.0.1500 - Broadcom Corporation)
ThinkPad Energie-Manager (HKLM-x32\...\{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}) (Version: 3.63 - )
ThinkPad FullScreen Magnifier (HKLM\...\ThinkPad FullScreen Magnifier) (Version: 2.40 - )
ThinkPad UltraNav Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.8.0 - )
ThinkVantage AutoLock (HKLM\...\{E224B44B-B5EB-4af3-A80A-A255358E241A}_is1) (Version: 1.03 - Lenovo)
ThinkVantage Communications Utility (HKLM\...\{88C6A6D9-324C-46E8-BA87-563D14021442}_is1) (Version: 2.07 - Lenovo)
ThinkVantage Fingerprint Software (HKLM\...\{502EE63C-9A62-4330-8F8B-1EAB51B7BB46}) (Version: 5.9.4.6882 - UPEK Inc.)
ThinkVantage System für aktiven Festplattenschutz (HKLM\...\{46A84694-59EC-48F0-964C-7E76E9F8A2ED}) (Version: 1.73 - Lenovo)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version: - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version: - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version: - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version: - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{39767ECA-1731-45DB-AB5B-6BF40E151D66}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2494150) (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{3FCFD88F-4D13-4F38-8625-ABABEA7F61EA}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{BA610006-2C39-4419-9834-CF61AB24810A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{C70D2038-A2C4-4A99-87DE-5272BB44F0CE}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{82F87E28-B18E-46D6-A399-E2F19CF5949B}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2878225) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{EFF5EBA3-40AD-4859-85E7-3C1CF4F297EB}) (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{A0657506-69DC-44AE-8DC1-58E7C6F5B1C9}) (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{40EC8FB1-5202-469D-9232-C28FB1C6FC64}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version: - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version: - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version: - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version: - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version: - Microsoft)
VC 9.0 Runtime (x32 Version: 1.0.0 - Check Point Software Technologies Ltd) Hidden
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows-Treiberpaket - Intel (e1cexpress) Net (12/21/2010 11.8.84.0) (HKLM\...\6D23A494E9A245843FB8584D9307D3E328DF8613) (Version: 12/21/2010 11.8.84.0 - Intel)
Windows-Treiberpaket - Intel System (09/10/2010 9.2.0.1011) (HKLM\...\0CDBDD444A1F5FFEA227B4E7DCE195F11F08240A) (Version: 09/10/2010 9.2.0.1011 - Intel)
Windows-Treiberpaket - Intel System (09/10/2010 9.2.0.1011) (HKLM\...\8058FF31D7C7F4818DC176DAF53CD379968C86E4) (Version: 09/10/2010 9.2.0.1011 - Intel)
Windows-Treiberpaket - Intel System (11/20/2010 9.2.0.1016) (HKLM\...\43B5066463CEBC83E99586A67037B6F9FC4193FE) (Version: 11/20/2010 9.2.0.1016 - Intel)
Windows-Treiberpaket - Intel USB (12/21/2010 9.2.0.1021) (HKLM\...\0DD5528A211904214F70A66DE6ADBD378B21566D) (Version: 12/21/2010 9.2.0.1021 - Intel)
Windows-Treiberpaket - Lenovo 1.61.00.11 (11/11/2010 1.61.00.11) (HKLM\...\466E9B20D871055D6D3CDA2CDD1D355E978A61AF) (Version: 11/11/2010 1.61.00.11 - Lenovo)
Windows-Treiberpaket - Synaptics (SynTP) Mouse (05/19/2011 15.3.8.0) (HKLM\...\DDD8A532E361E9A878EBEF69C338B306810DF059) (Version: 05/19/2011 15.3.8.0 - Synaptics)
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
X-Rite Device i1Display Service (HKLM-x32\...\{D2A53206-6A9E-4241-B21C-D94140EEF1CE}_is1) (Version: 1.0 - X-Rite Inc.)
X-Rite Device Manager (HKLM-x32\...\{9ACEA9CD-63B9-4784-807B-EA295E96A7C3}_is1) (Version: 1.0 - X-Rite Inc.)
ZoneAlarm LTD Toolbar (HKLM\...\ZoneAlarm LTD Toolbar) (Version: - Check Point Software Technologies)
==================== Restore Points =========================
21-05-2014 08:05:44 Windows Update
29-05-2014 18:37:50 Geplanter Prüfpunkt
30-05-2014 07:16:09 Windows Update
03-06-2014 07:53:25 Windows Update
03-06-2014 10:44:37 Removed Cisco AnyConnect Secure Mobility Client
03-06-2014 10:54:33 ????????? Counter-Strike 1.6
03-06-2014 10:58:32 Windows Update
04-06-2014 21:03:38 Windows Update
05-06-2014 18:21:29 Removed Ubisoft Game Launcher
05-06-2014 18:23:01 ????????? Counter-Strike 1.6
06-06-2014 11:37:30 Removed Java 7 Update 55
==================== Hosts content: ==========================
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {01BCBDC4-A330-4FF0-930E-7C6C8BFD06F9} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-05-05] (AVAST Software)
Task: {0474D43A-A5CE-47D4-97DA-1A23BA5C59AB} - System32\Tasks\Games\UpdateCheck_S-1-5-21-2341146605-734141027-1570152291-1001
Task: {43963E6F-0657-444C-B5E7-3039207AB1EF} - System32\Tasks\PMTask => C:\Program Files (x86)\ThinkPad\Utilities\PWMIDTSV.EXE [2011-08-31] (Lenovo Group Limited)
Task: {4C8D9CCD-27EF-4FAF-A416-394F8AC74608} - System32\Tasks\Lenovo\Message Center Plus Launcher => C:\Program Files (x86)\Lenovo\message center plus\mcplaunch.exe [2011-12-21] (Lenovo)
Task: {5AD52287-27FB-4830-A540-38DD764B2C73} - System32\Tasks\Lenovo\SimpleTap\Start SimpleTap for schnucki.Hannah => C:\Program Files\Lenovo\SimpleTap\SimpleTap.exe [2011-12-21] (Lenovo)
Task: {A35AD06E-2363-40A4-A94C-F35AE1535973} - System32\Tasks\Lenovo\Lenovo Produktregistrierung (Hannah) => C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe [2011-07-13] (Lenovo, Inc.)
Task: {AA7B9462-3846-4CC8-A136-844B09F81F8E} - System32\Tasks\MCP => C:\Program Files (x86)\LENOVO\Message Center Plus\MCPLaunch.exe [2011-12-21] (Lenovo)
Task: {DE8F7C2B-8073-4E7D-A939-AAA1991C15AC} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-14] (Adobe Systems Incorporated)
Task: {FEBCA08E-D17C-469B-8C23-93A2E2795B95} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2012-01-10] (Lenovo)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Loaded Modules (whitelisted) =============
2011-05-02 08:10 - 2011-05-02 08:10 - 00034304 _____ () C:\Windows\System32\ssm1mlm.dll
2011-07-27 21:07 - 2011-07-27 21:07 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2012-03-24 10:49 - 2005-04-22 14:36 - 00143360 ____N () C:\Windows\system32\BrSNMP64.dll
2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2012-03-09 12:13 - 2011-08-31 20:03 - 00055808 ____N () C:\Program Files (x86)\ThinkPad\Utilities\GR\PWMRT64V.DLL
2010-01-02 16:42 - 2010-01-02 16:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2010-12-18 16:50 - 2010-12-18 16:50 - 00173856 _____ () C:\Program Files\ThinkPad\Bluetooth Software\btkeyind.dll
2012-03-09 20:35 - 2011-05-19 14:04 - 00057640 _____ () C:\Program Files\Synaptics\SynTP\SynTPEnhPS.dll
2012-03-09 12:07 - 2010-10-26 06:40 - 00049056 ____N () C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
2012-03-09 12:10 - 2011-03-06 13:07 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-03-09 12:16 - 2010-12-15 23:53 - 10383872 _____ () C:\Program Files (x86)\X-Rite\PANTONE Color Calibrator\Color Calibrator Tray.exe
2012-03-24 10:49 - 2011-04-01 12:26 - 01163264 ____R () C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe
2014-06-06 11:23 - 2014-06-06 11:23 - 02775040 _____ () C:\Program Files\AVAST Software\Avast\defs\14060600\algo.dll
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2012-03-09 12:14 - 2010-04-06 10:05 - 02085888 _____ () C:\Program Files\Lenovo\AutoLock\cv210.dll
2012-03-09 12:14 - 2010-04-06 10:04 - 02201088 _____ () C:\Program Files\Lenovo\AutoLock\cxcore210.dll
2012-03-09 12:16 - 2010-12-15 23:53 - 00898560 _____ () C:\Program Files (x86)\X-Rite\PANTONE Color Calibrator\libxml2.dll
2012-03-09 12:16 - 2010-12-15 23:53 - 00073728 _____ () C:\Program Files (x86)\X-Rite\PANTONE Color Calibrator\zlib1.dll
2012-03-09 12:16 - 2010-12-15 23:53 - 03449344 _____ () C:\Program Files (x86)\X-Rite\PANTONE Color Calibrator\CxF2_VC90MD_2.1.dll
2012-03-09 12:16 - 2010-12-15 23:54 - 07390720 _____ () C:\Program Files (x86)\X-Rite\PANTONE Color Calibrator\QtGui4.dll
2012-03-09 12:16 - 2010-12-15 23:54 - 02012160 _____ () C:\Program Files (x86)\X-Rite\PANTONE Color Calibrator\QtCore4.dll
2012-03-24 10:49 - 2009-02-27 17:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2013-12-12 18:14 - 2013-12-12 18:14 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2013-08-07 21:25 - 2013-08-07 21:25 - 00093696 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2014-06-06 14:12 - 2014-06-06 14:12 - 00043008 _____ () c:\users\hannah\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpfzw052.dll
2013-08-23 21:01 - 2013-08-23 21:01 - 25100288 _____ () C:\Users\Hannah\AppData\Roaming\Dropbox\bin\libcef.dll
2014-05-10 21:58 - 2014-05-10 21:58 - 03839088 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2011-05-25 18:07 - 2011-05-25 18:07 - 00235112 _____ () C:\Program Files (x86)\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll
2014-05-14 20:26 - 2014-05-14 20:26 - 16361136 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
==================== EXE Association (whitelisted) =============
==================== Disabled items from MSCONFIG ==============
==================== Faulty Device Manager Devices =============
Name: Bluetooth-Peripheriegerät
Description: Bluetooth-Peripheriegerät
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Bluetooth-Peripheriegerät
Description: Bluetooth-Peripheriegerät
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (06/06/2014 04:23:30 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (06/06/2014 02:20:13 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (06/06/2014 02:20:10 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (06/06/2014 02:17:40 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (06/06/2014 02:17:36 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (06/06/2014 02:09:57 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/06/2014 08:03:42 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1".
Die abhängige Assemblierung "Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (06/06/2014 08:03:40 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "x64" des "processorArchitecture"-Attributs im assemblyIdentity-Element ist ungültig.
Error: (06/06/2014 08:03:04 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1".
Die abhängige Assemblierung "Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (06/06/2014 07:20:47 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
System errors:
=============
Error: (06/06/2014 02:10:23 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.
Modulpfad: C:\Windows\System32\IWMSSvc.dll
Fehlercode: 258
Error: (06/06/2014 02:09:54 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Lenovo Microphone Mute erreicht.
Error: (06/06/2014 07:21:14 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.
Modulpfad: C:\Windows\System32\IWMSSvc.dll
Fehlercode: 258
Error: (06/05/2014 07:57:19 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.
Modulpfad: C:\Windows\System32\IWMSSvc.dll
Fehlercode: 258
Error: (06/05/2014 04:44:00 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.
Modulpfad: C:\Windows\System32\IWMSSvc.dll
Fehlercode: 258
Error: (06/05/2014 09:00:43 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.
Modulpfad: C:\Windows\System32\IWMSSvc.dll
Fehlercode: 258
Error: (06/04/2014 10:52:31 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.
Modulpfad: C:\Windows\System32\IWMSSvc.dll
Fehlercode: 258
Error: (06/04/2014 10:52:03 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Lenovo Microphone Mute erreicht.
Error: (06/04/2014 01:01:04 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
Error: (06/04/2014 08:05:55 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.
Modulpfad: C:\Windows\System32\IWMSSvc.dll
Fehlercode: 258
Microsoft Office Sessions:
=========================
Error: (06/06/2014 04:23:30 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe
Error: (06/06/2014 02:20:13 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Hannah\Downloads\esetsmartinstaller_deu.exe
Error: (06/06/2014 02:20:10 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Hannah\Downloads\esetsmartinstaller_deu.exe
Error: (06/06/2014 02:17:40 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Hannah\Downloads\esetsmartinstaller_deu.exe
Error: (06/06/2014 02:17:36 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Hannah\Downloads\esetsmartinstaller_deu.exe
Error: (06/06/2014 02:09:57 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/06/2014 08:03:42 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"c:\program files\Lenovo\lenovo solution center\App\diag\flex_comm_sample.exe
Error: (06/06/2014 08:03:40 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: assemblyIdentityprocessorArchitecturex64c:\program files\R\r-3.0.2\Tcl\bin64\tk85.dllc:\program files\R\r-3.0.2\Tcl\bin64\tk85.dll9
Error: (06/06/2014 08:03:04 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"C:\Program Files\Lenovo\Lenovo Solution Center\App\diag\flex_comm_sample.exe
Error: (06/06/2014 07:20:47 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
CodeIntegrity Errors:
===================================
Date: 2013-09-24 09:13:59.826
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-09-23 17:44:06.738
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-09-23 14:43:04.971
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-09-23 14:38:01.484
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-09-22 20:02:39.775
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-09-20 10:45:05.016
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-09-20 10:39:35.157
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-09-19 16:34:58.387
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-09-18 11:43:37.796
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-09-17 16:43:19.817
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Percentage of memory in use: 39%
Total physical RAM: 8075.23 MB
Available physical RAM: 4875.09 MB
Total Pagefile: 16148.65 MB
Available Pagefile: 12932.45 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
==================== Drives ================================
Drive c: (Windows7_OS) (Fixed) (Total:448.67 GB) (Free:294.05 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: (MINI-USB) (Removable) (Total:3.76 GB) (Free:3.53 GB) FAT32
Drive q: (Lenovo_Recovery) (Fixed) (Total:15.62 GB) (Free:5.09 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 466 GB) (Disk ID: B2E89621)
Partition 1: (Active) - (Size=1 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=449 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=16 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (Size: 4 GB) (Disk ID: 00000000)
Partition: GPT Partition Type.
==================== End Of Log ============================
ich hab das Gefühl mein PC ist eine richtige Fundgrube für malware :eek:
LG Hannah |
Hinweis:
FRST 32-Bit | FRST 64-Bit