Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Windows 8.1: Dienst "Geräteinstallations-Manager" (DsmSvc) beansprucht 20-30% CPU-Auslastung im Ruhezustand

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 04.05.2014, 19:11   #1
emon
 
Windows 8.1: Dienst "Geräteinstallations-Manager" (DsmSvc) beansprucht 20-30% CPU-Auslastung im Ruhezustand - Standard

Windows 8.1: Dienst "Geräteinstallations-Manager" (DsmSvc) beansprucht 20-30% CPU-Auslastung im Ruhezustand



Hallo zusammen,

nachdem ich den ganzen Tag zweifelhaft und erfolglos nach einer Lösung für mein Problem gesucht habe, versuche ich es nun auf diesem Wege. Seit einigen Tage beansprucht der Dienst "DsmSvc" (Anzeigename: Geräteinstallations-Manager, Pfad zur exe: C:\WINDOWS\system32\svchost.exe -k netsvcs) auf meinem Windows 8.1-System eine konstante Prozessorauslastung zwischen 20-30% (Screenshot im Anhang). Laut Process Explorer hängt dieses u.a. mit der Datei ntdll.dll zusammen (nach Makierung des Threads, Klick auf Module). Auch die Länge der Gmer.txt (im Anhang) scheint auf Probleme mit der Datei schließen zu lassen ...

Ich habe meinen Rechner durch Avast, Spybot, Malwarebytes, Ad-Aware, MRT, TDSSKiller und Hitman Pro prüfen lassen. Dieses hat aber leider nichts ergeben. Aktuell kann ich den Dienst im Process Explorer manuell beenden und komme so wieder auf meine 4% Auslastung im Ruhezustand zurück, aber das kann nicht die Lösung sein. Wie kommt es zu dieser Auslastung durch den Dienst und wie kann ich es beheben?

Ich bin gespannt auf Eure Antworten und danke schonmal im Voraus für Eure Mühen.
Norbert

defogger_disable.log:
Code:
ATTFilter
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 18:38 on 04/05/2014 (User)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-
         
FRST.txt:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-05-2014
Ran by User (administrator) on THINKPAD_X1 on 04-05-2014 17:56:40
Running from C:\Users\User\Desktop
Windows 8.1 Pro (Update 1) (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ 
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe
(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkUserAgent.exe
(Authentec Inc.) C:\Program Files\ThinkVantage Fingerprint Software\upeksvr.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVAST Software) C:\Program Files\Avast\AvastSvc.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Apache Software Foundation) C:\SecureWAMP\Apache2\bin\httpd.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(LENOVO INCORPORATED.) C:\Program Files\Lenovo\SystemAgent\SystemAgentService.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE
(Apache Software Foundation) C:\SecureWAMP\Apache2\bin\httpd.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Ericsson AB) C:\Program Files (x86)\Mobile Broadband Drivers\WMCore\WMCore.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler64.exe
(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkUI.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Logitech, Inc.) C:\Program Files\Common Files\logishrd\KHAL3\KHALMNPR.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Peer Connect\NalService.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\extapsup.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Google Inc.) C:\Users\User\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Google Inc.) C:\Users\User\AppData\Local\Programs\Google\MusicManager\MusicManager.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(www.bid-o-matic.org) C:\Program Files (x86)\Biet-O-Matic\Biet-O-Matic.exe
(AVAST Software) C:\Program Files\Avast\AvastUI.exe
(Deutsche Telekom AG) C:\Users\User\AppData\Roaming\Telekom\MediencenterSync\Mediencenter.exe
(SunplusIT, Inc.) C:\Program Files (x86)\Integrated Camera\Monitor.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe
(Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Dominik Reichl) C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe
(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [] => [X]
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [519408 2013-07-18] (Acronis)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3091224 2013-07-31] (Logitech, Inc.)
HKLM\...\Run: [LENOVO.TPKNRRES] => C:\Program Files\Lenovo\Communications Utility\LibStartStub.dll [74288 2014-03-04] (Lenovo Corporation)
HKLM\...\Run: [LenovoNal] => C:\Program Files\Lenovo\Lenovo Peer Connect\NalService.exe [19960 2013-10-18] (Lenovo)
HKLM\...\Run: [LenovoOptMouseUpdate] => C:\Program Files\Lenovo\HOTKEY\extapsup.exe [255480 2013-06-20] (Lenovo Group Limited)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-08-30] (Realtek Semiconductor)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13653208 2013-09-13] (Realtek Semiconductor)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\Avast\AvastUI.exe [3854640 2014-04-11] (AVAST Software)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [1104616 2013-10-10] (Acronis International GmbH)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [132920 2013-05-30] (Intel Corporation)
HKLM-x32\...\Run: [Integrated Camera_Monitor] => C:\Program Files (x86)\Integrated Camera\monitor.exe [1719456 2013-12-10] (SunplusIT, Inc.)
HKLM-x32\...\Run: [Intel AppUp(R) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [156000 2012-12-14] (Intel Corporation)
HKLM-x32\...\Run: [KeePass 2 PreLoad] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [2092032 2014-02-03] (Dominik Reichl)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [5624784 2013-07-25] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [7843744 2014-02-04] (Acronis)
Winlogon\Notify\igfxcui: C:\WINDOWS\SYSTEM32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
Winlogon\Notify\psfus: C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll (Authentec Inc.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-272428205-3716622950-2856836198-1004\...\Run: [Google Update] => C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-12-16] (Google Inc.)
HKU\S-1-5-21-272428205-3716622950-2856836198-1004\...\Run: [Google+ Auto Backup] => C:\Users\User\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe [3701064 2014-03-26] (Google Inc.)
HKU\S-1-5-21-272428205-3716622950-2856836198-1004\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [21822128 2014-01-30] (Google)
HKU\S-1-5-21-272428205-3716622950-2856836198-1004\...\Run: [MusicManager] => C:\Users\User\AppData\Local\Programs\Google\MusicManager\MusicManager.exe [7382528 2014-03-03] (Google Inc.)
HKU\S-1-5-21-272428205-3716622950-2856836198-1004\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20922016 2014-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-272428205-3716622950-2856836198-1004\...\Run: [GoogleChromeAutoLaunch_BA09B07B8B80D23F626FFA7CBB47CC99] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [841032 2014-04-24] (Google Inc.)
HKU\S-1-5-21-272428205-3716622950-2856836198-1004\...\MountPoints2: {c0e0110d-8905-11e3-beca-b8763fa784a8} - "E:\start.exe" 
Lsa: [Notification Packages] scecli C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Biet-O-Matic.lnk
ShortcutTarget: Biet-O-Matic.lnk -> C:\Program Files (x86)\Biet-O-Matic\Biet-O-Matic.exe (www.bid-o-matic.org)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\User\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Mediencenter.lnk
ShortcutTarget: Mediencenter.lnk -> C:\Users\User\AppData\Roaming\Telekom\MediencenterSync\Mediencenter.exe (Deutsche Telekom AG)
SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\WINDOWS\system32\CbFsMntNtf3.dll (EldoS Corporation)
SSODL-x32: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\WINDOWS\SysWow64\CbFsMntNtf3.dll (EldoS Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://127.0.0.1:8000/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13-comm.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com/welcome/thinkpad
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
SearchScopes: HKLM - DefaultScope {6DFBD600-698E-4452-994D-931E637AC187} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MALCJS
SearchScopes: HKLM - {6DFBD600-698E-4452-994D-931E637AC187} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MALCJS
SearchScopes: HKLM-x32 - {6DFBD600-698E-4452-994D-931E637AC187} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MALCJS
SearchScopes: HKCU - DefaultScope {6DFBD600-698E-4452-994D-931E637AC187} URL = 
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear
SearchScopes: HKCU - {6DFBD600-698E-4452-994D-931E637AC187} URL = 
BHO: Deaktivierungs-Add-on für Browser von Google Analytics - {75EF13CE-B59E-41ba-8A5A-A944031BD8B4} - C:\Program Files\Google\Google Analytics Opt-Out\gaoptout_x64.dll (Google, Inc.)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll (Logitech, Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Deaktivierungs-Add-on für Browser von Google Analytics - {75EF13CE-B59E-41ba-8A5A-A944031BD8B4} - C:\Program Files (x86)\Google\Google Analytics Opt-Out\gaoptout.dll (Google, Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll (Logitech, Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\59trajgo.default
FF SelectedSearchEngine: Google
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_13_0_0_206.dll ()
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @sony.com/ReaderDesktop - C:\Program Files (x86)\Sony\ReaderDesktop\npreaderdetectmoz.dll (Sony Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\User\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\User\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\User\AppData\Local\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\User\AppData\Local\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: intel.com/AppUp - C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp.dll (Intel)
FF Plugin HKCU: intel.com/AppUpx64 - C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp_x64.dll (Intel)
FF Plugin ProgramFiles/Appdata: C:\Users\User\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\User\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Flash Video Downloader - Full HD Download - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\59trajgo.default\Extensions\artur.dubovoy@gmail.com [2014-04-28]
FF Extension: Aptana Debugger - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\59trajgo.default\Extensions\debugger@aptana.com [2014-02-13]
FF Extension: Firebug - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\59trajgo.default\Extensions\firebug@software.joehewitt.com.xpi [2014-02-13]
FF Extension: Google Analytics Opt-out Browser Add-on - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\59trajgo.default\Extensions\{6d96bb5e-1175-4ebf-8ab5-5f56f1c79f65}.xpi [2013-12-04]
FF Extension: Biet-O-Matic Firefox Erweiterung - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\59trajgo.default\Extensions\{B0D70E72-2FC1-4b9f-A3D4-5921C854D906}.xpi [2014-04-23]
FF Extension: DownThemAll! - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\59trajgo.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2014-02-11]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\Avast\WebRep\FF [2013-08-07]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2013-10-25]
FF HKCU\...\Firefox\Extensions: [{F74D5734-46F5-4B16-96F0-1E7FBF41B750}] - C:\Program Files (x86)\Lenovo\Password Manager\PWM Firefox Extension\2.0b12
FF Extension: ThinkVantage Password Manager - C:\Program Files (x86)\Lenovo\Password Manager\PWM Firefox Extension\2.0b12 [2014-03-12]

Chrome: 
=======
CHR HomePage: 
CHR StartupUrls: "", "hxxp://home.sweetim.com/?crg=3.1010000.10011&barid={D3440791-4A1F-11E2-BA13-028037EC0200}", "hxxp://search.conduit.com/?ctid=CT2625848&SearchSource=48"
CHR Extension: (BIODIGITAL HUMAN) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\agoenciogemlojlhccbcpcfflicgnaak [2014-05-04]
CHR Extension: (Xmarks Bookmark Sync) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajpgkpeckebdhofmmjfgcjjiiejpodla [2014-05-04]
CHR Extension: (Google Drive) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-04]
CHR Extension: (Schalten Sie das Licht) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn [2014-05-04]
CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-04]
CHR Extension: (Adblock Plus) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-05-04]
CHR Extension: (OneTab) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\chphlpgkkbolifaimnlloiipkdnihall [2014-05-04]
CHR Extension: (Auf den Amazon-Wunschzettel) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced [2014-05-04]
CHR Extension: (Spotify - Music for every moment) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnkjkdjlofllcpbemipjbcpfnglbgieh [2014-05-04]
CHR Extension: (Google-Suche) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-04]
CHR Extension: (iLove Google Tasks (not by Google)) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\djagodlhefkdlmdhboaonegjldnomnnm [2014-05-04]
CHR Extension: (Gmail offline) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk [2014-05-04]
CHR Extension: (Google Kalender) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2014-05-04]
CHR Extension: (Box - 10GB of FREE storage) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejnkaeblpdcamcioiiabclakabcbjmbl [2014-05-04]
CHR Extension: (ZenMate for Google Chrome™) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcgdnkidjaadafnichfpabhfomcebme [2014-05-04]
CHR Extension: (Deaktivierungs-Add-on von Google Analytics) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\fllaojicojecljbmefodhfapmkghcbnh [2014-05-04]
CHR Extension: (Myibidder Auction Bid Sniper for eBay) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmebanjjkaohcmifehogijfgcoieefnp [2014-05-04]
CHR Extension: (ThinkVantage Password Manager) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\geempcnjhccnoepfmahaeemnnfnignab [2014-05-04]
CHR Extension: (avast! Online Security) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-05-04]
CHR Extension: (Gantter for Google Drive) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\himomacamcpodhkahelbnmaddladgjgo [2014-05-04]
CHR Extension: (Feedly - News, Blogs and Youtube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\hipbfijinpcgfogaopmgehiegacbhmob [2014-05-04]
CHR Extension: (BeeLine Reader) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifjafammaookpiajfbedmacfldaiamgg [2014-05-04]
CHR Extension: (eBook Search) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\iiodggcinjkmjlciplimhpejdocioond [2014-05-04]
CHR Extension: (Save to Pulse) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\imnghiiajfangdaolekmphkaohhcnklj [2014-05-04]
CHR Extension: (Shareaholic für Google Chrome) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmipnjdeifmobkhgogdnomkihhgojep [2014-05-04]
CHR Extension: (Smooth Gestures) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfkgmnnajiljnolcgolmmgnecgldgeld [2014-05-04]
CHR Extension: (Google Maps) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2014-05-04]
CHR Extension: (DSL speedtest) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\mibbfkdeofpfmkclkgjfnjppdblhpddj [2014-05-04]
CHR Extension: (Google Mail-Checker) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2014-05-04]
CHR Extension: (Asana) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafkcmbfnknnkmbdbdhflbidiigecfln [2014-05-04]
CHR Extension: (Better Google Tasks) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbhddnkmimnokfjdlogacnfjfclgcdme [2014-05-04]
CHR Extension: (Export for Trello) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhdelomnagopgaealggpgojkhcafhnin [2014-05-04]
CHR Extension: (Pocket (formerly Read It Later)) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj [2014-05-04]
CHR Extension: (Facebook Notifications) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmameahlembdcigphohgiodcgjomcgeo [2014-05-04]
CHR Extension: (Google Wallet) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-04]
CHR Extension: (Live Sports) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\oamjbefinnglappklpabmhpbcdiephoo [2014-05-04]
CHR Extension: (imo free video calls and text) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocaebkdojpikfmhmnekiflipcicedobi [2014-05-04]
CHR Extension: (Diigo Web Collector - Capture and Annotate) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\oojbgadfejifecebmdnhhkbhdjaphole [2014-05-04]
CHR Extension: (Page Monitor) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pemhgklkefakciniebenbfclihhmmfcd [2014-05-04]
CHR Extension: (Evernote Web Clipper) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc [2014-05-04]
CHR Extension: (Google Mail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-04]
CHR HKCU\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\User\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2014-03-21]
CHR HKLM-x32\...\Chrome\Extension: [geempcnjhccnoepfmahaeemnnfnignab] - C:\Program Files (x86)\Lenovo\Password Manager\chrome_npapi_extension.crx [2014-03-27]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-04-11]

==================== Services (Whitelisted) =================

S4 AAV UpdateService; C:\Program Files (x86)\Steuer-Spar-Erklaerung Plus 2013\AAVUpdateManager\aavus.exe [128296 2008-10-24] ()
R2 ApacheServer; C:\SecureWAMP\Apache2\bin\httpd.exe [20992 2012-11-05] (Apache Software Foundation)
R2 avast! Antivirus; C:\Program Files\Avast\AvastSvc.exe [50344 2014-04-11] (AVAST Software)
S4 AVControlCenter; C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe [573488 2014-03-04] (Lenovo Corporation)
S2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2251992 2013-11-14] (Broadcom Corporation.)
R2 DisplayLinkService; C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe [9281840 2013-10-07] (DisplayLink Corp.)
S4 FoxitCloudUpdateService; C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [239680 2014-02-19] (Foxit Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [167736 2013-05-30] (Intel Corporation)
S4 LavasoftAdAwareService11; C:\Program Files\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareService.exe [702744 2014-01-23] ()
S4 Lenovo QuickSnip Service; C:\Program Files\lenovo\QuickSnipService\QuickSnipService.exe [235488 2012-12-14] (LENOVO INCORPORATED.)
S4 Lenovo Settings Service; C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe [2085184 2014-03-10] (Lenovo Group Limited)
R2 Lenovo System Agent Service; C:\Program Files\lenovo\SystemAgent\SystemAgentService.exe [576992 2012-12-14] (LENOVO INCORPORATED.)
S4 LENOVO.TVTVCAM; C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [702512 2014-03-04] (Lenovo Corporation)
S4 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [136288 2012-08-10] (Lenovo Group Limited)
S4 lnvDiscoveryWinSvc; C:\Program Files\Lenovo\Lenovo Peer Connect\LenovoDiscoverySvc.exe [21496 2013-10-18] (Lenovo)
S4 LocationTaskManager; C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe [468288 2013-12-11] ()
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [1662424 2014-02-19] ()
S4 MySQL56; C:\ProgramData\MySQL\MySQL Server 5.6\my.ini [14255 2013-10-25] ()
S4 QuickControlMasterSvc; C:\Program Files (x86)\Lenovo\QuickControl\QuickControlMasterSvc.exe [59440 2013-12-16] (Lenovo Group Limited)
S4 QuickControlService; C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe [319024 2013-12-16] (Lenovo Group Limited)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3921880 2013-10-15] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1042272 2013-09-20] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171416 2013-09-13] (Safer-Networking Ltd.)
S3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [24120 2014-02-21] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [348392 2013-10-31] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2013-10-31] (Microsoft Corporation)
R2 WMCoreService; C:\Program Files (x86)\Mobile Broadband Drivers\WMCore\WMCore.exe [883472 2012-05-03] (Ericsson AB)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3378416 2013-08-02] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-04-11] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-04-11] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-04-11] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-04-11] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-04-11] (AVAST Software)
R3 aswStm; C:\Windows\system32\drivers\aswStm.sys [84816 2014-04-11] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208928 2014-04-11] ()
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-11-14] (Broadcom Corporation.)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Windows (R) Win 7 DDK provider)
R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
R1 cbfs3; C:\WINDOWS\system32\drivers\cbfs3.sys [352144 2012-04-09] (EldoS Corporation)
R3 DisplayLinkUsbIo_x64; C:\Windows\System32\drivers\DisplayLinkUsbIo_x64_7.4.48800.0.sys [44944 2013-10-17] ()
R3 dlcdcncm6_x64; C:\Windows\system32\DRIVERS\dlcdcncm6_x64.sys [80688 2013-10-07] (DisplayLink Corp.)
R3 dlusbaudio; C:\Windows\system32\DRIVERS\dlusbaudio_x64.sys [203152 2013-10-07] (DisplayLink Corp.)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283200 2013-10-27] (DT Soft Ltd)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation)
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-11-11] (Microsoft Corporation)
R3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [47008 2013-07-30] ()
S3 kbldfltr; C:\Windows\System32\drivers\kbldfltr.sys [22272 2013-09-30] (Microsoft Corporation)
R3 l36wgps; C:\Windows\system32\DRIVERS\l36wgps64.sys [102440 2012-01-13] (Ericsson AB)
R3 l36wscard; C:\Windows\system32\DRIVERS\l36wscard.sys [61992 2011-08-17] (Ericsson AB)
R3 LnvHIDHW; C:\Windows\System32\drivers\LnvHIDHW.sys [27496 2012-07-30] (Lenovo)
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [119512 2014-05-04] (Malwarebytes Corporation)
R3 Mbm4bus; C:\Windows\System32\drivers\Mbm4bus.sys [159816 2011-08-22] (MCCI Corporation)
R3 Mbm4mdfl; C:\Windows\system32\DRIVERS\Mbm4mdfl.sys [19528 2011-08-22] (MCCI Corporation)
R3 Mbm4mdm; C:\Windows\system32\DRIVERS\Mbm4mdm.sys [179784 2011-08-22] (MCCI Corporation)
R3 Mbm4mgmt; C:\Windows\system32\DRIVERS\Mbm4mgmt.sys [161864 2011-08-22] (MCCI Corporation)
R3 Mbm4NNd5; C:\Windows\system32\DRIVERS\Mbm4NNd5.sys [33352 2011-08-22] (MCCI Corporation)
R3 Mbm4NUn; C:\Windows\System32\drivers\Mbm4NUn.sys [194120 2011-08-22] (MCCI Corporation)
S3 MbmLowExt; C:\Windows\System32\Drivers\MbmLowExt.sys [35840 2012-12-07] (Ericsson AB)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3345376 2013-09-04] (Intel Corporation)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924504 2014-02-22] (Microsoft Corporation)
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2013-10-26] (Microsoft Corporation)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [44784 2013-05-29] (Synaptics Incorporated)
R2 smihlp; C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys [13128 2011-05-30] (Authentec Inc.)
R3 SPUVCbv; C:\Windows\System32\Drivers\SPUVCbv_x64.sys [1514144 2013-12-10] (Sunplus)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-10-05] (Microsoft Corporation)
R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1120032 2014-01-25] (Acronis International GmbH)
R0 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [198432 2014-01-25] (Acronis International GmbH)
S3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [329800 2013-07-17] (BitDefender S.R.L.)
S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
R3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [47072 2012-10-09] (Windows (R) Win 7 DDK provider)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124760 2013-10-31] (Microsoft Corporation)
R0 Wof; C:\Windows\System32\Drivers\Wof.sys [157016 2014-03-13] (Microsoft Corporation)
R3 XHCIPort; C:\Windows\System32\drivers\XHCIPort.sys [188896 2012-10-09] (Windows (R) Win 7 DDK provider)
U3 pxddakog; \??\C:\Users\User\AppData\Local\Temp\pxddakog.sys [X]

==================== NetSvcs (Whitelisted) ===================
         
Addition.txt
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-05-2014
Ran by User at 2014-05-04 17:56:00
Running from C:\Users\User\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Ad-Aware Antivirus (Disabled - Out of date) {D87B6541-12A1-DAEA-0033-9B8057AAB996}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Ad-Aware Antivirus (Disabled - Out of date) {631A84A5-349B-D564-3A83-A0F22C2DF32B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: Ad-Aware Firewall (Disabled) {E040E464-58CE-DBB2-2B6C-32B5A979FEED}

==================== Installed Programs ======================

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
AAVUpdateManager (HKLM-x32\...\{AFA42FE1-A5C3-485F-9180-BFCF5BF1F1C3}) (Version: 18.00.0000 - Wolters Kluwer Deutschland GmbH)
Acronis True Image 2014 (HKLM-x32\...\{3ECDD663-5AF8-489B-9E3C-561F33A271BD}Visible) (Version: 17.0.6673 - Acronis)
Acronis True Image 2014 (x32 Version: 17.0.6673 - Acronis) Hidden
Ad-Aware Antivirus (HKLM\...\{6A16ADA5-0B30-4893-84AB-961B1340D14A}_AdAwareUpdater) (Version: 11.1.5354.0 - Lavasoft)
AdAwareInstaller (Version: 11.1.5354.0 - Lavasoft) Hidden
AdAwareUpdater (Version: 11.1.5354.0 - Lavasoft) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 13.0.0.83 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 13.0.0.83 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.206 - Adobe Systems Incorporated)
Agent Ransack x64 (HKLM\...\{AC1F33CB-82C6-46AD-8A99-F445B0A02753}) (Version: 7.0.819.1 - Mythicsoft Ltd)
Album Art Downloader XUI 1.01 (HKLM-x32\...\Album Art Downloader XUI) (Version: 1.01 - hxxp://sourceforge.net/projects/album-art)
Ant Renamer (HKLM-x32\...\Ant Renamer 2_is1) (Version: 2.10.0 - Ant Software)
AntimalwareEngine (Version: 2.6.0.0 - Lavasoft) Hidden
Aptana Studio 3 (HKLM-x32\...\Aptana Studio 3) (Version: 3.4.2 - Appcelerator, Inc.)
avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2016 - Avast Software)
Biet-O-Matic v2.14.12 (HKLM-x32\...\Biet-O-Matic v2.14.12) (Version: 2.14.12 - BOM Development Team)
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.47.1.0333 - Disc Soft Ltd)
Deaktivierungs-Add-on für Browser von Google Analytics (HKLM\...\{9F540EA8-086E-4D53-B845-A06E6903DED6}) (Version: 0.9.6.0 - Google Inc.)
digiKam 3.4.0 (HKLM-x32\...\digiKam) (Version: 3.4.0 - The digiKam team)
Disable AMT Profile Synchronization Pop-up for Windows XP/Vista/7/8 (HKLM\...\DisableAMTPopup) (Version: 1.00 - )
DisplayLink Core Software (HKLM\...\{404BDC67-C588-42E1-824A-2838571AEE6F}) (Version: 7.4.51572.0 - DisplayLink Corp.)
DisplayLink Graphics (HKLM\...\{F8D0059A-CC6D-414F-A36F-FEDAE2588000}) (Version: 7.4.51587.0 - DisplayLink Corp.)
Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.3.2.2 - Dolby Laboratories Inc)
Dropbox (HKCU\...\Dropbox) (Version: 2.4.11 - Dropbox, Inc.)
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
ExamDiff 1.9 (Build 1.9.0.2) (HKLM-x32\...\ExamDiff_is1) (Version: 1.9.0.2 - PrestoSoft LLC)
Exifer (HKLM-x32\...\Exifer_is1) (Version:  - Friedemann Schmidt)
foobar2000 v1.3.2 (HKLM-x32\...\foobar2000) (Version: 1.3.2 - Peter Pawlowski)
Fotogalerie (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Foxit Cloud (HKLM-x32\...\{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1) (Version: 1.2.75.126 - Foxit Corporation)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 6.1.4.217 - Foxit Corporation)
Freeplane (HKLM\...\{D3941722-C4DD-4509-88C4-0E87F675A859}_is1) (Version: 1.2.23 - Open source)
GIMP 2.8.6 (HKLM\...\GIMP-2_is1) (Version: 2.8.6 - The GIMP Team)
Git version 1.8.5.2-preview20131230 (HKLM-x32\...\Git_is1) (Version: 1.8.5.2-preview20131230 - The Git Development Community)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 34.0.1847.131 - Google Inc.)
Google Contact Sync (HKCU\...\8569f13e8439d3c0) (Version: 2.0.0.6 - Heartofangel.com)
Google Drive (HKLM-x32\...\{E87022D3-C8C9-4C76-8E27-BC7F18F9B8FB}) (Version: 1.14.6059.644 - Google, Inc.)
Google Talk Plugin (HKLM-x32\...\{8E29C1CE-346A-3F59-AE22-8C5B7F230498}) (Version: 5.3.1.18536 - Google)
Google Update Helper (x32 Version: 1.3.23.9 - Google Inc.) Hidden
Google+ Auto Backup (HKCU\...\Google+ Auto Backup) (Version: 1.0.25.133 - Google, Inc.)
Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
Helium (HKLM-x32\...\{9A781940-AC41-4D5E-8E1E-76A04B916FB9}) (Version: 1.0.0 - ClockworkMod)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
InfoBibliothek 2 (HKLM-x32\...\{78D7D7CD-A06B-4514-ACBD-8055BF945A8E}) (Version: 1.08.03.02 - Wolters Kluwer Deutschland GmbH)
Integrated Camera (HKLM-x32\...\Sunplus SPUVCb) (Version: 3.4.7.31 - SunplusIT)
Intel AppUp(R) center (HKLM-x32\...\Intel AppUp(R) center 41651) (Version: 3.8.0.41651.58 - Intel)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1310 - Intel Corporation)
Intel(R) PRO/Wireless Driver (Version: 16.01.3000.0512 - Intel Corporation) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3412 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{6097158B-0184-4140-BEC3-7885794D2571}) (Version: 3.5.40.0 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{828af006-cb5e-4d60-957a-523098a1b0f8}) (Version: 16.1.3 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (Version: 16.01.3000.0254 - Intel Corporation) Hidden
Intel® Trusted Connect Service Client (Version: 1.27.757.1 - Intel Corporation) Hidden
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.37 - Irfan Skiljan)
Java 7 Update 51 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417051FF}) (Version: 7.0.510 - Oracle)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
KDiff3 (remove only) (HKLM-x32\...\KDiff3) (Version:  - )
KeePass Password Safe 2.25 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.25 - Dominik Reichl)
Lenovo Auto Scroll Utility (HKLM\...\LenovoAutoScrollUtility) (Version: 2.10 - )
Lenovo Dependency Package (HKLM-x32\...\Lenovo Dependency Package_is1) (Version: 1.05.0013 - Lenovo Group Limited)
Lenovo Patch Utility (HKLM-x32\...\{AD32F5E9-6BDD-480A-8B7B-95571D04691C}) (Version: 1.3.1.1 - Lenovo Group Limited)
Lenovo Patch Utility (x32 Version: 1.4.0.4 - Lenovo Group Limited) Hidden
Lenovo Patch Utility 64 bit (HKLM\...\{ABE4638D-D208-4061-9F26-E3E11E3A1E0C}) (Version: 1.3.1.1 - Lenovo Group Limited)
Lenovo Patch Utility 64 bit (Version: 1.4.0.4 - Lenovo Group Limited) Hidden
Lenovo Peer Connect SDK (HKLM\...\{75C87855-9CBB-4892-B1A9-74C73A19CACA}_is1) (Version: 1.0.0.1 - Lenovo)
Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.04.05 - )
Lenovo QuickControl (HKLM-x32\...\{4855C42F-5197-4AAD-A50D-5066D2CC4647}) (Version: 2.00 - Lenovo Group Limited)
Lenovo Settings - Camera Audio (HKLM\...\{88C6A6D9-324C-46E8-BA87-563D14021442}_is1) (Version: 4.2.2.0 - Lenovo Corporation)
Lenovo Settings - Location Awareness (HKLM-x32\...\{C79D4402-E622-4922-9C02-89F9080BF081}_is1) (Version: 1.3.0.10 - Lenovo Group Limited)
Lenovo Settings Dependency Package (HKLM\...\{3694BA2E-BE31-4B7E-886B-A0B559E69D4D}_is1) (Version: 2.0.0.16 - Lenovo Group Limited)
Lenovo Settings UMDF driver (HKLM\...\{2BDC7413-65EA-4B99-8C4B-02F11075BE6D}_is1) (Version: 1.1.0.5 - Lenovo Group Limited)
Lenovo Solution Center (HKLM\...\{C51863E5-EB09-43A5-9D43-26A32587EEAC}) (Version: 2.4.002.00 - Lenovo Group Limited)
Lenovo System Update (HKLM-x32\...\{25C64847-B900-48AD-A164-1B4F9B774650}) (Version: 5.05.0009 - Lenovo)
Lenovo USB 2.0 Ethernet Adapter (HKLM-x32\...\{29584513-DC7F-4EB9-8654-7C541DF0DDCE}) (Version: 1.02 - Lenovo)
Lenovo User Guide (HKLM-x32\...\{13F59938-C595-479C-B479-F171AB9AF64F}) (Version: 1.0.0012.00 - Lenovo Group Limited)
Lenovo Warranty Information (HKLM-x32\...\{FD4EC278-C1B1-4496-99ED-C0BE1B0AA521}) (Version: 1.0.0011.00 - Lenovo)
Logitech SetPoint 6.61 (HKLM\...\sp6) (Version: 6.61.15 - Logitech)
Malwarebytes Anti-Malware Version 2.0.1.1004 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation)
Mediencenter 3.8.9799.6 (HKCU\...\Mediencenter) (Version: 3.8.9799.6 - Deutsche Telekom AG)
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office Excel Viewer (HKLM-x32\...\{95120000-003F-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Word Viewer 2003 (HKLM-x32\...\{90850407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SkyDrive (HKCU\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.145.0 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (Version: 2.3.145.0 - Microsoft Corporation) Hidden
Mobile Broadband Drivers (HKLM-x32\...\{68D0E8C7-E4F8-424E-A6D6-97A06A323FFE}) (Version: 8.0.10.1 - Ericsson AB)
Mobile Broadband Drivers (HKLM-x32\...\{EA9640BE-414E-4195-B53B-7905BF1A5A09}) (Version: 7.1.2.0 - Ericsson AB)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 29.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 29.0 (x86 de)) (Version: 29.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
Mp3tag v2.59a (HKLM-x32\...\Mp3tag) (Version: v2.59a - Florian Heidenreich)
MPC-HC 1.6.8 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.6.8.7417 - MPC-HC Team)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
Music Manager (HKCU\...\MusicManager) (Version:  - Google, Inc.)
MusicBee 2.3 (HKLM-x32\...\MusicBee) (Version: 2.3 - Steven Mayall)
MySQL Connector C++ 1.1.3 (HKLM\...\{5C7A1ED6-DC5F-4017-B363-3E80644B4BD0}) (Version: 1.1.3 - Oracle and/or its affiliates)
MySQL Connector J (HKLM-x32\...\{4C5FFB59-6222-45CA-9257-EFB93D5E1756}) (Version: 5.1.26 - Oracle Corporation)
MySQL Connector Net 6.7.4 (HKLM-x32\...\{D6952EDA-6AC4-4480-A060-BD6025B15BAD}) (Version: 6.7.4 - Oracle)
MySQL Connector/ODBC 5.2 (HKLM\...\{6F4E90AC-3B32-4631-A9E5-5CC0186CA97B}) (Version: 5.2.6 - Oracle Corporation)
MySQL Documents 5.6 (HKLM-x32\...\{D5080D2C-37D0-4701-B74D-4A7449584E6D}) (Version: 5.6.14 - Oracle Corporation)
MySQL Examples and Samples 5.6 (HKLM-x32\...\{44D03537-3061-490B-BF0C-DACA4DEE8797}) (Version: 5.6.14 - Oracle Corporation)
MySQL Installer (HKLM-x32\...\{D8BAC677-5CCD-49FA-BF7D-21F65AB0EE0E}) (Version: 1.3.2.0 - Oracle Corporation)
MySQL Notifier 1.1.4 (HKLM-x32\...\{D7C3E617-EB02-47B3-8D0E-BF3E00D873D5}) (Version: 1.1.4 - Oracle)
MySQL Server 5.6 (HKLM\...\{23EEC459-9E65-4DCE-83B8-A1FDB44B9337}) (Version: 5.6.14 - Oracle Corporation)
MySQL Utilities (HKLM-x32\...\{6A494EFD-CFC6-4534-9E14-26D3F7D888DE}) (Version: 1.3.4 - Oracle)
MySQL Workbench 6.0 CE (HKLM-x32\...\{0B724473-51F5-49E8-958C-4BB3C0AAAF35}) (Version: 6.0.7 - Oracle Corporation)
Node.js (HKLM\...\{5A050774-DD97-4FD5-A591-1D7A5BC80EB6}) (Version: 0.10.25 - Joyent, Inc. and other Node contributors)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.5.2 - Notepad++ Team)
On Screen Display (HKLM\...\OnScreenDisplay) (Version: 8.30.00 - )
OpenOffice 4.0.0 (HKLM-x32\...\{B28DBCBA-60F8-40ED-B35B-F510C327946C}) (Version: 4.00.9702 - Apache Software Foundation)
Opera Stable 20.0.1387.91 (HKLM-x32\...\Opera 20.0.1387.91) (Version: 20.0.1387.91 - Opera Software ASA)
Pencil (HKLM-x32\...\Pencil) (Version:  - Evolus Co., Ltd.)
Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
PhotoScape (HKLM-x32\...\PhotoScape) (Version:  - )
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Python 2.6 MySQL-python-1.2.4 (64-bit) (HKLM\...\MySQL-python-py2.6) (Version:  - )
Python 2.6 pycrypto-2.6 (HKLM\...\pycrypto-py2.6) (Version:  - )
Python 2.6.6 (64-bit) (HKLM\...\{6151cf20-0bd8-4023-a4a0-6a86dcfe58e6}) (Version: 2.6.6150 - Python Software Foundation)
Python 2.7 MySQL-python-1.2.5 (HKLM-x32\...\MySQL-python-py2.7) (Version:  - )
Python 2.7 pycrypto-2.6 (HKLM-x32\...\pycrypto-py2.7) (Version:  - )
Python 2.7 pywin32-218 (HKLM\...\pywin32-py2.7) (Version:  - )
Python 2.7.3 (64-bit) (HKLM\...\{C0C31BCC-56FB-42a7-8766-D29E1BD74C7d}) (Version: 2.7.3150 - Python Software Foundation)
Python 2.7.3 (HKLM-x32\...\{C0C31BCC-56FB-42a7-8766-D29E1BD74C7C}) (Version: 2.7.3150 - Python Software Foundation)
Reader for PC (HKLM-x32\...\{71FB3127-E6B2-4058-ACEE-99813554FAB6}) (Version: 2.2.00.11270 - Sony Corporation)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7040 - Realtek Semiconductor Corp.)
RICOH_Media_Driver_v2.25.18.01 (HKLM-x32\...\{FE041B02-234C-4AAA-9511-80DF6482A458}) (Version: 2.25.18.01 - RICOH)
Ruby 1.9.3-p484 (HKCU\...\{17E73B15-62D2-43FD-B851-ACF86A8C9D25}_is1) (Version: 1.9.3-p484 - RubyInstaller Team)
Safari (HKLM-x32\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
SecureWAMP Version 0.9 (HKLM-x32\...\SecureWAMP_is1) (Version: 0.9 - SRWare)
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.2.25 - Safer-Networking Ltd.)
SteuerBerater 2013-2014 (HKLM-x32\...\{AE03E8EC-4F04-46CA-BE9A-652D3ADCDDD4}) (Version: 1.00.9 - Akademische Arbeitsgemeinschaft)
Steuer-Spar-Erklärung Plus 2013 (HKLM-x32\...\{D4A69FFE-B7F6-42B6-ACF3-3F238F9A26D8}) (Version: 18.09 - Wolters Kluwer Deutschland GmbH)
SteuerSparErklärung Plus 2014 (HKLM-x32\...\{A463EB06-22A6-47F5-9593-E52B291EF13E}) (Version: 19.08.82 - Akademische Arbeitsgemeinschaft)
SugarSync Manager (HKLM-x32\...\SugarSync) (Version: 1.9.80.99066 - SugarSync, Inc.)
ThinkPad Bluetooth with Enhanced Data Rate Software (HKLM\...\{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}) (Version: 12.0.0.9100 - Broadcom Corporation)
ThinkPad UltraNav Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.19.9 - )
ThinkVantage Fingerprint Software (HKLM\...\{68D50088-CE92-4FF0-A220-D875E2E73151}) (Version: 6.0.0.8102 - Authentec Inc.)
ThinkVantage Password Manager (HKLM-x32\...\{70EE2BAA-F82A-4B8A-950E-649EFD64D5B9}) (Version: 4.50.7.0 - Lenovo Group Limited)
VirtualDJ PRO Full (HKLM-x32\...\{C515E2A3-4878-4C85-A519-52630C7AB08B}) (Version: 7.3 - Atomix Productions)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666  - Nullsoft, Inc)
Windows Live Communications Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows-Treiberpaket - Intel (ISCT) System  (05/04/2012 1.0.7.0) (HKLM\...\C8CA88388A58C08FD1318BB111CC8BDC79A3B577) (Version: 05/04/2012 1.0.7.0 - Intel)
Windows-Treiberpaket - Intel System  (01/11/2012 9.3.0.1020) (HKLM\...\09839A9B5EDA69DA2DCC34637B5140AAF8A53B44) (Version: 01/11/2012 9.3.0.1020 - Intel)
Windows-Treiberpaket - Intel System  (08/26/2011 9.3.0.1011) (HKLM\...\9D7CD466F7FC8B18FF1B84943B7BB8648D17FCE8) (Version: 08/26/2011 9.3.0.1011 - Intel)
Windows-Treiberpaket - Intel System  (08/26/2011 9.3.0.1011) (HKLM\...\D8EF6CACF49BD33CC1FACD124C8CC2B1A8E8AE35) (Version: 08/26/2011 9.3.0.1011 - Intel)
Windows-Treiberpaket - Intel USB  (08/26/2011 9.3.0.1011) (HKLM\...\97EE1802A0385A37DE6323FA39EC76BEB2D73E41) (Version: 08/26/2011 9.3.0.1011 - Intel)
Windows-Treiberpaket - Lenovo 1.66.00.07 (08/15/2012 1.66.00.07) (HKLM\...\E56A6B34B44A7A597FFEBE0E14D81095E0FD4D73) (Version: 08/15/2012 1.66.00.07 - Lenovo)
Windows-Treiberpaket - Synaptics (SmbDrv) System  (10/17/2012 16.2.19.2) (HKLM\...\A77C050AE33CE8C74E71FDF8578DB13900B8A1F4) (Version: 10/17/2012 16.2.19.2 - Synaptics)
Windows-Treiberpaket - Synaptics (SynTP) Mouse  (10/17/2012 16.2.19.2) (HKLM\...\8305FD4F3A6C1E86A14473501EA23FDEB1382CB7) (Version: 10/17/2012 16.2.19.2 - Synaptics)
Wuala (HKCU\...\Wuala) (Version: 1.0.444.0 - LaCie)
Wuala CBFS (HKLM-x32\...\Wuala CBFS) (Version: 3.2.107.0 - LaCie)
Wuala OverlayIcons (HKLM-x32\...\Wuala OverlayIcons) (Version: 1.0.0.2 - LaCie)

==================== Restore Points  =========================


==================== Hosts content: ==========================

2013-08-22 15:25 - 2014-01-28 23:26 - 00000848 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1    localhost
127.0.0.1       localhost


==================== Scheduled Tasks (whitelisted) =============

Task: {00A26BF5-1C4E-4A9C-AD1B-7DA799057CD6} - System32\Tasks\Lenovo\LSC\LSCTaskService => C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCTaskService.exe [2014-02-19] ()
Task: {03EA34FF-77D5-4D87-9AA6-A7FCD4E3046A} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe
Task: {05040E0F-4CB8-4E22-845B-7798C1A769AC} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2014-02-19] ()
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {17C1D7A6-41AB-467C-8D1D-0CF641A58ACB} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe [2014-02-19] (Lenovo)
Task: {1EA2B1C3-C0FD-468A-923B-44926D048BC6} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2014-02-19] (Lenovo)
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {236838AF-387F-4264-A403-2E269F299619} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Task: {26150182-E0D2-497F-9CE6-47C030318E31} - System32\Tasks\avast! Emergency Update => C:\Program Files\Avast\AvastEmUpdate.exe [2014-04-11] (AVAST Software)
Task: {27EDFE9F-53CF-4A21-A143-13BF99A12BCF} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {38124D6E-2629-498F-AE4D-A0F9F0E6A46A} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {39DF392E-27C1-47A6-83E6-70229406F612} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-272428205-3716622950-2856836198-1004UA => C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe [2013-12-16] (Google Inc.)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {3B797E74-4719-478E-88DE-D7D3DC506C40} - System32\Tasks\PMTask => C:\PROGRA~2\ThinkPad\UTILIT~1\PwmIdTsv.exe
Task: {4277C1B5-2975-45BB-8CAB-9F5DD11C64EA} - System32\Tasks\Lenovo\LSC\LSCHardwareScanPostpone => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2014-02-19] ()
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {4C947CA7-783B-4E0D-9FEE-31A8710F0492} - System32\Tasks\TVT\LenovoWERMonitor => C:\Program Files (x86)\Common Files\lenovo\SUP\sup_wermonitor.exe [2014-01-21] (Microsoft)
Task: {5E5CDFB6-D9F9-4575-9360-F01F21B28B85} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-03-31] (Microsoft Corporation)
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {6F4A4356-9BBE-4ECA-A2FE-D64975599BD7} - System32\Tasks\Lenovo\Lenovo Settings Power => Rundll32.exe "C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.dll",PwrMgrBkGndMonitor
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {760F1DE7-7D13-4A35-B82C-F75589866CD8} - System32\Tasks\Lenovo\Lenovo-1186 => C:\ProgramData\Lenovo-1186.vbs [2013-05-24] ()
Task: {76AA3E8E-346C-42DB-A96A-58E83EAFAB52} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-07] (Google Inc.)
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {7B0759BA-24B7-4275-A02C-C7990288F7BE} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-28] (Adobe Systems Incorporated)
Task: {7DC2BE24-C40B-4BC6-AA7E-547F6C20CE10} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-09-04] (Microsoft Corporation)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8A762F45-E492-428C-84DB-16E04CA5B08D} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-09-04] (Microsoft Corporation)
Task: {8C756C7D-0D35-44A8-AF1C-C91F2408FAF2} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [2014-02-21] ()
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {B704EBC2-8F46-4CCD-BCC3-91C26B06175A} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-272428205-3716622950-2856836198-1004Core => C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe [2013-12-16] (Google Inc.)
Task: {C7195611-6795-4336-BFC0-2DCE43BBA84A} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2013-09-04] (Microsoft)
Task: {C853B160-EDBA-41DA-AE1B-F09B6E9D6C85} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {DA65A0D0-73FD-4D14-9166-682D2E0172CD} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-09-04] (Microsoft Corporation)
Task: {DBC0AB1A-9E09-44C4-BFB8-5FFCFDCE5397} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe
Task: {DE8419B9-B5A7-46F4-B90D-3C386868BBC4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-07] (Google Inc.)
Task: {DFDDB27B-1C9A-4788-BFB0-3477D7B5BDF2} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-02-22] (Microsoft Corporation)
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {E7E4EB5C-BA89-42A7-A77A-9AFECD38C1CC} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => Rundll32.exe C:\WINDOWS\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
Task: {E95123F5-4AB1-44D6-8D32-196796102A8C} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-09-04] (Microsoft Corporation)
Task: {EB95FBBD-9AB5-45C7-A2EE-37D4A1702822} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2014-02-13] (Lenovo)
Task: {F9272B95-FB39-45F8-AF2F-46F33E563F52} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-05-29] (Synaptics Incorporated)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-272428205-3716622950-2856836198-1004Core.job => C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-272428205-3716622950-2856836198-1004UA.job => C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-04-09 11:23 - 2014-03-07 07:44 - 00117248 _____ () C:\Program Files (x86)\ThinkPad\Utilities\GR\PWMRT64V.dll
2013-12-16 11:54 - 2013-12-16 11:54 - 00049368 _____ () C:\Program Files\ThinkPad\Bluetooth Software\btwleapi.dll
2013-10-01 11:32 - 2013-10-01 11:32 - 02818216 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll
2014-02-07 18:15 - 2013-12-27 23:35 - 00721571 _____ () C:\Program Files (x86)\Git\git-cheetah\git_shell_ext64.dll
2012-08-05 04:15 - 2012-08-05 04:15 - 00176640 _____ () C:\Program Files (x86)\KDiff3\diff_ext_for_kdiff3_64.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 02141040 _____ () C:\Program Files\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareShellExtension.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00685904 _____ () C:\Program Files\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\SQLite.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 02595144 _____ () C:\Program Files\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\RCF.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00123776 _____ () C:\Program Files\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\boost_filesystem-vc100-mt-1_55.dll
2014-01-23 16:30 - 2014-01-23 16:30 - 00024440 _____ () C:\Program Files\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\boost_system-vc100-mt-1_55.dll
2012-06-18 17:24 - 2012-06-18 17:24 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_05.dll
2014-04-09 11:23 - 2014-03-07 07:44 - 00117248 _____ () C:\Program Files (x86)\ThinkPad\Utilities\GR\PWMRT64V.DLL
2014-05-04 10:28 - 2014-05-04 10:28 - 02252800 _____ () C:\Program Files\Avast\defs\14050400\algo.dll
2014-01-28 23:40 - 2012-11-05 03:21 - 00109056 _____ () C:\SecureWAMP\Apache2\bin\pcre.dll
2014-02-25 20:40 - 2012-08-23 11:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2014-02-25 20:40 - 2013-05-16 11:55 - 00113496 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2014-02-25 20:40 - 2013-05-16 11:55 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2014-02-25 20:40 - 2013-05-16 11:55 - 00161112 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2014-02-25 20:40 - 2012-04-03 18:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2013-10-07 11:02 - 2011-07-13 11:10 - 00065576 ____R () C:\Program Files (x86)\Mobile Broadband Drivers\WMCore\MBMDebug.dll
2014-03-26 18:02 - 2014-03-26 18:02 - 03305472 _____ () C:\Users\User\AppData\Local\Programs\Google\Google+ Auto Backup\gpuploader_i18n.dll
2014-05-04 17:35 - 2014-05-04 17:35 - 00098816 _____ () C:\Users\User\AppData\Local\Temp\_MEI80082\win32api.pyd
2014-05-04 17:35 - 2014-05-04 17:35 - 00110080 _____ () C:\Users\User\AppData\Local\Temp\_MEI80082\pywintypes27.dll
2014-05-04 17:35 - 2014-05-04 17:35 - 00364544 _____ () C:\Users\User\AppData\Local\Temp\_MEI80082\pythoncom27.dll
2014-05-04 17:35 - 2014-05-04 17:35 - 00044032 _____ () C:\Users\User\AppData\Local\Temp\_MEI80082\_socket.pyd
2014-05-04 17:35 - 2014-05-04 17:35 - 01157120 _____ () C:\Users\User\AppData\Local\Temp\_MEI80082\_ssl.pyd
2014-05-04 17:35 - 2014-05-04 17:35 - 00320512 _____ () C:\Users\User\AppData\Local\Temp\_MEI80082\win32com.shell.shell.pyd
2014-05-04 17:35 - 2014-05-04 17:35 - 00712192 _____ () C:\Users\User\AppData\Local\Temp\_MEI80082\_hashlib.pyd
2014-05-04 17:35 - 2014-05-04 17:35 - 01175040 _____ () C:\Users\User\AppData\Local\Temp\_MEI80082\wx._core_.pyd
2014-05-04 17:35 - 2014-05-04 17:35 - 00805888 _____ () C:\Users\User\AppData\Local\Temp\_MEI80082\wx._gdi_.pyd
2014-05-04 17:35 - 2014-05-04 17:35 - 00811008 _____ () C:\Users\User\AppData\Local\Temp\_MEI80082\wx._windows_.pyd
2014-05-04 17:35 - 2014-05-04 17:35 - 01062400 _____ () C:\Users\User\AppData\Local\Temp\_MEI80082\wx._controls_.pyd
2014-05-04 17:35 - 2014-05-04 17:35 - 00735232 _____ () C:\Users\User\AppData\Local\Temp\_MEI80082\wx._misc_.pyd
2014-05-04 17:35 - 2014-05-04 17:35 - 00128512 _____ () C:\Users\User\AppData\Local\Temp\_MEI80082\_elementtree.pyd
2014-05-04 17:35 - 2014-05-04 17:35 - 00127488 _____ () C:\Users\User\AppData\Local\Temp\_MEI80082\pyexpat.pyd
2014-05-04 17:35 - 2014-05-04 17:35 - 00557056 _____ () C:\Users\User\AppData\Local\Temp\_MEI80082\pysqlite2._sqlite.pyd
2014-05-04 17:35 - 2014-05-04 17:35 - 00087040 _____ () C:\Users\User\AppData\Local\Temp\_MEI80082\_ctypes.pyd
2014-05-04 17:35 - 2014-05-04 17:35 - 00119808 _____ () C:\Users\User\AppData\Local\Temp\_MEI80082\win32file.pyd
2014-05-04 17:35 - 2014-05-04 17:35 - 00108544 _____ () C:\Users\User\AppData\Local\Temp\_MEI80082\win32security.pyd
2014-05-04 17:35 - 2014-05-04 17:35 - 00018432 _____ () C:\Users\User\AppData\Local\Temp\_MEI80082\win32event.pyd
2014-05-04 17:35 - 2014-05-04 17:35 - 00038912 _____ () C:\Users\User\AppData\Local\Temp\_MEI80082\win32inet.pyd
2014-05-04 17:35 - 2014-05-04 17:35 - 00122368 _____ () C:\Users\User\AppData\Local\Temp\_MEI80082\wx._wizard.pyd
2014-05-04 17:35 - 2014-05-04 17:35 - 00070656 _____ () C:\Users\User\AppData\Local\Temp\_MEI80082\wx._html2.pyd
2014-05-04 17:35 - 2014-05-04 17:35 - 00026624 _____ () C:\Users\User\AppData\Local\Temp\_MEI80082\_multiprocessing.pyd
2014-05-04 17:35 - 2014-05-04 17:35 - 00010240 _____ () C:\Users\User\AppData\Local\Temp\_MEI80082\select.pyd
2014-05-04 17:35 - 2014-05-04 17:35 - 00024064 _____ () C:\Users\User\AppData\Local\Temp\_MEI80082\win32pipe.pyd
2014-05-04 17:35 - 2014-05-04 17:35 - 00686080 _____ () C:\Users\User\AppData\Local\Temp\_MEI80082\unicodedata.pyd
2014-05-04 17:35 - 2014-05-04 17:35 - 00025600 _____ () C:\Users\User\AppData\Local\Temp\_MEI80082\win32pdh.pyd
2014-05-04 17:35 - 2014-05-04 17:35 - 00525640 _____ () C:\Users\User\AppData\Local\Temp\_MEI80082\windows._lib_cacheinvalidation.pyd
2014-05-04 17:35 - 2014-05-04 17:35 - 00011264 _____ () C:\Users\User\AppData\Local\Temp\_MEI80082\win32crypt.pyd
2014-05-04 17:35 - 2014-05-04 17:35 - 00035840 _____ () C:\Users\User\AppData\Local\Temp\_MEI80082\win32process.pyd
2014-05-04 17:35 - 2014-05-04 17:35 - 00017408 _____ () C:\Users\User\AppData\Local\Temp\_MEI80082\win32profile.pyd
2014-05-04 17:35 - 2014-05-04 17:35 - 00022528 _____ () C:\Users\User\AppData\Local\Temp\_MEI80082\win32ts.pyd
2013-12-10 23:06 - 2013-12-10 23:06 - 10683392 _____ () C:\Users\User\AppData\Local\Programs\Google\MusicManager\QtWebKit4.dll
2013-12-10 23:06 - 2013-12-10 23:06 - 07741952 _____ () C:\Users\User\AppData\Local\Programs\Google\MusicManager\QtGui4.dll
2013-12-10 23:06 - 2013-12-10 23:06 - 01681408 _____ () C:\Users\User\AppData\Local\Programs\Google\MusicManager\QtNetwork4.dll
2013-12-10 23:06 - 2013-12-10 23:06 - 02248192 _____ () C:\Users\User\AppData\Local\Programs\Google\MusicManager\QtCore4.dll
2014-03-03 20:13 - 2014-03-03 20:13 - 00117248 _____ () C:\Users\User\AppData\Local\Programs\Google\MusicManager\libaacdec.dll
2014-03-03 20:13 - 2014-03-03 20:13 - 00231936 _____ () C:\Users\User\AppData\Local\Programs\Google\MusicManager\libmpgdec.dll
2014-03-03 20:14 - 2014-03-03 20:14 - 00253440 _____ () C:\Users\User\AppData\Local\Programs\Google\MusicManager\libid3tag.dll
2014-03-03 20:13 - 2014-03-03 20:13 - 00344064 _____ () C:\Users\User\AppData\Local\Programs\Google\MusicManager\libaudioenc.dll
2013-12-10 23:06 - 2013-12-10 23:06 - 00026624 _____ () C:\Users\User\AppData\Local\Programs\Google\MusicManager\imageformats\qgif4.dll
2013-10-20 22:28 - 2013-10-20 22:28 - 19336120 _____ () C:\Program Files\Avast\libcef.dll
2014-04-29 00:43 - 2014-04-24 02:33 - 00065352 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\chrome_elf.dll
2014-04-29 00:43 - 2014-04-24 02:33 - 00674632 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\libglesv2.dll
2014-04-29 00:43 - 2014-04-24 02:33 - 00093000 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\libegl.dll
2014-04-29 00:43 - 2014-04-24 02:33 - 04081480 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\pdf.dll
2014-04-29 00:43 - 2014-04-24 02:33 - 00390472 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\ppGoogleNaClPluginChrome.dll
2014-04-29 00:43 - 2014-04-24 02:33 - 01647432 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\ffmpegsumo.dll
2014-04-30 10:39 - 2014-04-30 10:39 - 03845232 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2013-08-08 00:00 - 2013-05-13 15:15 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2014-02-04 19:25 - 2014-02-04 19:25 - 00028992 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\thread_pool.dll
2014-02-04 19:28 - 2014-02-04 19:28 - 00420160 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\ulxmlrpcpp.dll
2014-04-29 00:43 - 2014-04-24 02:33 - 13692232 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\PepperFlash\pepflashplayer.dll
2011-07-18 23:07 - 2011-07-18 23:07 - 00014336 _____ () C:\Program Files (x86)\Notepad++\plugins\NppExport.dll
2011-09-21 22:46 - 2011-09-21 22:46 - 01673728 _____ () C:\Program Files (x86)\Notepad++\plugins\NppFTP.dll
2013-10-01 12:00 - 2013-10-01 12:00 - 00022336 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\ti_managers_proxy_stub.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Users\User\SkyDrive:ms-properties
AlternateDataStreams: C:\Users\User\Documents\Amazon Downloader Logs:doo_pyOm24dT
AlternateDataStreams: C:\Users\User\Documents\Assessment Center:doo_pyOm24dT
AlternateDataStreams: C:\Users\User\Documents\Backup:doo_pyOm24dT
AlternateDataStreams: C:\Users\User\Documents\Bluetooth-Exchange-Ordner:doo_pyOm24dT
AlternateDataStreams: C:\Users\User\Documents\Chrome Bookmarks:doo_pyOm24dT
AlternateDataStreams: C:\Users\User\Documents\Entwicklung:doo_pyOm24dT
AlternateDataStreams: C:\Users\User\Documents\Finanzen:doo_pyOm24dT
AlternateDataStreams: C:\Users\User\Documents\Gründung:doo_pyOm24dT
AlternateDataStreams: C:\Users\User\Documents\Karriere:doo_pyOm24dT
AlternateDataStreams: C:\Users\User\Documents\My Books:doo_pyOm24dT
AlternateDataStreams: C:\Users\User\Documents\Steuerfälle:doo_pyOm24dT
AlternateDataStreams: C:\Users\User\Documents\Thinkpad:doo_pyOm24dT
AlternateDataStreams: C:\Users\User\Documents\VirtualDJ:doo_pyOm24dT

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\78721183.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\78721183.sys => ""="Driver"

==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (05/04/2014 05:54:49 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: Gmer-19357.exe, Version: 2.1.19357.0, Zeitstempel: 0x52e7ea83
Name des fehlerhaften Moduls: Gmer-19357.exe, Version: 2.1.19357.0, Zeitstempel: 0x52e7ea83
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000011aa
ID des fehlerhaften Prozesses: 0x187c
Startzeit der fehlerhaften Anwendung: 0xGmer-19357.exe0
Pfad der fehlerhaften Anwendung: Gmer-19357.exe1
Pfad des fehlerhaften Moduls: Gmer-19357.exe2
Berichtskennung: Gmer-19357.exe3
Vollständiger Name des fehlerhaften Pakets: Gmer-19357.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Gmer-19357.exe5

Error: (05/04/2014 05:49:35 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: THINKPAD_X1)
Description: Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2147009284. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (05/04/2014 05:49:35 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: THINKPAD_X1)
Description: Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2147009284. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (05/04/2014 05:34:57 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: THINKPAD_X1)
Description: Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2147009284. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (05/04/2014 05:34:51 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: THINKPAD_X1)
Description: Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2147009284. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (05/04/2014 05:34:50 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: THINKPAD_X1)
Description: Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2147009284. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (05/04/2014 05:34:50 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: THINKPAD_X1)
Description: Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2147009284. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (05/04/2014 05:34:50 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: THINKPAD_X1)
Description: Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2147009284. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (05/04/2014 05:34:50 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: THINKPAD_X1)
Description: Bei der Aktivierung der App „LenovoCorporation.LenovoSettings_4642shxvsv8s2!App“ ist folgender Fehler aufgetreten: -2147009284. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (05/04/2014 05:34:50 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: THINKPAD_X1)
Description: Bei der Aktivierung der App „LenovoCorporation.LenovoSettings_4642shxvsv8s2!App“ ist folgender Fehler aufgetreten: -2147009284. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.


System errors:
=============
Error: (05/04/2014 05:44:51 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "pcicsa.sys" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (05/04/2014 05:28:49 PM) (Source: bowser) (User: )
Description: Der Suchdiensttreiber erhielt zu viele nicht erlaubte Datagramme vom Remotecomputer "EASYBOX" zum Namen "THINKPAD_X1" auf Transport "NetBT_Tcpip_{7983155F-EC97-4F57-98CD-E0C40D80AEEF}". Das Datagramm steht in den Daten.
Es werden keine weiteren Ereignisse erzeugt, solange die Rücksetzfrequenz nicht abgelaufen ist.

Error: (05/04/2014 05:07:09 PM) (Source: disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR2 gefunden.

Error: (05/04/2014 05:07:09 PM) (Source: disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR4 gefunden.

Error: (05/04/2014 05:06:57 PM) (Source: disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR4 gefunden.

Error: (05/04/2014 05:06:57 PM) (Source: disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR2 gefunden.

Error: (05/04/2014 05:06:56 PM) (Source: disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR2 gefunden.

Error: (05/04/2014 05:06:56 PM) (Source: disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR4 gefunden.

Error: (05/04/2014 05:06:56 PM) (Source: disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR4 gefunden.

Error: (05/04/2014 05:06:56 PM) (Source: disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR2 gefunden.


Microsoft Office Sessions:
=========================
Error: (05/04/2014 05:54:49 PM) (Source: Application Error)(User: )
Description: Gmer-19357.exe2.1.19357.052e7ea83Gmer-19357.exe2.1.19357.052e7ea83c0000005000011aa187c01cf67b1263b32ffC:\Users\User\Desktop\Gmer-19357.exeC:\Users\User\Desktop\Gmer-19357.exe6be7ae50-d3a4-11e3-bf16-b8763fa784a8

Error: (05/04/2014 05:49:35 PM) (Source: Microsoft-Windows-Immersive-Shell)(User: THINKPAD_X1)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2147009284

Error: (05/04/2014 05:49:35 PM) (Source: Microsoft-Windows-Immersive-Shell)(User: THINKPAD_X1)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2147009284

Error: (05/04/2014 05:34:57 PM) (Source: Microsoft-Windows-Immersive-Shell)(User: THINKPAD_X1)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2147009284

Error: (05/04/2014 05:34:51 PM) (Source: Microsoft-Windows-Immersive-Shell)(User: THINKPAD_X1)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2147009284

Error: (05/04/2014 05:34:50 PM) (Source: Microsoft-Windows-Immersive-Shell)(User: THINKPAD_X1)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2147009284

Error: (05/04/2014 05:34:50 PM) (Source: Microsoft-Windows-Immersive-Shell)(User: THINKPAD_X1)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2147009284

Error: (05/04/2014 05:34:50 PM) (Source: Microsoft-Windows-Immersive-Shell)(User: THINKPAD_X1)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2147009284

Error: (05/04/2014 05:34:50 PM) (Source: Microsoft-Windows-Immersive-Shell)(User: THINKPAD_X1)
Description: LenovoCorporation.LenovoSettings_4642shxvsv8s2!App-2147009284

Error: (05/04/2014 05:34:50 PM) (Source: Microsoft-Windows-Immersive-Shell)(User: THINKPAD_X1)
Description: LenovoCorporation.LenovoSettings_4642shxvsv8s2!App-2147009284


CodeIntegrity Errors:
===================================
  Date: 2014-05-04 11:10:17.224
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-04-30 09:20:41.427
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-04-30 09:20:35.177
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-04-28 18:15:37.084
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-04-28 09:32:18.834
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-04-25 18:50:29.592
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-04-25 09:49:15.866
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-04-24 18:59:52.163
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-04-24 15:10:01.390
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-04-24 09:29:19.945
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info =========================== 

Percentage of memory in use: 39%
Total physical RAM: 8010.86 MB
Available physical RAM: 4885.55 MB
Total Pagefile: 16202.86 MB
Available Pagefile: 12842.37 MB
Total Virtual: 131072 MB
Available Virtual: 131071.79 MB

==================== Drives ================================

Drive c: (Windows8_OS) (Fixed) (Total:209.94 GB) (Free:68.33 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: (Backup) (Fixed) (Total:1397.26 GB) (Free:59.09 GB) NTFS
Drive i: (My Passport) (Fixed) (Total:931.48 GB) (Free:302.96 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 224 GB) (Disk ID: EE7E26AF)

Partition: GPT Partition Type.

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 1397 GB) (Disk ID: 0002CBBC)
Partition 1: (Not Active) - (Size=-698722394112) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows XP) (Size: 931 GB) (Disk ID: 00042ADA)
Partition 1: (Not Active) - (Size=931 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         
Miniaturansicht angehängter Grafiken
-problem_with_dsmsvc_140504.jpg  

Alt 04.05.2014, 19:51   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Windows 8.1: Dienst "Geräteinstallations-Manager" (DsmSvc) beansprucht 20-30% CPU-Auslastung im Ruhezustand - Standard

Windows 8.1: Dienst "Geräteinstallations-Manager" (DsmSvc) beansprucht 20-30% CPU-Auslastung im Ruhezustand



hi,

ProcessExplorer als Ersatz für den Windows Taskmanager installieren

Lade Dir den Process Explorer als Ersatz für den Taskmanager herunter und installiere ihn, hier findest Du eine Anleitung. Das ist ein wesentlich leistungsfähigerer Ersatz für den Windows-Taskmanager. Im Menü unter "Options" kannst Du den ProcessExplorer dauerhaft als Ersatz für den Taskmanager einrichten (Replace Taskmanager). Das ist sehr empfehlenswert, weil der ProcessExplorer erheblich mehr Funktionen als der Taskmanager hat. Wenn Du diese Einstellung gemacht hast, öffnet sich mit der Tastenkombination STRG + ALT + Entf. nicht mehr der Taskmanager, sondern der ProcessExplorer. Das kann jederzeit durch Abhaken dieser Einstellung wieder rückgängig gemacht werden.

Was wir jetzt konkret brauchen: In jeder Zeile steht ein Prozess, ein paar der Zeilen sind keine richtigen Prozesse, sondern nur Pseudoprozesse für die Tätigkeit des Windos-Kernels. Im Menü View => Select Columns wird ein Dialog geöffnet, in dem Du auswählen kannst, welche Spalten mit Informationen zu den Prozessen angezeigt werden sollen. In dem gehe in das Register "Process Performance" und stelle sicher, dass dort "CPU Usage" angehakt ist, "CPU History" wäre ebenfalls sinnvoll. Unter "CPU Usage" wird der aktuelle Wert der Prozessorauslastung für jeden Prozess angezeigt (im Tabellentitel steht nur kurz "CPU"), "CPU History" blendet für jeden Prozess ein Diagramm ein, das eine Kurve mit der Prozessorauslastung für die letzte Zeit anzeigt.

Damit sollte es Dir möglich sein, zu identifizieren, welcher Prozess Deine CPU in Trab hält. Mache einen Doppelklick auf den Prozess. Du kannst von dem ganzen auch einen Screenshot machen und ihn als Anhang mit Deiner Antwort hochladen (auf "Erweitert" unter dem Textfeld klicken und über "Anhänge verwalten" auf Deinem Rechner suchen lassen und über "Hochladen" anhängen).
__________________

__________________

Alt 05.05.2014, 08:55   #3
emon
 
Windows 8.1: Dienst "Geräteinstallations-Manager" (DsmSvc) beansprucht 20-30% CPU-Auslastung im Ruhezustand - Standard

Windows 8.1: Dienst "Geräteinstallations-Manager" (DsmSvc) beansprucht 20-30% CPU-Auslastung im Ruhezustand



Vielen Dank für die Antwort. Wie gesagt, ist der Unruhestifter der Dienst "DsmSvc", der Teil des Prozesses "svchost.exe" ist und scheinbar eng mit der Datei "ntdll.dll" in Zusammenhang steht. Im folgenden der Stack des Unruhestifter-Threads und ein Screenshots vom svchost im Process Explorer. Ich hoffe, dass diese Infos weiterhelfen.

Stack for thread 5568 (DsmSvc)
Code:
ATTFilter
ntoskrnl.exe!KeSynchronizeExecution+0x2246
ntoskrnl.exe!KeRemoveQueueEx+0x108e
ntoskrnl.exe!KeRemoveQueueEx+0xae9
ntoskrnl.exe!KeWaitForSingleObject+0x22a
ntoskrnl.exe!KeSetBasePriorityThread+0x4ec
ntoskrnl.exe!KeRemoveQueueEx+0x281d
ntoskrnl.exe!KeSynchronizeExecution+0x4133
devrtl.DLL!NdxTableFirstObject+0x8c
devrtl.DLL!NdxTableFirstObject+0x2d
DeviceMetadataRetrievalClient.dll!DllGetClassObject+0x2636
DeviceMetadataRetrievalClient.dll!DllGetClassObject+0x2ece
DeviceMetadataRetrievalClient.dll!DllGetClassObject+0xbc2
DeviceMetadataRetrievalClient.dll!DllGetClassObject+0x14272
DeviceMetadataRetrievalClient.dll!DllGetClassObject+0x100b1
DeviceMetadataRetrievalClient.dll!DllGetClassObject+0x10c3a
combase.dll!StringFromCLSID+0x3ba5
combase.dll!StringFromCLSID+0x140f
combase.dll!StringFromCLSID+0x3c9b
combase.dll!StringFromCLSID+0x3932
combase.dll!StringFromCLSID+0x35b7
combase.dll!StringFromCLSID+0x38bf
combase.dll!StringFromCLSID+0x39ca
combase.dll!StringFromCLSID+0x140f
combase.dll!StringFromCLSID+0x21e5
combase.dll!StringFromCLSID+0x140f
combase.dll!StringFromCLSID+0x2053
combase.dll!CoUnmarshalInterface+0x1782
combase.dll!CoUnmarshalInterface+0x1de0
devicesetupmanager.dll!ServiceMain+0x294f
devicesetupmanager.dll!ServiceMain+0x1a01
devicesetupmanager.dll+0x13ffd
devicesetupmanager.dll+0x130f7
devicesetupmanager.dll!ServiceMain+0x7ed1
devicesetupmanager.dll+0x99f9
devicesetupmanager.dll+0x9973
ntdll.dll!RtlMultiByteToUnicodeN+0x3abf
ntdll.dll!RtlMultiByteToUnicodeN+0x250a
KERNEL32.DLL!BaseThreadInitThunk+0xd
ntdll.dll!RtlUserThreadStart+0x1d
         
__________________
Miniaturansicht angehängter Grafiken
-process-explorer-svchost.jpg  

Alt 05.05.2014, 16:52   #4
schrauber
/// the machine
/// TB-Ausbilder
 

Windows 8.1: Dienst "Geräteinstallations-Manager" (DsmSvc) beansprucht 20-30% CPU-Auslastung im Ruhezustand - Standard

Windows 8.1: Dienst "Geräteinstallations-Manager" (DsmSvc) beansprucht 20-30% CPU-Auslastung im Ruhezustand



Deinstalliere alles an Security Software, und entscheide dich für eines! Man nutz keine 2 AV Programme.

Deinstalliere testweise bitte Acronis. Der Dienst wird von Datensicherungs-Tools benutzt.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 08.05.2014, 10:18   #5
emon
 
Windows 8.1: Dienst "Geräteinstallations-Manager" (DsmSvc) beansprucht 20-30% CPU-Auslastung im Ruhezustand - Standard

Windows 8.1: Dienst "Geräteinstallations-Manager" (DsmSvc) beansprucht 20-30% CPU-Auslastung im Ruhezustand



Hallo Schrauber,

ich nutze normalerweise nur Avast als Anti-Viren-, Spybot als Anit-Spyware- und Acronis als Backup-Programm. Die sollten sich eigentlich nicht gegenseitig behindern. Die anderen hatte ich aktuell nur zusätzlich draufgespielt, weil ich die Hoffnung hatte, dass Sie vielleicht etwas bezüglich meines Problems finden.

Ich habe jetzt aber wie gefordert sämtliche derartigen Programme deinstalliert. Leider scheint es jedoch daran nicht gelegen zu haben. Nach wie vor beansprucht der Service "DsmSvc" konstant 23-25% an CPU-Auslastung (siehe Screenshot).

Noch Ideen woran könnte es liegen? Oder ist die Beanspruchung durch diesen Prozess bei Windows 8.1 sogar vielleicht normal? Kann mir dann aber nicht wirklich erklären was dieser Dienst macht, wenn er durchgehen soviel Rechenleistung einfordert.

Grüße, Norbert

Miniaturansicht angehängter Grafiken
-processexplorer_svchost_140508.jpg  

Alt 09.05.2014, 08:42   #6
schrauber
/// the machine
/// TB-Ausbilder
 

Windows 8.1: Dienst "Geräteinstallations-Manager" (DsmSvc) beansprucht 20-30% CPU-Auslastung im Ruhezustand - Standard

Windows 8.1: Dienst "Geräteinstallations-Manager" (DsmSvc) beansprucht 20-30% CPU-Auslastung im Ruhezustand



Nee normal ist das nicht.

How to perform a clean boot in Windows
Mach bitte mal nen Clean Boot, dann einzeln wieder Dienste aktivieren bis Du weißt welcher Dienst/welches Programm dafür verantwortlich ist.
__________________
--> Windows 8.1: Dienst "Geräteinstallations-Manager" (DsmSvc) beansprucht 20-30% CPU-Auslastung im Ruhezustand

Alt 09.05.2014, 20:42   #7
emon
 
Windows 8.1: Dienst "Geräteinstallations-Manager" (DsmSvc) beansprucht 20-30% CPU-Auslastung im Ruhezustand - Standard

Windows 8.1: Dienst "Geräteinstallations-Manager" (DsmSvc) beansprucht 20-30% CPU-Auslastung im Ruhezustand



Hallo Schrauber,

danke für Deine Antwort. Ich habe jetzt den Clean Boot gemacht, leider hatte dieser keine Auswirkungen (siehe Screenshots). Nach wie vor handelt es sich bei dem Unruhestifter um den Dienst "DsmSvc" (Anzeigename: Geräteinstallations-Manager, Pfad zur exe: C:\WINDOWS\system32\svchost.exe -k netsvcs). Trotz Clean Boot bleibt die gleiche konstante Auslastung bestehen, Non-Microsoft-Dienste scheinen also nicht der Grund zu sein. Weitere Ideen?

Viele Grüße
Norbert
Miniaturansicht angehängter Grafiken
-processexplorer_cleanreboot_140509.jpg   -processexplorer_svchost_cleanreboot_140509.jpg  

Alt 10.05.2014, 17:44   #8
schrauber
/// the machine
/// TB-Ausbilder
 

Windows 8.1: Dienst "Geräteinstallations-Manager" (DsmSvc) beansprucht 20-30% CPU-Auslastung im Ruhezustand - Standard

Windows 8.1: Dienst "Geräteinstallations-Manager" (DsmSvc) beansprucht 20-30% CPU-Auslastung im Ruhezustand



Windows Taste drücken, CMD eintippen. Wenn CMD erscheint, Rechtsklick als Admin Ausführen.

Schreibe in das CMD Fenster:

sc config DsmSvc start= demand

und drücke Enter. CMD schliessen und rebooten.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 11.05.2014, 11:31   #9
emon
 
Windows 8.1: Dienst "Geräteinstallations-Manager" (DsmSvc) beansprucht 20-30% CPU-Auslastung im Ruhezustand - Standard

Windows 8.1: Dienst "Geräteinstallations-Manager" (DsmSvc) beansprucht 20-30% CPU-Auslastung im Ruhezustand



Hallo Schrauber, auch das hat leider nichts genutzt. Der Dienst stand auch schon vorher auf Manuell und muss scheinbar direkt beim Start von einem anderen Dienst angestoßen werden (siehe Screenshot). Die Frage ist warum der Dienst von sich aus soviele Ressourcen beansprucht?

Grüße Norbert
Miniaturansicht angehängter Grafiken
-140511_eigenschaften_dsmsvc.jpg  

Alt 12.05.2014, 11:01   #10
schrauber
/// the machine
/// TB-Ausbilder
 

Windows 8.1: Dienst "Geräteinstallations-Manager" (DsmSvc) beansprucht 20-30% CPU-Auslastung im Ruhezustand - Standard

Windows 8.1: Dienst "Geräteinstallations-Manager" (DsmSvc) beansprucht 20-30% CPU-Auslastung im Ruhezustand



Bitte poste nochmal ein frisches FRST log, mal schauen was alles an Software läuft.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 15.05.2014, 23:53   #11
emon
 
Windows 8.1: Dienst "Geräteinstallations-Manager" (DsmSvc) beansprucht 20-30% CPU-Auslastung im Ruhezustand - Standard

Windows 8.1: Dienst "Geräteinstallations-Manager" (DsmSvc) beansprucht 20-30% CPU-Auslastung im Ruhezustand



So, habe jetzt nochmal ein FRST log nach einem Clean Boot gemacht. Vielleicht gibt das ja Hinweise... Grüße Norbert

FRST.txt:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-05-2014
Ran by User (administrator) on THINKPAD_X1 on 16-05-2014 00:42:24
Running from C:\Users\User\Desktop\Trojanerboard
Platform: Windows 8.1 Pro (Update 1) (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(Authentec Inc.) C:\Program Files\ThinkVantage Fingerprint Software\upeksvr.exe
(AVAST Software) C:\Program Files\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
() C:\Program Files\MySQL\MySQL Server 5.6\bin\mysqld.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17031_none_fa50b3979b1bcb4a\TiWorker.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3091224 2013-07-31] (Logitech, Inc.)
HKLM\...\Run: [LENOVO.TPKNRRES] => C:\Program Files\Lenovo\Communications Utility\LibStartStub.dll [74288 2014-03-04] (Lenovo Corporation)
HKLM\...\Run: [LenovoNal] => C:\Program Files\Lenovo\Lenovo Peer Connect\NalService.exe [19960 2013-10-18] (Lenovo)
HKLM\...\Run: [LenovoOptMouseUpdate] => C:\Program Files\Lenovo\HOTKEY\extapsup.exe [255480 2013-06-20] (Lenovo Group Limited)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-08-30] (Realtek Semiconductor)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13653208 2013-09-13] (Realtek Semiconductor)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [519408 2013-07-18] (Acronis)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [132920 2013-05-30] (Intel Corporation)
HKLM-x32\...\Run: [Integrated Camera_Monitor] => C:\Program Files (x86)\Integrated Camera\monitor.exe [1719456 2013-12-10] (SunplusIT, Inc.)
HKLM-x32\...\Run: [Intel AppUp(R) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [156000 2012-12-14] (Intel Corporation)
HKLM-x32\...\Run: [KeePass 2 PreLoad] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [2092032 2014-02-03] (Dominik Reichl)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\Avast\AvastUI.exe [3873704 2014-05-08] (AVAST Software)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [5624784 2013-07-25] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [7843744 2014-02-04] (Acronis)
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [1104616 2013-10-10] (Acronis International GmbH)
Winlogon\Notify\igfxcui: C:\WINDOWS\SYSTEM32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
Winlogon\Notify\psfus: C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll (Authentec Inc.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-272428205-3716622950-2856836198-1004\...\Run: [Google Update] => C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-12-16] (Google Inc.)
HKU\S-1-5-21-272428205-3716622950-2856836198-1004\...\Run: [Google+ Auto Backup] => C:\Users\User\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe [3701064 2014-03-26] (Google Inc.)
HKU\S-1-5-21-272428205-3716622950-2856836198-1004\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [22415552 2014-04-25] (Google)
HKU\S-1-5-21-272428205-3716622950-2856836198-1004\...\Run: [MusicManager] => C:\Users\User\AppData\Local\Programs\Google\MusicManager\MusicManager.exe [7631872 2014-04-24] (Google Inc.)
HKU\S-1-5-21-272428205-3716622950-2856836198-1004\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20922016 2014-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-272428205-3716622950-2856836198-1004\...\Run: [GoogleChromeAutoLaunch_BA09B07B8B80D23F626FFA7CBB47CC99] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [841032 2014-05-08] (Google Inc.)
HKU\S-1-5-21-272428205-3716622950-2856836198-1004\...\Run: [HP Officejet Pro 8620 (NET)] => C:\Program Files\HP\HP Officejet Pro 8620\Bin\ScanToPCActivationApp.exe [3485728 2013-09-11] (Hewlett-Packard Co.)
HKU\S-1-5-21-272428205-3716622950-2856836198-1004\...\MountPoints2: {c0e0110d-8905-11e3-beca-b8763fa784a8} - "E:\start.exe" 
Lsa: [Notification Packages] scecli C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Biet-O-Matic.lnk
ShortcutTarget: Biet-O-Matic.lnk -> C:\Program Files (x86)\Biet-O-Matic\Biet-O-Matic.exe (www.bid-o-matic.org)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\User\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Mediencenter.lnk
ShortcutTarget: Mediencenter.lnk -> C:\Users\User\AppData\Roaming\Telekom\MediencenterSync\Mediencenter.exe (Deutsche Telekom AG)
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\younited.lnk
ShortcutTarget: younited.lnk -> C:\Users\User\AppData\Local\F-Secure\younited\Application\younited.exe (F-Secure Corporation)
SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\WINDOWS\system32\CbFsMntNtf3.dll (EldoS Corporation)
SSODL-x32: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\WINDOWS\SysWow64\CbFsMntNtf3.dll (EldoS Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://127.0.0.1:8000/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13-comm.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com/welcome/thinkpad
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
SearchScopes: HKLM - DefaultScope {6DFBD600-698E-4452-994D-931E637AC187} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MALCJS
SearchScopes: HKLM - {6DFBD600-698E-4452-994D-931E637AC187} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MALCJS
SearchScopes: HKLM-x32 - {6DFBD600-698E-4452-994D-931E637AC187} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MALCJS
SearchScopes: HKCU - DefaultScope {6DFBD600-698E-4452-994D-931E637AC187} URL = 
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear
SearchScopes: HKCU - {6DFBD600-698E-4452-994D-931E637AC187} URL = 
BHO: Deaktivierungs-Add-on für Browser von Google Analytics - {75EF13CE-B59E-41ba-8A5A-A944031BD8B4} - C:\Program Files\Google\Google Analytics Opt-Out\gaoptout_x64.dll (Google, Inc.)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll (Logitech, Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Deaktivierungs-Add-on für Browser von Google Analytics - {75EF13CE-B59E-41ba-8A5A-A944031BD8B4} - C:\Program Files (x86)\Google\Google Analytics Opt-Out\gaoptout.dll (Google, Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll (Logitech, Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\59trajgo.default
FF SelectedSearchEngine: Google
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\PDFXChange\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @java.com/DTPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\PDFXChange\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\PDFXChange\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll No File
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @sony.com/ReaderDesktop - C:\Program Files (x86)\Sony\ReaderDesktop\npreaderdetectmoz.dll (Sony Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\PDFXChange\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin HKCU: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\PDFXChange\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\User\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\User\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\User\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\User\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: intel.com/AppUp - C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp.dll (Intel)
FF Plugin HKCU: intel.com/AppUpx64 - C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp_x64.dll (Intel)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin ProgramFiles/Appdata: C:\Users\User\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\User\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Flash Video Downloader - Full HD Download - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\59trajgo.default\Extensions\artur.dubovoy@gmail.com [2014-05-09]
FF Extension: Aptana Debugger - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\59trajgo.default\Extensions\debugger@aptana.com [2014-02-13]
FF Extension: Page Speed - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\59trajgo.default\Extensions\{e3f6c2cc-d8db-498c-af6c-499fb211db97} [2014-05-07]
FF Extension: Firebug - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\59trajgo.default\Extensions\firebug@software.joehewitt.com.xpi [2014-02-13]
FF Extension: YSlow - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\59trajgo.default\Extensions\yslow@yahoo-inc.com.xpi [2014-05-07]
FF Extension: Google Analytics Opt-out Browser Add-on - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\59trajgo.default\Extensions\{6d96bb5e-1175-4ebf-8ab5-5f56f1c79f65}.xpi [2013-12-04]
FF Extension: Biet-O-Matic Firefox Erweiterung - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\59trajgo.default\Extensions\{B0D70E72-2FC1-4b9f-A3D4-5921C854D906}.xpi [2014-04-23]
FF Extension: DownThemAll! - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\59trajgo.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2014-02-11]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2013-10-25]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\Avast\WebRep\FF [2014-05-08]
FF HKCU\...\Firefox\Extensions: [{F74D5734-46F5-4B16-96F0-1E7FBF41B750}] - C:\Program Files (x86)\Lenovo\Password Manager\PWM Firefox Extension\2.0b12
FF Extension: ThinkVantage Password Manager - C:\Program Files (x86)\Lenovo\Password Manager\PWM Firefox Extension\2.0b12 [2014-03-12]

Chrome: 
=======
CHR HomePage: 
CHR StartupUrls: "", "hxxp://home.sweetim.com/?crg=3.1010000.10011&barid={D3440791-4A1F-11E2-BA13-028037EC0200}", "hxxp://search.conduit.com/?ctid=CT2625848&SearchSource=48"
CHR Extension: (BIODIGITAL HUMAN) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\agoenciogemlojlhccbcpcfflicgnaak [2014-05-04]
CHR Extension: (Xmarks Bookmark Sync) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajpgkpeckebdhofmmjfgcjjiiejpodla [2014-05-04]
CHR Extension: (Google Drive) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-04]
CHR Extension: (Turn Off the Lights) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn [2014-05-04]
CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-04]
CHR Extension: (Adblock Plus) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-05-04]
CHR Extension: (OneTab) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\chphlpgkkbolifaimnlloiipkdnihall [2014-05-04]
CHR Extension: (Auf den Amazon-Wunschzettel) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced [2014-05-04]
CHR Extension: (Spotify - Music for every moment) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnkjkdjlofllcpbemipjbcpfnglbgieh [2014-05-04]
CHR Extension: (Google-Suche) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-04]
CHR Extension: (iLove Google Tasks (not by Google)) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\djagodlhefkdlmdhboaonegjldnomnnm [2014-05-04]
CHR Extension: (Gmail offline) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk [2014-05-04]
CHR Extension: (Google Kalender) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2014-05-04]
CHR Extension: (Box - 10GB of FREE storage) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejnkaeblpdcamcioiiabclakabcbjmbl [2014-05-04]
CHR Extension: (ZenMate for Google Chrome™) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcgdnkidjaadafnichfpabhfomcebme [2014-05-04]
CHR Extension: (Deaktivierungs-Add-on von Google Analytics) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\fllaojicojecljbmefodhfapmkghcbnh [2014-05-04]
CHR Extension: (Myibidder Auction Bid Sniper for eBay) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmebanjjkaohcmifehogijfgcoieefnp [2014-05-04]
CHR Extension: (ThinkVantage Password Manager) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\geempcnjhccnoepfmahaeemnnfnignab [2014-05-04]
CHR Extension: (avast! Online Security) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-05-08]
CHR Extension: (Gantter for Google Drive) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\himomacamcpodhkahelbnmaddladgjgo [2014-05-04]
CHR Extension: (Feedly - News, Blogs and Youtube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\hipbfijinpcgfogaopmgehiegacbhmob [2014-05-04]
CHR Extension: (BeeLine Reader) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifjafammaookpiajfbedmacfldaiamgg [2014-05-04]
CHR Extension: (eBook Search) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\iiodggcinjkmjlciplimhpejdocioond [2014-05-04]
CHR Extension: (Save to Pulse) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\imnghiiajfangdaolekmphkaohhcnklj [2014-05-04]
CHR Extension: (Shareaholic für Google Chrome) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmipnjdeifmobkhgogdnomkihhgojep [2014-05-04]
CHR Extension: (Smooth Gestures) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfkgmnnajiljnolcgolmmgnecgldgeld [2014-05-04]
CHR Extension: (Google Maps) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2014-05-04]
CHR Extension: (DSL speedtest) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\mibbfkdeofpfmkclkgjfnjppdblhpddj [2014-05-04]
CHR Extension: (Google Mail-Checker) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2014-05-04]
CHR Extension: (Asana) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafkcmbfnknnkmbdbdhflbidiigecfln [2014-05-04]
CHR Extension: (Better Google Tasks) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbhddnkmimnokfjdlogacnfjfclgcdme [2014-05-04]
CHR Extension: (Export for Trello) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhdelomnagopgaealggpgojkhcafhnin [2014-05-04]
CHR Extension: (Pocket (formerly Read It Later)) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj [2014-05-04]
CHR Extension: (Facebook Notifications) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmameahlembdcigphohgiodcgjomcgeo [2014-05-04]
CHR Extension: (Google Wallet) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-04]
CHR Extension: (Live Sports) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\oamjbefinnglappklpabmhpbcdiephoo [2014-05-04]
CHR Extension: (imo free video calls and text) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocaebkdojpikfmhmnekiflipcicedobi [2014-05-04]
CHR Extension: (Diigo Web Collector - Capture and Annotate) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\oojbgadfejifecebmdnhhkbhdjaphole [2014-05-04]
CHR Extension: (Page Monitor) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pemhgklkefakciniebenbfclihhmmfcd [2014-05-04]
CHR Extension: (Evernote Web Clipper) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc [2014-05-04]
CHR Extension: (Google Mail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-04]
CHR HKCU\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\User\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2014-03-21]
CHR HKLM-x32\...\Chrome\Extension: [geempcnjhccnoepfmahaeemnnfnignab] - C:\Program Files (x86)\Lenovo\Password Manager\chrome_npapi_extension.crx [2014-03-27]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-05-08]

==================== Services (Whitelisted) =================

S4 AAV UpdateService; C:\Program Files (x86)\Steuer-Spar-Erklaerung Plus 2013\AAVUpdateManager\aavus.exe [128296 2008-10-24] ()
S4 ApacheServer; C:\SecureWAMP\Apache2\bin\httpd.exe [20992 2012-11-05] (Apache Software Foundation)
R2 avast! Antivirus; C:\Program Files\Avast\AvastSvc.exe [50344 2014-05-08] (AVAST Software)
S4 AVControlCenter; C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe [573488 2014-03-04] (Lenovo Corporation)
S4 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2251992 2013-11-14] (Broadcom Corporation.)
S4 DisplayLinkService; C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe [9281840 2013-10-07] (DisplayLink Corp.)
S4 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel(R) Corporation)
S4 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [167736 2013-05-30] (Intel Corporation)
S4 Lenovo QuickSnip Service; C:\Program Files\lenovo\QuickSnipService\QuickSnipService.exe [235488 2012-12-14] (LENOVO INCORPORATED.)
S4 Lenovo Settings Service; C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe [2085184 2014-03-10] (Lenovo Group Limited)
S4 Lenovo System Agent Service; C:\Program Files\lenovo\SystemAgent\SystemAgentService.exe [576992 2012-12-14] (LENOVO INCORPORATED.)
S4 LENOVO.TVTVCAM; C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [702512 2014-03-04] (Lenovo Corporation)
S4 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [136288 2012-08-10] (Lenovo Group Limited)
S4 lnvDiscoveryWinSvc; C:\Program Files\Lenovo\Lenovo Peer Connect\LenovoDiscoverySvc.exe [21496 2013-10-18] (Lenovo)
S4 LocationTaskManager; C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe [468288 2013-12-11] ()
S4 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [1662424 2014-02-19] ()
R2 MySQL56; C:\ProgramData\MySQL\MySQL Server 5.6\my.ini [14255 2013-10-25] ()
S4 QuickControlMasterSvc; C:\Program Files (x86)\Lenovo\QuickControl\QuickControlMasterSvc.exe [59440 2013-12-16] (Lenovo Group Limited)
S4 QuickControlService; C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe [319024 2013-12-16] (Lenovo Group Limited)
S4 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3921880 2013-10-15] (Safer-Networking Ltd.)
S4 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1042272 2013-09-20] (Safer-Networking Ltd.)
S4 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171416 2013-09-13] (Safer-Networking Ltd.)
S4 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [24120 2014-02-21] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [348392 2013-10-31] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2013-10-31] (Microsoft Corporation)
S4 WMCoreService; C:\Program Files (x86)\Mobile Broadband Drivers\WMCore\WMCore.exe [883472 2012-05-03] (Ericsson AB)
S4 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3378416 2013-08-02] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-05-08] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-05-08] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-05-08] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-05-08] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-05-15] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-05-15] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [85328 2014-05-15] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208416 2014-05-08] ()
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-11-14] (Broadcom Corporation.)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Windows (R) Win 7 DDK provider)
R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
R1 cbfs3; C:\WINDOWS\system32\drivers\cbfs3.sys [352144 2012-04-09] (EldoS Corporation)
R3 DisplayLinkUsbIo_x64; C:\Windows\System32\drivers\DisplayLinkUsbIo_x64_7.4.48800.0.sys [44944 2013-10-17] ()
R3 dlcdcncm6_x64; C:\Windows\system32\DRIVERS\dlcdcncm6_x64.sys [80688 2013-10-07] (DisplayLink Corp.)
R3 dlusbaudio; C:\Windows\system32\DRIVERS\dlusbaudio_x64.sys [203152 2013-10-07] (DisplayLink Corp.)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283200 2013-10-27] (DT Soft Ltd)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation)
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-11-11] (Microsoft Corporation)
R3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [47008 2013-07-30] ()
S3 kbldfltr; C:\Windows\System32\drivers\kbldfltr.sys [22272 2013-09-30] (Microsoft Corporation)
R3 l36wgps; C:\Windows\system32\DRIVERS\l36wgps64.sys [102440 2012-01-13] (Ericsson AB)
R3 l36wscard; C:\Windows\system32\DRIVERS\l36wscard.sys [61992 2011-08-17] (Ericsson AB)
R3 LnvHIDHW; C:\Windows\System32\drivers\LnvHIDHW.sys [27496 2012-07-30] (Lenovo)
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [119512 2014-05-04] (Malwarebytes Corporation)
R3 Mbm4bus; C:\Windows\System32\drivers\Mbm4bus.sys [159816 2011-08-22] (MCCI Corporation)
R3 Mbm4mdfl; C:\Windows\system32\DRIVERS\Mbm4mdfl.sys [19528 2011-08-22] (MCCI Corporation)
R3 Mbm4mdm; C:\Windows\system32\DRIVERS\Mbm4mdm.sys [179784 2011-08-22] (MCCI Corporation)
R3 Mbm4mgmt; C:\Windows\system32\DRIVERS\Mbm4mgmt.sys [161864 2011-08-22] (MCCI Corporation)
R3 Mbm4NNd5; C:\Windows\system32\DRIVERS\Mbm4NNd5.sys [33352 2011-08-22] (MCCI Corporation)
R3 Mbm4NUn; C:\Windows\System32\drivers\Mbm4NUn.sys [194120 2011-08-22] (MCCI Corporation)
S3 MbmLowExt; C:\Windows\System32\Drivers\MbmLowExt.sys [35840 2012-12-07] (Ericsson AB)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3345376 2013-09-04] (Intel Corporation)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924504 2014-02-22] (Microsoft Corporation)
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2013-10-26] (Microsoft Corporation)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [44784 2013-05-29] (Synaptics Incorporated)
R2 smihlp; C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys [13128 2011-05-30] (Authentec Inc.)
S3 SPUVCbv; C:\Windows\System32\Drivers\SPUVCbv_x64.sys [1514144 2013-12-10] (Sunplus)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-10-05] (Microsoft Corporation)
R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1120032 2014-05-09] (Acronis International GmbH)
R0 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [198432 2014-05-09] (Acronis International GmbH)
S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
R3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [47072 2012-10-09] (Windows (R) Win 7 DDK provider)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124760 2013-10-31] (Microsoft Corporation)
R0 Wof; C:\Windows\System32\Drivers\Wof.sys [157016 2014-03-13] (Microsoft Corporation)
R3 XHCIPort; C:\Windows\System32\drivers\XHCIPort.sys [188896 2012-10-09] (Windows (R) Win 7 DDK provider)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-16 00:06 - 2014-05-16 00:06 - 00000000 ____D () C:\Users\Public\Documents\sun
2014-05-16 00:00 - 2014-05-16 00:00 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.0
2014-05-15 21:10 - 2014-05-15 21:11 - 04540729 _____ () C:\Users\User\Downloads\Dokumente_Schenkwerk.zip
2014-05-14 22:39 - 2014-05-06 06:40 - 23544320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-05-14 22:39 - 2014-05-06 05:25 - 17382912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-05-14 22:39 - 2014-05-06 05:00 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-05-14 22:39 - 2014-05-06 04:10 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-05-14 22:39 - 2014-04-11 12:03 - 00555736 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2014-05-14 22:39 - 2014-04-11 12:03 - 00054776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-05-14 22:39 - 2014-04-11 10:25 - 00419928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2014-05-14 22:39 - 2014-04-11 08:04 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2014-05-14 22:39 - 2014-04-11 07:53 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe
2014-05-14 22:39 - 2014-04-11 07:22 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2014-05-14 22:39 - 2014-04-11 05:54 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2014-05-14 22:39 - 2014-04-11 05:36 - 11792384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-05-14 22:39 - 2014-04-11 05:24 - 13288960 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-05-14 22:39 - 2014-04-11 05:06 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2014-05-14 22:39 - 2014-04-11 05:05 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-05-14 22:39 - 2014-04-11 05:05 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2014-05-14 22:39 - 2014-04-11 05:02 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-05-14 22:39 - 2014-04-11 05:02 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2014-05-14 22:39 - 2014-04-11 05:01 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2014-05-14 22:39 - 2014-04-11 05:00 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2014-05-14 22:39 - 2014-04-11 04:59 - 00666624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2014-05-14 22:39 - 2014-04-11 04:57 - 00190976 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2014-05-14 22:39 - 2014-04-11 04:56 - 00381440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2014-05-14 22:39 - 2014-04-11 04:55 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2014-05-14 22:39 - 2014-04-11 04:53 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2014-05-14 22:39 - 2014-04-11 04:52 - 03464192 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-05-14 22:39 - 2014-04-11 04:46 - 01705472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2014-05-14 22:39 - 2014-04-11 04:36 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2014-05-14 22:39 - 2014-04-11 04:34 - 00754688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-05-14 22:39 - 2014-04-11 04:29 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2014-05-14 22:39 - 2014-04-11 04:25 - 00921088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-05-14 22:39 - 2014-03-27 11:12 - 21225584 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-05-14 22:39 - 2014-03-27 09:48 - 18679728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-05-14 17:23 - 2014-05-14 17:23 - 00000000 ____D () C:\Users\User\Downloads\mailchimp-2.0.7.tar
2014-05-14 17:22 - 2014-05-14 17:22 - 00041581 _____ () C:\Users\User\Downloads\mailchimp-2.0.7.tar.gz
2014-05-14 15:30 - 2014-05-14 15:51 - 00000000 ____D () C:\Users\User\Downloads\mcapi2-python-examples-master
2014-05-14 15:29 - 2014-05-14 15:29 - 00034137 _____ () C:\Users\User\Downloads\mcapi2-python-examples-master.zip
2014-05-14 11:09 - 2014-05-14 11:09 - 00064556 _____ () C:\Users\User\Downloads\mcapi-simple-subscribe.zip
2014-05-13 11:47 - 2014-05-13 11:47 - 00000000 ____D () C:\Users\User\AppData\Roaming\F-Secure
2014-05-13 11:47 - 2014-05-13 11:47 - 00000000 ____D () C:\ProgramData\F-Secure
2014-05-13 11:46 - 2014-05-16 00:13 - 00000000 ____D () C:\Users\User\younited
2014-05-13 11:46 - 2014-05-13 11:46 - 00000000 ____D () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\younited
2014-05-13 11:46 - 2014-05-13 11:46 - 00000000 ____D () C:\Users\User\AppData\Local\F-Secure
2014-05-13 11:45 - 2014-05-13 11:45 - 29075280 _____ (F-Secure Corporation) C:\Users\User\Downloads\younited.exe
2014-05-13 09:47 - 2014-05-13 09:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF-XChange PDF Viewer
2014-05-13 09:47 - 2014-05-13 09:47 - 00000000 ____D () C:\Program Files\PDFXChange
2014-05-13 09:46 - 2014-05-13 09:46 - 16587248 _____ (Tracker Software Products Ltd ) C:\Users\User\Downloads\PDFX142Vwer.exe
2014-05-12 13:00 - 2014-05-12 13:00 - 00007715 _____ () C:\Users\User\AppData\Local\recently-used.xbel
2014-05-10 22:23 - 2014-05-13 09:51 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-09 20:33 - 2014-05-09 20:50 - 00000000 ____D () C:\Users\User\Desktop\Tippspiel
2014-05-09 12:43 - 2014-05-09 12:43 - 00001074 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Inkscape.lnk
2014-05-09 12:43 - 2014-05-09 12:43 - 00000000 ____D () C:\Users\User\AppData\Roaming\inkscape
2014-05-09 12:40 - 2014-05-09 12:44 - 00000000 ____D () C:\Program Files (x86)\Inkscape
2014-05-09 12:22 - 2014-05-09 12:23 - 34702513 _____ (inkscape.org) C:\Users\User\Downloads\inkscape-0.48.4-1-win32.exe
2014-05-09 11:51 - 2014-05-09 11:51 - 00000000 ____D () C:\Users\User\Downloads\cs_manager
2014-05-09 11:50 - 2014-05-09 11:50 - 00788430 _____ () C:\Users\User\Downloads\cs_manager.zip
2014-05-09 11:50 - 2014-05-09 11:50 - 00000810 _____ () C:\Users\User\Downloads\_Gruppe_.svg
2014-05-09 00:56 - 2014-05-09 00:57 - 00000000 ____D () C:\ProgramData\Acronis
2014-05-09 00:56 - 2014-05-09 00:56 - 01464096 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\tdrpman.sys
2014-05-09 00:56 - 2014-05-09 00:56 - 01120032 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\tib.sys
2014-05-09 00:56 - 2014-05-09 00:56 - 00367200 _____ (Acronis) C:\WINDOWS\system32\Drivers\afcdp.sys
2014-05-09 00:56 - 2014-05-09 00:56 - 00269600 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\snapman.sys
2014-05-09 00:56 - 2014-05-09 00:56 - 00198432 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\tib_mounter.sys
2014-05-09 00:56 - 2014-05-09 00:56 - 00116000 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\fltsrv.sys
2014-05-09 00:56 - 2014-05-09 00:56 - 00001228 _____ () C:\Users\Public\Desktop\Acronis True Image 2014.lnk
2014-05-09 00:56 - 2014-05-09 00:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis
2014-05-09 00:56 - 2014-05-09 00:56 - 00000000 ____D () C:\Program Files (x86)\Acronis
2014-05-09 00:01 - 2014-05-09 00:05 - 00000000 ____D () C:\Users\User\Desktop\Acronis True Image 2014 - 3PCs Family Pack (Download)
2014-05-08 19:49 - 2014-05-08 19:49 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe
2014-05-08 19:49 - 2014-05-08 19:49 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe
2014-05-08 19:49 - 2014-05-08 19:49 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe
2014-05-08 19:49 - 2014-05-08 19:49 - 00096168 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2014-05-08 19:49 - 2014-05-08 19:49 - 00000000 ____D () C:\Program Files (x86)\Java
2014-05-08 19:33 - 2014-05-08 19:32 - 00313256 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2014-05-08 19:33 - 2014-05-08 19:32 - 00189352 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2014-05-08 19:33 - 2014-05-08 19:32 - 00189352 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2014-05-08 19:33 - 2014-05-08 19:32 - 00108968 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2014-05-08 19:32 - 2014-05-08 19:32 - 00000000 ____D () C:\Program Files\Java
2014-05-08 19:31 - 2014-05-08 19:32 - 29164456 _____ (Oracle Corporation) C:\Users\User\Downloads\jre-7u55-windows-i586.exe
2014-05-08 19:12 - 2014-05-08 19:13 - 39187992 _____ (Foxit Corporation ) C:\Users\User\Downloads\FoxitReader620.0429_enu_Setup.exe
2014-05-08 19:11 - 2014-05-08 19:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2014-05-08 19:11 - 2014-05-08 19:11 - 00000000 ____D () C:\Program Files\7-Zip
2014-05-08 15:34 - 2014-05-08 15:41 - 00002255 _____ () C:\Users\User\.kdiff3rc
2014-05-08 15:33 - 2014-05-08 15:33 - 00000000 ____D () C:\Program Files\KDiff3
2014-05-08 15:31 - 2014-05-08 15:32 - 10126581 _____ () C:\Users\User\Downloads\KDiff3-64bit-Setup_0.9.97.exe
2014-05-08 11:27 - 2014-05-15 19:37 - 00085328 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswstm.sys
2014-05-08 11:27 - 2014-05-08 11:27 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2014-05-08 11:27 - 2014-05-08 11:27 - 00029208 _____ () C:\WINDOWS\system32\Drivers\aswHwid.sys
2014-05-08 11:25 - 2014-05-12 12:41 - 00004152 _____ () C:\WINDOWS\System32\Tasks\avast! Emergency Update
2014-05-08 11:24 - 2014-05-08 11:24 - 00000000 ____D () C:\Users\User\AppData\Roaming\AVAST Software
2014-05-08 11:23 - 2014-05-15 19:37 - 01039096 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys
2014-05-08 11:23 - 2014-05-15 19:37 - 00423240 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys
2014-05-08 11:23 - 2014-05-08 11:27 - 01039096 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys.1400175448546
2014-05-08 11:23 - 2014-05-08 11:27 - 00423240 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys.1400175448546
2014-05-08 11:23 - 2014-05-08 11:27 - 00334648 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2014-05-08 11:23 - 2014-05-08 11:27 - 00208416 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys
2014-05-08 11:23 - 2014-05-08 11:27 - 00093568 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2014-05-08 11:23 - 2014-05-08 11:27 - 00079184 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2014-05-08 11:23 - 2014-05-08 11:27 - 00065776 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys
2014-05-08 11:23 - 2014-05-08 11:23 - 00409832 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys.1399541033
2014-05-08 11:23 - 2014-05-08 11:23 - 00001414 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-05-08 11:23 - 2014-05-08 11:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-05-08 11:23 - 2014-05-08 11:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-05-08 11:23 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\WINDOWS\system32\sdnclean64.exe
2014-05-08 11:22 - 2014-05-16 00:34 - 00000000 ____D () C:\Program Files\Avast
2014-05-07 22:11 - 2014-05-07 22:11 - 00000085 _____ () C:\WINDOWS\wininit.ini
2014-05-07 21:01 - 2014-05-07 21:01 - 00001228 _____ () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\I.R.I.S. Resource Center.lnk
2014-05-07 18:24 - 2014-05-07 18:24 - 00000000 ____D () C:\Program Files (x86)\Hewlett-Packard
2014-05-07 18:23 - 2014-05-14 18:49 - 00000000 ____D () C:\Users\User\AppData\Roaming\HpUpdate
2014-05-07 18:23 - 2014-05-07 18:23 - 00003626 _____ () C:\WINDOWS\System32\Tasks\HPCustParticipation HP Officejet Pro 8620
2014-05-07 18:23 - 2014-05-07 18:23 - 00000984 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\I.R.I.S. OCR-Registrierung.lnk
2014-05-07 18:23 - 2014-05-07 18:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2014-05-07 18:23 - 2013-09-11 08:07 - 00762400 ____N (Hewlett-Packard Co.) C:\WINDOWS\system32\HPDiscoPM7012.dll
2014-05-07 18:22 - 2014-05-07 18:23 - 00000000 ____D () C:\Program Files (x86)\HP
2014-05-07 18:22 - 2014-05-07 18:22 - 00000000 ____D () C:\ProgramData\HP
2014-05-07 18:21 - 2014-05-07 18:21 - 00000057 _____ () C:\ProgramData\Ament.ini
2014-05-07 18:21 - 2014-05-07 18:21 - 00000000 ____D () C:\Program Files\HP
2014-05-07 18:20 - 2014-05-11 23:35 - 00000000 ____D () C:\Users\User\AppData\Local\HP
2014-05-07 13:26 - 2014-05-07 13:26 - 04908421 _____ () C:\Users\User\Downloads\page-speed.xpi
2014-05-06 17:28 - 2014-05-06 17:28 - 00000000 ____D () C:\schenkwerk
2014-05-05 15:44 - 2014-05-05 15:44 - 00055668 _____ () C:\Users\User\Downloads\pip-Win_1.6 (1).exe
2014-05-05 03:22 - 2014-05-05 03:22 - 00000000 ____D () C:\WINDOWS\Microsoft Antimalware
2014-05-04 20:13 - 2014-05-16 00:42 - 00000000 ____D () C:\Users\User\Desktop\Trojanerboard
2014-05-04 17:52 - 2014-05-16 00:42 - 00000000 ____D () C:\FRST
2014-05-04 17:49 - 2014-05-04 17:49 - 00000000 _____ () C:\Users\User\defogger_reenable
2014-05-04 16:35 - 2014-05-04 16:35 - 00870424 _____ (Microsoft Corporation) C:\Users\User\Downloads\mssstool64.exe
2014-05-04 16:22 - 2014-05-04 16:22 - 01313617 _____ () C:\Users\User\Downloads\adwcleaner.exe
2014-05-04 15:57 - 2014-05-04 16:07 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-05-04 15:51 - 2014-05-04 15:51 - 26747104 _____ (Microsoft Corporation) C:\Users\User\Downloads\Windows-KB890830-x64-V5.11.exe
2014-05-04 15:46 - 2014-05-04 15:51 - 00000000 ____D () C:\Users\User\Downloads\TDSSKiller
2014-05-04 15:46 - 2014-05-04 15:46 - 04143997 _____ () C:\Users\User\Downloads\tdsskiller (1).zip
2014-05-04 15:45 - 2014-05-04 15:45 - 04143997 _____ () C:\Users\User\Downloads\tdsskiller.zip
2014-05-04 15:45 - 2014-05-04 15:45 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\User\Downloads\tdsskiller.exe
2014-05-04 12:47 - 2014-05-04 12:47 - 20089041 _____ () C:\Users\User\Downloads\nirsoft_package_1.18.56.zip
2014-05-04 12:16 - 2014-05-04 12:16 - 00000000 ____D () C:\Users\User\Documents\ProcAlyzer Dumps
2014-05-04 12:11 - 2014-05-04 12:11 - 00000000 ____D () C:\Users\User\AppData\Roaming\LavasoftStatistics
2014-05-04 11:45 - 2014-05-04 11:45 - 01727624 _____ () C:\Users\User\Downloads\Adaware_Installer_11.1.5354.exe
2014-05-04 11:45 - 2014-05-04 11:45 - 00000000 ____D () C:\ProgramData\Lavasoft
2014-05-04 11:00 - 2014-05-04 11:01 - 00000000 ____D () C:\Program Files (x86)\Integrated Camera
2014-04-30 18:23 - 2014-04-30 18:23 - 00000000 ____D () C:\Python
2014-04-30 18:21 - 2014-04-30 18:21 - 00055668 _____ () C:\Users\User\Downloads\pip-Win_1.6.exe
2014-04-30 18:11 - 2014-05-05 15:04 - 00000000 ____D () C:\Python27
2014-04-30 17:23 - 2014-04-30 17:23 - 00445199 _____ () C:\Users\User\Downloads\pip-1.4.1 (1).tar.gz
2014-04-30 17:05 - 2014-04-30 17:05 - 07327755 _____ () C:\Users\User\Downloads\pywin32-218.win-amd64-py2.7.exe
2014-04-30 17:05 - 2012-10-27 16:34 - 00008704 _____ () C:\WINDOWS\system32\pythoncomloader27.dll
2014-04-30 17:05 - 2012-10-27 16:29 - 00503808 _____ () C:\WINDOWS\system32\pythoncom27.dll
2014-04-30 17:05 - 2012-10-27 16:27 - 00137728 _____ () C:\WINDOWS\system32\pywintypes27.dll
2014-04-30 17:01 - 2014-04-30 17:01 - 00000951 _____ () C:\Users\User\Downloads\README (1).txt
2014-04-30 16:57 - 2014-04-30 16:57 - 00000951 _____ () C:\Users\User\Downloads\README.txt
2014-04-30 16:22 - 2014-04-30 18:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Python 2.7
2014-04-29 20:52 - 2014-04-29 20:52 - 00844148 _____ () C:\WINDOWS\system32\setuptools-3.4.4.zip
2014-04-29 19:44 - 2014-04-29 19:44 - 00844148 _____ () C:\Users\User\setuptools-3.4.4.zip
2014-04-29 19:25 - 2014-04-29 19:25 - 00000000 ____D () C:\Users\User\Downloads\pip-1.4.1.tar
2014-04-29 18:50 - 2014-04-29 18:51 - 00844148 _____ () C:\Users\User\Downloads\setuptools-3.4.4.zip
2014-04-29 17:35 - 2014-04-29 17:35 - 16420864 _____ () C:\Users\User\Downloads\python-2.7.3.amd64.msi
2014-04-29 01:05 - 2014-05-11 12:42 - 00000000 ____D () C:\Users\User\AppData\Roaming\MusicBee
2014-04-29 01:05 - 2014-04-29 01:05 - 00001030 _____ () C:\Users\Lenovo\Desktop\MusicBee.lnk
2014-04-29 01:05 - 2014-04-29 01:05 - 00001030 _____ () C:\Users\Guest\Desktop\MusicBee.lnk
2014-04-29 01:05 - 2014-04-29 01:05 - 00001030 _____ () C:\Users\Administrator\Desktop\MusicBee.lnk
2014-04-29 01:05 - 2014-04-29 01:05 - 00000000 ____D () C:\Users\User\Downloads\MusicBeeSetup_2_3
2014-04-29 01:05 - 2014-04-29 01:05 - 00000000 ____D () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MusicBee
2014-04-29 01:05 - 2014-04-29 01:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MusicBee
2014-04-29 01:05 - 2014-04-29 01:05 - 00000000 ____D () C:\Program Files (x86)\MusicBee
2014-04-29 01:04 - 2014-04-29 01:05 - 15842223 _____ () C:\Users\User\Downloads\MusicBeeSetup_2_3.zip
2014-04-29 00:31 - 2014-04-29 00:31 - 00344414 _____ () C:\Users\User\Downloads\foo_simplaylist_manager.zip
2014-04-29 00:31 - 2014-04-29 00:31 - 00000000 ____D () C:\Users\User\Downloads\foo_simplaylist_manager
2014-04-29 00:24 - 2014-04-29 00:24 - 00106257 _____ () C:\Users\User\Downloads\foo_playcount.fb2k-component
2014-04-29 00:22 - 2014-04-29 00:22 - 00000000 ____D () C:\Users\User\Downloads\foo_quicktag
2014-04-29 00:21 - 2014-04-29 00:21 - 00100155 _____ () C:\Users\User\Downloads\foo_quicktag.zip
2014-04-28 01:04 - 2014-04-28 01:05 - 00000000 ____D () C:\Users\User\Downloads\foo_ui_columns-0.3.8.8
2014-04-28 01:04 - 2014-04-28 01:04 - 00568086 _____ () C:\Users\User\Downloads\foo_ui_columns-0.3.8.8.7z
2014-04-28 00:23 - 2014-04-28 00:23 - 00323403 _____ (Holger Stenger) C:\Users\User\Downloads\foo_comserver2-0.7-setup (1).exe
2014-04-28 00:07 - 2014-04-28 00:07 - 00323403 _____ (Holger Stenger) C:\Users\User\Downloads\foo_comserver2-0.7-setup.exe
2014-04-28 00:06 - 2014-04-28 00:06 - 00000000 ____D () C:\Users\User\AppData\Local\AlbumArtDownloader
2014-04-28 00:05 - 2014-04-28 00:06 - 00000000 ____D () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Album Art Downloader
2014-04-28 00:05 - 2014-04-28 00:05 - 00000000 ____D () C:\Program Files\AlbumArtDownloader
2014-04-28 00:03 - 2014-04-28 00:03 - 00896213 _____ () C:\Users\User\Downloads\AlbumArtDownloaderXUI-1.01.exe
2014-04-27 23:55 - 2014-05-07 10:26 - 00000000 ____D () C:\Users\User\AppData\Roaming\foobar2000
2014-04-27 23:55 - 2014-04-28 00:09 - 00000000 ____D () C:\Program Files (x86)\foobar2000
2014-04-27 23:55 - 2014-04-27 23:55 - 00001136 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\foobar2000.lnk
2014-04-27 23:54 - 2014-04-27 23:54 - 03767984 _____ (foobar2000.org) C:\Users\User\Downloads\foobar2000_v1.3.2.exe
2014-04-27 22:03 - 2014-05-11 12:51 - 00000000 ____D () C:\Users\User\AppData\Roaming\Mp3tag
2014-04-25 12:02 - 2014-05-16 00:36 - 00000000 ___RD () C:\Users\User\Mediencenter
2014-04-25 12:00 - 2014-04-25 12:00 - 00001198 _____ () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mediencenter.lnk
2014-04-25 12:00 - 2014-04-25 12:00 - 00000000 ____D () C:\Users\User\AppData\Local\Telekom
2014-04-25 11:59 - 2014-04-25 11:59 - 02573688 _____ () C:\Users\User\Downloads\mediencenter_pc_sync.exe
2014-04-25 11:59 - 2014-04-25 11:59 - 00000000 ____D () C:\Users\User\AppData\Roaming\Telekom
2014-04-23 19:35 - 2014-04-23 19:35 - 00000000 ____D () C:\Users\User\AppData\Local\.distlib
2014-04-23 19:22 - 2014-04-23 19:22 - 01563245 _____ () C:\Users\User\Downloads\get-pip.py
2014-04-23 16:02 - 2014-04-23 16:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mp3tag
2014-04-23 16:02 - 2014-04-23 16:02 - 00000000 ____D () C:\Program Files (x86)\Mp3tag
2014-04-23 15:55 - 2014-04-23 15:56 - 02638704 _____ () C:\Users\User\Downloads\mp3tagv259asetup.exe
2014-04-23 15:37 - 2014-04-23 15:37 - 00000000 ____D () C:\Users\User\Downloads\django-zurb-foundation-5.1.1.tar
2014-04-23 15:32 - 2014-04-23 15:32 - 00148360 _____ () C:\Users\User\Downloads\foundation-latest.zip
2014-04-23 15:25 - 2014-04-23 15:25 - 00299362 _____ () C:\Users\User\Downloads\django-zurb-foundation-5.1.1.tar.gz
2014-04-23 14:42 - 2014-04-23 14:42 - 00000000 ____D () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Music Manager
2014-04-23 14:41 - 2014-04-23 14:41 - 00884672 _____ (Google Inc.) C:\Users\User\Downloads\musicmanagerinstaller.exe
2014-04-23 01:01 - 2014-04-23 01:01 - 00001048 _____ () C:\Users\User\Desktop\Biet-O-Matic.lnk
2014-04-23 00:59 - 2014-04-23 01:01 - 00000000 ____D () C:\Program Files (x86)\Biet-O-Matic
2014-04-23 00:59 - 2014-04-23 00:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Biet-O-Matic
2014-04-23 00:59 - 2003-01-07 02:22 - 00015873 _____ () C:\WINDOWS\SysWOW64\Inetde.dll
2014-04-23 00:59 - 2000-12-05 23:00 - 00109248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Mswinsck.ocx
2014-04-23 00:59 - 2000-10-01 23:00 - 00125712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vb6de.dll
2014-04-23 00:59 - 2000-05-22 15:58 - 00115920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msinet.ocx
2014-04-23 00:59 - 2000-05-21 23:00 - 01066176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Mscomctl.ocx
2014-04-23 00:59 - 2000-04-03 19:06 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winskde.dll
2014-04-23 00:59 - 2000-04-03 19:05 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msstdfmt.dll
2014-04-23 00:59 - 1999-07-14 13:07 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stdftde.dll
2014-04-23 00:59 - 1998-07-05 23:00 - 00158208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Mscmcde.dll
2014-04-23 00:59 - 1998-07-05 23:00 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Tabctde.dll
2014-04-23 00:59 - 1998-06-23 23:00 - 00209192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Tabctl32.ocx
2014-04-23 00:57 - 2014-04-23 00:57 - 04653537 _____ () C:\Users\User\Downloads\BOM21412_setup.exe
2014-04-21 17:49 - 2014-04-21 17:49 - 00000000 ____D () C:\Users\User\Downloads\Django-1.4.5.tar
2014-04-21 17:47 - 2014-04-21 17:47 - 07735582 _____ () C:\Users\User\Downloads\Django-1.4.5.tar.gz
2014-04-21 17:19 - 2014-04-21 17:19 - 00000000 ____D () C:\Users\User\Downloads\__MACOSX
2014-04-21 17:18 - 2014-04-21 17:18 - 00846200 _____ () C:\Users\User\Downloads\Git_Cheat_Sheet_all.zip
2014-04-21 12:28 - 2014-04-21 12:28 - 00000000 ____D () C:\Users\User\Downloads\Django-1.6.2.tar
2014-04-21 12:13 - 2014-04-21 12:13 - 06615116 _____ () C:\Users\User\Downloads\Django-1.6.2.tar.gz
2014-04-21 00:28 - 2014-04-21 00:28 - 00972594 _____ () C:\Users\User\Downloads\pycrypto-2.6.win32-py2.7.exe
2014-04-21 00:21 - 2014-04-21 00:21 - 00000000 ____D () C:\Users\User\Downloads\pycrypto-2.6.1.tar
2014-04-21 00:20 - 2014-04-21 00:20 - 00446240 _____ () C:\Users\User\Downloads\pycrypto-2.6.1.tar.gz
2014-04-21 00:11 - 2014-04-21 00:11 - 00987143 _____ () C:\Users\User\Downloads\MySQL-python-1.2.5.win32-py2.7.exe
2014-04-20 18:23 - 2014-04-21 00:31 - 00000000 ____D () C:\Program Files (x86)\Python27
2014-04-20 18:18 - 2014-04-20 18:22 - 15867904 _____ () C:\Users\User\Downloads\python-2.7.3.msi
2014-04-19 00:04 - 2014-04-19 00:04 - 00000000 ____D () C:\ProgramData\McAfee
2014-04-18 21:09 - 2014-05-04 11:54 - 00119512 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-04-18 21:09 - 2014-04-18 21:09 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-18 21:07 - 2014-04-18 21:07 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\User\Downloads\mbam-setup-2.0.1.1004 (2).exe
2014-04-18 21:06 - 2014-04-18 21:06 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\User\Downloads\mbam-setup-2.0.1.1004 (1).exe
2014-04-18 21:05 - 2014-04-18 21:06 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\User\Downloads\mbam-setup-2.0.1.1004.exe
2014-04-18 21:02 - 2014-04-18 21:02 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\User\Downloads\SpyHunter-Installer (3).exe
2014-04-18 21:02 - 2014-04-18 21:02 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\User\Downloads\SpyHunter-Installer (2).exe
2014-04-18 21:02 - 2014-04-18 21:02 - 00707664 _____ (iS3, Inc.) C:\Users\User\Downloads\SZSetup_AID10121_AV (2).exe
2014-04-18 21:01 - 2014-04-18 21:01 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\User\Downloads\SpyHunter-Installer (1).exe
2014-04-18 21:01 - 2014-04-18 21:01 - 00707664 _____ (iS3, Inc.) C:\Users\User\Downloads\SZSetup_AID10121_AV (1).exe
2014-04-18 19:38 - 2014-04-18 19:38 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\User\Downloads\SpyHunter-Installer.exe
2014-04-18 19:38 - 2014-04-18 19:38 - 00707664 _____ (iS3, Inc.) C:\Users\User\Downloads\SZSetup_AID10121_AV.exe

==================== One Month Modified Files and Folders =======

2014-05-16 00:42 - 2014-05-04 20:13 - 00000000 ____D () C:\Users\User\Desktop\Trojanerboard
2014-05-16 00:42 - 2014-05-04 17:52 - 00000000 ____D () C:\FRST
2014-05-16 00:41 - 2013-10-17 22:30 - 00000000 __RDO () C:\Users\User\SkyDrive
2014-05-16 00:41 - 2013-10-17 22:19 - 01477454 _____ () C:\WINDOWS\WindowsUpdate.log
2014-05-16 00:41 - 2013-10-17 22:13 - 00043257 _____ () C:\WINDOWS\system32\lvcoinst.log
2014-05-16 00:41 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-05-16 00:41 - 2013-08-07 23:14 - 00001132 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-16 00:41 - 2013-05-24 16:03 - 00904634 _____ () C:\WINDOWS\system32\perfh007.dat
2014-05-16 00:41 - 2013-05-24 16:03 - 00194308 _____ () C:\WINDOWS\system32\perfc007.dat
2014-05-16 00:40 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-05-16 00:40 - 2013-08-07 23:33 - 00003596 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-272428205-3716622950-2856836198-1004
2014-05-16 00:36 - 2014-04-25 12:02 - 00000000 ___RD () C:\Users\User\Mediencenter
2014-05-16 00:36 - 2013-08-08 00:50 - 00000000 ____D () C:\Users\User\AppData\Roaming\Skype
2014-05-16 00:35 - 2013-12-31 00:59 - 00000000 ___RD () C:\Users\User\Google Drive Business
2014-05-16 00:35 - 2013-08-22 16:44 - 00369904 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-05-16 00:34 - 2014-05-08 11:22 - 00000000 ____D () C:\Program Files\Avast
2014-05-16 00:33 - 2013-08-26 22:44 - 00000000 ____D () C:\Users\User\AppData\Roaming\KeePass
2014-05-16 00:25 - 2014-03-26 23:35 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-05-16 00:20 - 2013-12-16 19:55 - 00001152 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-272428205-3716622950-2856836198-1004UA.job
2014-05-16 00:13 - 2014-05-13 11:46 - 00000000 ____D () C:\Users\User\younited
2014-05-16 00:06 - 2014-05-16 00:06 - 00000000 ____D () C:\Users\Public\Documents\sun
2014-05-16 00:00 - 2014-05-16 00:00 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.0
2014-05-16 00:00 - 2013-08-08 00:56 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4
2014-05-15 23:46 - 2013-08-07 23:14 - 00001136 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-15 21:11 - 2014-05-15 21:10 - 04540729 _____ () C:\Users\User\Downloads\Dokumente_Schenkwerk.zip
2014-05-15 20:20 - 2013-12-16 19:55 - 00001100 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-272428205-3716622950-2856836198-1004Core.job
2014-05-15 19:41 - 2013-09-30 06:04 - 01974020 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-05-15 19:37 - 2014-05-08 11:27 - 00085328 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswstm.sys
2014-05-15 19:37 - 2014-05-08 11:23 - 01039096 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys
2014-05-15 19:37 - 2014-05-08 11:23 - 00423240 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys
2014-05-15 13:29 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-05-15 10:32 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\SecureBootUpdates
2014-05-15 10:31 - 2014-02-06 18:30 - 00000000 ____D () C:\Users\User\AppData\Local\Aptana Studio 3
2014-05-15 09:53 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-05-15 09:53 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-05-15 09:46 - 2013-10-17 22:15 - 00000000 ____D () C:\Users\User
2014-05-15 09:46 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-05-15 09:46 - 2013-08-08 00:16 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-05-15 09:46 - 2013-08-07 22:56 - 93223848 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-05-14 18:49 - 2014-05-07 18:23 - 00000000 ____D () C:\Users\User\AppData\Roaming\HpUpdate
2014-05-14 17:23 - 2014-05-14 17:23 - 00000000 ____D () C:\Users\User\Downloads\mailchimp-2.0.7.tar
2014-05-14 17:22 - 2014-05-14 17:22 - 00041581 _____ () C:\Users\User\Downloads\mailchimp-2.0.7.tar.gz
2014-05-14 15:51 - 2014-05-14 15:30 - 00000000 ____D () C:\Users\User\Downloads\mcapi2-python-examples-master
2014-05-14 15:29 - 2014-05-14 15:29 - 00034137 _____ () C:\Users\User\Downloads\mcapi2-python-examples-master.zip
2014-05-14 11:09 - 2014-05-14 11:09 - 00064556 _____ () C:\Users\User\Downloads\mcapi-simple-subscribe.zip
2014-05-13 20:25 - 2014-03-26 23:35 - 00003772 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2014-05-13 14:18 - 2013-10-25 15:35 - 00963584 ___SH () C:\Users\User\Desktop\Thumbs.db
2014-05-13 11:47 - 2014-05-13 11:47 - 00000000 ____D () C:\Users\User\AppData\Roaming\F-Secure
2014-05-13 11:47 - 2014-05-13 11:47 - 00000000 ____D () C:\ProgramData\F-Secure
2014-05-13 11:46 - 2014-05-13 11:46 - 00000000 ____D () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\younited
2014-05-13 11:46 - 2014-05-13 11:46 - 00000000 ____D () C:\Users\User\AppData\Local\F-Secure
2014-05-13 11:46 - 2013-08-07 22:13 - 00000000 ___RD () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-13 11:45 - 2014-05-13 11:45 - 29075280 _____ (F-Secure Corporation) C:\Users\User\Downloads\younited.exe
2014-05-13 10:11 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-05-13 09:51 - 2014-05-10 22:23 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-13 09:47 - 2014-05-13 09:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF-XChange PDF Viewer
2014-05-13 09:47 - 2014-05-13 09:47 - 00000000 ____D () C:\Program Files\PDFXChange
2014-05-13 09:46 - 2014-05-13 09:46 - 16587248 _____ (Tracker Software Products Ltd ) C:\Users\User\Downloads\PDFX142Vwer.exe
2014-05-12 13:00 - 2014-05-12 13:00 - 00007715 _____ () C:\Users\User\AppData\Local\recently-used.xbel
2014-05-12 12:41 - 2014-05-08 11:25 - 00004152 _____ () C:\WINDOWS\System32\Tasks\avast! Emergency Update
2014-05-11 23:35 - 2014-05-07 18:20 - 00000000 ____D () C:\Users\User\AppData\Local\HP
2014-05-11 12:51 - 2014-04-27 22:03 - 00000000 ____D () C:\Users\User\AppData\Roaming\Mp3tag
2014-05-11 12:42 - 2014-04-29 01:05 - 00000000 ____D () C:\Users\User\AppData\Roaming\MusicBee
2014-05-11 12:32 - 2014-03-21 12:14 - 00000000 ____D () C:\Program Files (x86)\wscc2.2.1.5
2014-05-11 12:24 - 2013-09-09 12:59 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-11 12:23 - 2013-08-22 15:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI
2014-05-10 21:50 - 2013-09-10 11:36 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-05-09 20:50 - 2014-05-09 20:33 - 00000000 ____D () C:\Users\User\Desktop\Tippspiel
2014-05-09 20:45 - 2014-03-13 12:38 - 00000000 ____D () C:\Users\User\Documents\Ausbildung
2014-05-09 20:45 - 2014-01-12 17:37 - 00378880 ___SH () C:\Users\User\Downloads\Thumbs.db
2014-05-09 12:44 - 2014-05-09 12:40 - 00000000 ____D () C:\Program Files (x86)\Inkscape
2014-05-09 12:43 - 2014-05-09 12:43 - 00001074 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Inkscape.lnk
2014-05-09 12:43 - 2014-05-09 12:43 - 00000000 ____D () C:\Users\User\AppData\Roaming\inkscape
2014-05-09 12:23 - 2014-05-09 12:22 - 34702513 _____ (inkscape.org) C:\Users\User\Downloads\inkscape-0.48.4-1-win32.exe
2014-05-09 11:51 - 2014-05-09 11:51 - 00000000 ____D () C:\Users\User\Downloads\cs_manager
2014-05-09 11:50 - 2014-05-09 11:50 - 00788430 _____ () C:\Users\User\Downloads\cs_manager.zip
2014-05-09 11:50 - 2014-05-09 11:50 - 00000810 _____ () C:\Users\User\Downloads\_Gruppe_.svg
2014-05-09 09:48 - 2014-03-23 01:44 - 00361530 _____ () C:\WINDOWS\PFRO.log
2014-05-09 00:57 - 2014-05-09 00:56 - 00000000 ____D () C:\ProgramData\Acronis
2014-05-09 00:56 - 2014-05-09 00:56 - 01464096 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\tdrpman.sys
2014-05-09 00:56 - 2014-05-09 00:56 - 01120032 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\tib.sys
2014-05-09 00:56 - 2014-05-09 00:56 - 00367200 _____ (Acronis) C:\WINDOWS\system32\Drivers\afcdp.sys
2014-05-09 00:56 - 2014-05-09 00:56 - 00269600 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\snapman.sys
2014-05-09 00:56 - 2014-05-09 00:56 - 00198432 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\tib_mounter.sys
2014-05-09 00:56 - 2014-05-09 00:56 - 00116000 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\fltsrv.sys
2014-05-09 00:56 - 2014-05-09 00:56 - 00001228 _____ () C:\Users\Public\Desktop\Acronis True Image 2014.lnk
2014-05-09 00:56 - 2014-05-09 00:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis
2014-05-09 00:56 - 2014-05-09 00:56 - 00000000 ____D () C:\Program Files (x86)\Acronis
2014-05-09 00:05 - 2014-05-09 00:01 - 00000000 ____D () C:\Users\User\Desktop\Acronis True Image 2014 - 3PCs Family Pack (Download)
2014-05-08 22:33 - 2014-03-21 12:16 - 00007669 _____ () C:\WINDOWS\setupact.log
2014-05-08 19:50 - 2013-11-10 16:17 - 00000000 ____D () C:\ProgramData\Oracle
2014-05-08 19:49 - 2014-05-08 19:49 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe
2014-05-08 19:49 - 2014-05-08 19:49 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe
2014-05-08 19:49 - 2014-05-08 19:49 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe
2014-05-08 19:49 - 2014-05-08 19:49 - 00096168 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2014-05-08 19:49 - 2014-05-08 19:49 - 00000000 ____D () C:\Program Files (x86)\Java
2014-05-08 19:32 - 2014-05-08 19:33 - 00313256 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2014-05-08 19:32 - 2014-05-08 19:33 - 00189352 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2014-05-08 19:32 - 2014-05-08 19:33 - 00189352 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2014-05-08 19:32 - 2014-05-08 19:33 - 00108968 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2014-05-08 19:32 - 2014-05-08 19:32 - 00000000 ____D () C:\Program Files\Java
2014-05-08 19:32 - 2014-05-08 19:31 - 29164456 _____ (Oracle Corporation) C:\Users\User\Downloads\jre-7u55-windows-i586.exe
2014-05-08 19:13 - 2014-05-08 19:12 - 39187992 _____ (Foxit Corporation ) C:\Users\User\Downloads\FoxitReader620.0429_enu_Setup.exe
2014-05-08 19:11 - 2014-05-08 19:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2014-05-08 19:11 - 2014-05-08 19:11 - 00000000 ____D () C:\Program Files\7-Zip
2014-05-08 15:41 - 2014-05-08 15:34 - 00002255 _____ () C:\Users\User\.kdiff3rc
2014-05-08 15:33 - 2014-05-08 15:33 - 00000000 ____D () C:\Program Files\KDiff3
2014-05-08 15:32 - 2014-05-08 15:31 - 10126581 _____ () C:\Users\User\Downloads\KDiff3-64bit-Setup_0.9.97.exe
2014-05-08 11:27 - 2014-05-08 11:27 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2014-05-08 11:27 - 2014-05-08 11:27 - 00029208 _____ () C:\WINDOWS\system32\Drivers\aswHwid.sys
2014-05-08 11:27 - 2014-05-08 11:23 - 01039096 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys.1400175448546
2014-05-08 11:27 - 2014-05-08 11:23 - 00423240 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys.1400175448546
2014-05-08 11:27 - 2014-05-08 11:23 - 00334648 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2014-05-08 11:27 - 2014-05-08 11:23 - 00208416 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys
2014-05-08 11:27 - 2014-05-08 11:23 - 00093568 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2014-05-08 11:27 - 2014-05-08 11:23 - 00079184 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2014-05-08 11:27 - 2014-05-08 11:23 - 00065776 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys
2014-05-08 11:24 - 2014-05-08 11:24 - 00000000 ____D () C:\Users\User\AppData\Roaming\AVAST Software
2014-05-08 11:23 - 2014-05-08 11:23 - 00409832 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys.1399541033
2014-05-08 11:23 - 2014-05-08 11:23 - 00001414 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-05-08 11:23 - 2014-05-08 11:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-05-08 11:23 - 2014-05-08 11:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-05-08 11:23 - 2014-02-25 20:40 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-05-08 11:23 - 2014-02-25 20:39 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-05-08 11:21 - 2013-10-20 22:27 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-05-08 10:55 - 2014-03-13 10:27 - 00007598 _____ () C:\Users\User\AppData\Local\Resmon.ResmonCfg
2014-05-07 22:11 - 2014-05-07 22:11 - 00000085 _____ () C:\WINDOWS\wininit.ini
2014-05-07 21:01 - 2014-05-07 21:01 - 00001228 _____ () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\I.R.I.S. Resource Center.lnk
2014-05-07 20:15 - 2013-12-16 19:55 - 00004102 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-272428205-3716622950-2856836198-1004UA
2014-05-07 20:15 - 2013-12-16 19:55 - 00003722 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-272428205-3716622950-2856836198-1004Core
2014-05-07 18:24 - 2014-05-07 18:24 - 00000000 ____D () C:\Program Files (x86)\Hewlett-Packard
2014-05-07 18:23 - 2014-05-07 18:23 - 00003626 _____ () C:\WINDOWS\System32\Tasks\HPCustParticipation HP Officejet Pro 8620
2014-05-07 18:23 - 2014-05-07 18:23 - 00000984 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\I.R.I.S. OCR-Registrierung.lnk
2014-05-07 18:23 - 2014-05-07 18:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2014-05-07 18:23 - 2014-05-07 18:22 - 00000000 ____D () C:\Program Files (x86)\HP
2014-05-07 18:22 - 2014-05-07 18:22 - 00000000 ____D () C:\ProgramData\HP
2014-05-07 18:21 - 2014-05-07 18:21 - 00000057 _____ () C:\ProgramData\Ament.ini
2014-05-07 18:21 - 2014-05-07 18:21 - 00000000 ____D () C:\Program Files\HP
2014-05-07 13:26 - 2014-05-07 13:26 - 04908421 _____ () C:\Users\User\Downloads\page-speed.xpi
2014-05-07 12:07 - 2014-02-05 15:50 - 00000000 ____D () C:\Users\User\AppData\Roaming\npm-cache
2014-05-07 12:07 - 2014-02-05 15:50 - 00000000 ____D () C:\Users\User\AppData\Roaming\npm
2014-05-07 10:26 - 2014-04-27 23:55 - 00000000 ____D () C:\Users\User\AppData\Roaming\foobar2000
2014-05-06 17:28 - 2014-05-06 17:28 - 00000000 ____D () C:\schenkwerk
2014-05-06 06:40 - 2014-05-14 22:39 - 23544320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-05-06 05:25 - 2014-05-14 22:39 - 17382912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-05-06 05:00 - 2014-05-14 22:39 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-05-06 04:10 - 2014-05-14 22:39 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-05-06 00:47 - 2013-08-08 00:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2014-05-06 00:41 - 2013-08-07 23:14 - 00004108 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-05-06 00:41 - 2013-08-07 23:14 - 00003872 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-05-05 15:44 - 2014-05-05 15:44 - 00055668 _____ () C:\Users\User\Downloads\pip-Win_1.6 (1).exe
2014-05-05 15:04 - 2014-04-30 18:11 - 00000000 ____D () C:\Python27
2014-05-05 03:22 - 2014-05-05 03:22 - 00000000 ____D () C:\WINDOWS\Microsoft Antimalware
2014-05-04 17:49 - 2014-05-04 17:49 - 00000000 _____ () C:\Users\User\defogger_reenable
2014-05-04 17:32 - 2013-08-07 22:19 - 00002982 _____ () C:\WINDOWS\System32\Tasks\Synaptics TouchPad Enhancements
2014-05-04 17:31 - 2013-08-14 08:17 - 00003118 _____ () C:\WINDOWS\System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe
2014-05-04 17:31 - 2013-08-14 08:17 - 00003092 _____ () C:\WINDOWS\System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe
2014-05-04 17:31 - 2013-08-14 08:17 - 00003090 _____ () C:\WINDOWS\System32\Tasks\Microsoft_Hardware_Launch_itype_exe
2014-05-04 17:31 - 2013-08-14 08:17 - 00003062 _____ () C:\WINDOWS\System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe
2014-05-04 17:31 - 2013-08-14 08:17 - 00003060 _____ () C:\WINDOWS\System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe
2014-05-04 17:30 - 2013-08-22 17:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp
2014-05-04 17:16 - 2014-03-22 00:12 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\Spotify
2014-05-04 16:40 - 2014-02-12 21:52 - 00000000 ____D () C:\Users\User\AppData\Roaming\uTorrent
2014-05-04 16:35 - 2014-05-04 16:35 - 00870424 _____ (Microsoft Corporation) C:\Users\User\Downloads\mssstool64.exe
2014-05-04 16:22 - 2014-05-04 16:22 - 01313617 _____ () C:\Users\User\Downloads\adwcleaner.exe
2014-05-04 16:07 - 2014-05-04 15:57 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-05-04 15:51 - 2014-05-04 15:51 - 26747104 _____ (Microsoft Corporation) C:\Users\User\Downloads\Windows-KB890830-x64-V5.11.exe
2014-05-04 15:51 - 2014-05-04 15:46 - 00000000 ____D () C:\Users\User\Downloads\TDSSKiller
2014-05-04 15:46 - 2014-05-04 15:46 - 04143997 _____ () C:\Users\User\Downloads\tdsskiller (1).zip
2014-05-04 15:45 - 2014-05-04 15:45 - 04143997 _____ () C:\Users\User\Downloads\tdsskiller.zip
2014-05-04 15:45 - 2014-05-04 15:45 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\User\Downloads\tdsskiller.exe
2014-05-04 14:26 - 2013-08-08 00:01 - 00002960 _____ () C:\WINDOWS\System32\Tasks\PMTask
2014-05-04 14:21 - 2013-07-01 10:59 - 00000000 ____D () C:\Users\User\Documents\Backup
2014-05-04 14:18 - 2013-05-24 06:23 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Lenovo
2014-05-04 14:15 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\Registration
2014-05-04 12:47 - 2014-05-04 12:47 - 20089041 _____ () C:\Users\User\Downloads\nirsoft_package_1.18.56.zip
2014-05-04 12:16 - 2014-05-04 12:16 - 00000000 ____D () C:\Users\User\Documents\ProcAlyzer Dumps
2014-05-04 12:11 - 2014-05-04 12:11 - 00000000 ____D () C:\Users\User\AppData\Roaming\LavasoftStatistics
2014-05-04 11:54 - 2014-04-18 21:09 - 00119512 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-05-04 11:45 - 2014-05-04 11:45 - 01727624 _____ () C:\Users\User\Downloads\Adaware_Installer_11.1.5354.exe
2014-05-04 11:45 - 2014-05-04 11:45 - 00000000 ____D () C:\ProgramData\Lavasoft
2014-05-04 11:01 - 2014-05-04 11:00 - 00000000 ____D () C:\Program Files (x86)\Integrated Camera
2014-05-01 22:30 - 2013-08-22 17:38 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-05-01 22:30 - 2013-08-22 17:38 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-30 18:23 - 2014-04-30 18:23 - 00000000 ____D () C:\Python
2014-04-30 18:21 - 2014-04-30 18:21 - 00055668 _____ () C:\Users\User\Downloads\pip-Win_1.6.exe
2014-04-30 18:11 - 2014-04-30 16:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Python 2.7
2014-04-30 17:23 - 2014-04-30 17:23 - 00445199 _____ () C:\Users\User\Downloads\pip-1.4.1 (1).tar.gz
2014-04-30 17:05 - 2014-04-30 17:05 - 07327755 _____ () C:\Users\User\Downloads\pywin32-218.win-amd64-py2.7.exe
2014-04-30 17:01 - 2014-04-30 17:01 - 00000951 _____ () C:\Users\User\Downloads\README (1).txt
2014-04-30 16:57 - 2014-04-30 16:57 - 00000951 _____ () C:\Users\User\Downloads\README.txt
2014-04-30 15:16 - 2013-09-09 12:59 - 00000000 ____D () C:\Users\User\AppData\Roaming\Mozilla
2014-04-30 14:13 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\FxsTmp
2014-04-29 20:52 - 2014-04-29 20:52 - 00844148 _____ () C:\WINDOWS\system32\setuptools-3.4.4.zip
2014-04-29 19:44 - 2014-04-29 19:44 - 00844148 _____ () C:\Users\User\setuptools-3.4.4.zip
2014-04-29 19:25 - 2014-04-29 19:25 - 00000000 ____D () C:\Users\User\Downloads\pip-1.4.1.tar
2014-04-29 18:51 - 2014-04-29 18:50 - 00844148 _____ () C:\Users\User\Downloads\setuptools-3.4.4.zip
2014-04-29 17:35 - 2014-04-29 17:35 - 16420864 _____ () C:\Users\User\Downloads\python-2.7.3.amd64.msi
2014-04-29 01:05 - 2014-04-29 01:05 - 00001030 _____ () C:\Users\Lenovo\Desktop\MusicBee.lnk
2014-04-29 01:05 - 2014-04-29 01:05 - 00001030 _____ () C:\Users\Guest\Desktop\MusicBee.lnk
2014-04-29 01:05 - 2014-04-29 01:05 - 00001030 _____ () C:\Users\Administrator\Desktop\MusicBee.lnk
2014-04-29 01:05 - 2014-04-29 01:05 - 00000000 ____D () C:\Users\User\Downloads\MusicBeeSetup_2_3
2014-04-29 01:05 - 2014-04-29 01:05 - 00000000 ____D () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MusicBee
2014-04-29 01:05 - 2014-04-29 01:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MusicBee
2014-04-29 01:05 - 2014-04-29 01:05 - 00000000 ____D () C:\Program Files (x86)\MusicBee
2014-04-29 01:05 - 2014-04-29 01:04 - 15842223 _____ () C:\Users\User\Downloads\MusicBeeSetup_2_3.zip
2014-04-29 00:31 - 2014-04-29 00:31 - 00344414 _____ () C:\Users\User\Downloads\foo_simplaylist_manager.zip
2014-04-29 00:31 - 2014-04-29 00:31 - 00000000 ____D () C:\Users\User\Downloads\foo_simplaylist_manager
2014-04-29 00:24 - 2014-04-29 00:24 - 00106257 _____ () C:\Users\User\Downloads\foo_playcount.fb2k-component
2014-04-29 00:22 - 2014-04-29 00:22 - 00000000 ____D () C:\Users\User\Downloads\foo_quicktag
2014-04-29 00:21 - 2014-04-29 00:21 - 00100155 _____ () C:\Users\User\Downloads\foo_quicktag.zip
2014-04-28 01:05 - 2014-04-28 01:04 - 00000000 ____D () C:\Users\User\Downloads\foo_ui_columns-0.3.8.8
2014-04-28 01:04 - 2014-04-28 01:04 - 00568086 _____ () C:\Users\User\Downloads\foo_ui_columns-0.3.8.8.7z
2014-04-28 00:23 - 2014-04-28 00:23 - 00323403 _____ (Holger Stenger) C:\Users\User\Downloads\foo_comserver2-0.7-setup (1).exe
2014-04-28 00:09 - 2014-04-27 23:55 - 00000000 ____D () C:\Program Files (x86)\foobar2000
2014-04-28 00:07 - 2014-04-28 00:07 - 00323403 _____ (Holger Stenger) C:\Users\User\Downloads\foo_comserver2-0.7-setup.exe
2014-04-28 00:06 - 2014-04-28 00:06 - 00000000 ____D () C:\Users\User\AppData\Local\AlbumArtDownloader
2014-04-28 00:06 - 2014-04-28 00:05 - 00000000 ____D () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Album Art Downloader
2014-04-28 00:05 - 2014-04-28 00:05 - 00000000 ____D () C:\Program Files\AlbumArtDownloader
2014-04-28 00:03 - 2014-04-28 00:03 - 00896213 _____ () C:\Users\User\Downloads\AlbumArtDownloaderXUI-1.01.exe
2014-04-27 23:55 - 2014-04-27 23:55 - 00001136 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\foobar2000.lnk
2014-04-27 23:54 - 2014-04-27 23:54 - 03767984 _____ (foobar2000.org) C:\Users\User\Downloads\foobar2000_v1.3.2.exe
2014-04-27 18:31 - 2011-09-27 21:37 - 00000000 ____D () C:\Users\User\Documents\Steuerfälle
2014-04-25 12:00 - 2014-04-25 12:00 - 00001198 _____ () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mediencenter.lnk
2014-04-25 12:00 - 2014-04-25 12:00 - 00000000 ____D () C:\Users\User\AppData\Local\Telekom
2014-04-25 11:59 - 2014-04-25 11:59 - 02573688 _____ () C:\Users\User\Downloads\mediencenter_pc_sync.exe
2014-04-25 11:59 - 2014-04-25 11:59 - 00000000 ____D () C:\Users\User\AppData\Roaming\Telekom
2014-04-24 19:41 - 2013-08-26 22:42 - 00000000 ___RD () C:\Users\User\Dropbox
2014-04-24 19:41 - 2013-08-26 22:40 - 00000000 ____D () C:\Users\User\AppData\Roaming\Dropbox
2014-04-23 19:35 - 2014-04-23 19:35 - 00000000 ____D () C:\Users\User\AppData\Local\.distlib
2014-04-23 19:22 - 2014-04-23 19:22 - 01563245 _____ () C:\Users\User\Downloads\get-pip.py
2014-04-23 16:02 - 2014-04-23 16:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mp3tag
2014-04-23 16:02 - 2014-04-23 16:02 - 00000000 ____D () C:\Program Files (x86)\Mp3tag
2014-04-23 15:56 - 2014-04-23 15:55 - 02638704 _____ () C:\Users\User\Downloads\mp3tagv259asetup.exe
2014-04-23 15:37 - 2014-04-23 15:37 - 00000000 ____D () C:\Users\User\Downloads\django-zurb-foundation-5.1.1.tar
2014-04-23 15:32 - 2014-04-23 15:32 - 00148360 _____ () C:\Users\User\Downloads\foundation-latest.zip
2014-04-23 15:25 - 2014-04-23 15:25 - 00299362 _____ () C:\Users\User\Downloads\django-zurb-foundation-5.1.1.tar.gz
2014-04-23 14:42 - 2014-04-23 14:42 - 00000000 ____D () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Music Manager
2014-04-23 14:42 - 2013-08-07 23:14 - 00000000 ____D () C:\Users\User\AppData\Local\Google
2014-04-23 14:41 - 2014-04-23 14:41 - 00884672 _____ (Google Inc.) C:\Users\User\Downloads\musicmanagerinstaller.exe
2014-04-23 01:01 - 2014-04-23 01:01 - 00001048 _____ () C:\Users\User\Desktop\Biet-O-Matic.lnk
2014-04-23 01:01 - 2014-04-23 00:59 - 00000000 ____D () C:\Program Files (x86)\Biet-O-Matic
2014-04-23 00:59 - 2014-04-23 00:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Biet-O-Matic
2014-04-23 00:57 - 2014-04-23 00:57 - 04653537 _____ () C:\Users\User\Downloads\BOM21412_setup.exe
2014-04-22 17:31 - 2013-08-27 15:36 - 00000000 ____D () C:\Users\User\Entwicklung
2014-04-22 11:03 - 2014-03-12 22:41 - 00000146 _____ () C:\WINDOWS\launchpw.cmd
2014-04-22 11:02 - 2014-03-12 22:40 - 00001577 _____ () C:\WINDOWS\Delfg.cmd
2014-04-22 11:02 - 2014-03-12 22:40 - 00000006 _____ () C:\WINDOWS\systemtype.txt
2014-04-22 11:02 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\Help
2014-04-22 11:02 - 2013-05-24 06:23 - 00000000 ___HD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo ThinkVantage Tools
2014-04-22 11:02 - 2013-05-24 06:23 - 00000000 ____D () C:\WINDOWS\Downloaded Installations
2014-04-22 11:02 - 2011-06-11 01:15 - 05522768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfc100u.dll
2014-04-21 17:49 - 2014-04-21 17:49 - 00000000 ____D () C:\Users\User\Downloads\Django-1.4.5.tar
2014-04-21 17:47 - 2014-04-21 17:47 - 07735582 _____ () C:\Users\User\Downloads\Django-1.4.5.tar.gz
2014-04-21 17:19 - 2014-04-21 17:19 - 00000000 ____D () C:\Users\User\Downloads\__MACOSX
2014-04-21 17:18 - 2014-04-21 17:18 - 00846200 _____ () C:\Users\User\Downloads\Git_Cheat_Sheet_all.zip
2014-04-21 12:28 - 2014-04-21 12:28 - 00000000 ____D () C:\Users\User\Downloads\Django-1.6.2.tar
2014-04-21 12:13 - 2014-04-21 12:13 - 06615116 _____ () C:\Users\User\Downloads\Django-1.6.2.tar.gz
2014-04-21 00:31 - 2014-04-20 18:23 - 00000000 ____D () C:\Program Files (x86)\Python27
2014-04-21 00:28 - 2014-04-21 00:28 - 00972594 _____ () C:\Users\User\Downloads\pycrypto-2.6.win32-py2.7.exe
2014-04-21 00:21 - 2014-04-21 00:21 - 00000000 ____D () C:\Users\User\Downloads\pycrypto-2.6.1.tar
2014-04-21 00:20 - 2014-04-21 00:20 - 00446240 _____ () C:\Users\User\Downloads\pycrypto-2.6.1.tar.gz
2014-04-21 00:11 - 2014-04-21 00:11 - 00987143 _____ () C:\Users\User\Downloads\MySQL-python-1.2.5.win32-py2.7.exe
2014-04-20 18:22 - 2014-04-20 18:18 - 15867904 _____ () C:\Users\User\Downloads\python-2.7.3.msi
2014-04-19 00:30 - 2013-08-07 22:27 - 00000000 ____D () C:\Users\User\AppData\Local\Adobe
2014-04-19 00:04 - 2014-04-19 00:04 - 00000000 ____D () C:\ProgramData\McAfee
2014-04-18 21:59 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\addins
2014-04-18 21:09 - 2014-04-18 21:09 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-18 21:07 - 2014-04-18 21:07 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\User\Downloads\mbam-setup-2.0.1.1004 (2).exe
2014-04-18 21:06 - 2014-04-18 21:06 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\User\Downloads\mbam-setup-2.0.1.1004 (1).exe
2014-04-18 21:06 - 2014-04-18 21:05 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\User\Downloads\mbam-setup-2.0.1.1004.exe
2014-04-18 21:02 - 2014-04-18 21:02 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\User\Downloads\SpyHunter-Installer (3).exe
2014-04-18 21:02 - 2014-04-18 21:02 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\User\Downloads\SpyHunter-Installer (2).exe
2014-04-18 21:02 - 2014-04-18 21:02 - 00707664 _____ (iS3, Inc.) C:\Users\User\Downloads\SZSetup_AID10121_AV (2).exe
2014-04-18 21:01 - 2014-04-18 21:01 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\User\Downloads\SpyHunter-Installer (1).exe
2014-04-18 21:01 - 2014-04-18 21:01 - 00707664 _____ (iS3, Inc.) C:\Users\User\Downloads\SZSetup_AID10121_AV (1).exe
2014-04-18 19:38 - 2014-04-18 19:38 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\User\Downloads\SpyHunter-Installer.exe
2014-04-18 19:38 - 2014-04-18 19:38 - 00707664 _____ (iS3, Inc.) C:\Users\User\Downloads\SZSetup_AID10121_AV.exe

Files to move or delete:
====================
C:\ProgramData\Lenovo-1186.vbs


Some content of TEMP:
====================
C:\Users\Guest\AppData\Local\Temp\ICReinstall_ZipSetup.exe
C:\Users\User\AppData\Local\Temp\917b0b87-3358-4e79-93de-3dfc2fc99ed0.exe
C:\Users\User\AppData\Local\Temp\Foxit Updater.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-05-15 19:58

==================== End Of Log ============================
         
--- --- ---

--- --- ---

Alt 16.05.2014, 12:58   #12
schrauber
/// the machine
/// TB-Ausbilder
 

Windows 8.1: Dienst "Geräteinstallations-Manager" (DsmSvc) beansprucht 20-30% CPU-Auslastung im Ruhezustand - Standard

Windows 8.1: Dienst "Geräteinstallations-Manager" (DsmSvc) beansprucht 20-30% CPU-Auslastung im Ruhezustand



Zitat:
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://127.0.0.1:8000/
Diese Startseite gewollt?
Also selbst bei Clean Boot ist die Auslastung immer noch da?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 18.05.2014, 13:50   #13
emon
 
Windows 8.1: Dienst "Geräteinstallations-Manager" (DsmSvc) beansprucht 20-30% CPU-Auslastung im Ruhezustand - Standard

Windows 8.1: Dienst "Geräteinstallations-Manager" (DsmSvc) beansprucht 20-30% CPU-Auslastung im Ruhezustand



hxxp://127.0.0.1:8000 ist der lokale Server zum Testen von erstellten Webseiten. Dieser wird aber nicht beim Hochfahren gestartet. Auch beim Clean Boot bleibt die Auslastung des Dienstes "DsmSvC" konstant auf gleicher Höhe.
Viele Grüße Norbert

Alt 19.05.2014, 09:34   #14
schrauber
/// the machine
/// TB-Ausbilder
 

Windows 8.1: Dienst "Geräteinstallations-Manager" (DsmSvc) beansprucht 20-30% CPU-Auslastung im Ruhezustand - Standard

Windows 8.1: Dienst "Geräteinstallations-Manager" (DsmSvc) beansprucht 20-30% CPU-Auslastung im Ruhezustand



Mach mal nen Refresh von 8.1 oder 8, wenn Du auf 8.1 nen Update gemacht hast.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 19.05.2014, 10:33   #15
emon
 
Windows 8.1: Dienst "Geräteinstallations-Manager" (DsmSvc) beansprucht 20-30% CPU-Auslastung im Ruhezustand - Standard

Windows 8.1: Dienst "Geräteinstallations-Manager" (DsmSvc) beansprucht 20-30% CPU-Auslastung im Ruhezustand



Ich hatte gehofft, dass ich einen Refresh oder ähnliches vermeiden könnte. Aktuell habe ich nicht die Zeit und Nerven dazu alle Programme neu zu installieren, werde das dann aber wohl bei nächster Gelegenheit irgendwann tun müssen. Aktuell werde ich den Dienst "DsmSvc" einfach deaktivieren und hoffen, dass mir dieses nicht anderweitige Probleme verursacht. Momentan scheint aber alles auch ohne diesen reibungslos zu laufen. Trotzdem noch vielen Dank für Deine Hilfe. Grüße Norbert

Antwort

Themen zu Windows 8.1: Dienst "Geräteinstallations-Manager" (DsmSvc) beansprucht 20-30% CPU-Auslastung im Ruhezustand
ad-aware, antivirus, anzeigename, browser, downloader, error, excel, exe, fcupdateservice.exe, feedback, firefox, flash player, google, google analytics, homepage, hängt, lightning, mozilla, popup, problem, proxy, pwmtr64v.dll, realtek, registry, remotecomputer, scan, security, software, speedtest, svchost.exe, system, taskmanager, windows



Ähnliche Themen: Windows 8.1: Dienst "Geräteinstallations-Manager" (DsmSvc) beansprucht 20-30% CPU-Auslastung im Ruhezustand


  1. Windows 7 Aero Design funktioniert plötzlich nicht mehr // Service "Sitzungs-Manager für Desktopfenster-Manager" macht Probleme
    Alles rund um Windows - 18.04.2016 (10)
  2. Windows 7 "wacht" nicht aus Ruhezustand auf
    Alles rund um Windows - 13.04.2015 (3)
  3. Windows 7: SM-Bus-Controller im Geräte-Manager mit "?" gekennzeichnet. Treiber Installation erfolglos!
    Netzwerk und Hardware - 06.02.2015 (17)
  4. Diverse Malware ("CoolSaleCoupon", "ddownlloaditkeep", "omiga-plus", "SaveSense", "SaleItCoupon"); lahmer PC & viel Werbung!
    Plagegeister aller Art und deren Bekämpfung - 11.01.2015 (16)
  5. Immer Ärger mit Samsung-Dienst "Find My Mobile"
    Nachrichten - 28.10.2014 (0)
  6. Windows 7: "Windows-Verwaltungsinstrumentation"-Dienst startet nicht nach Trojanerbefall
    Log-Analyse und Auswertung - 15.06.2014 (15)
  7. Win 7: TeamSpeak 3 Installation: "Der angegebene Dienst ist kein installierter Dienst"
    Log-Analyse und Auswertung - 15.04.2014 (17)
  8. "The weDownload Manager" bei ebay.de und "dealfinder" auf ntv.de
    Plagegeister aller Art und deren Bekämpfung - 29.03.2014 (18)
  9. Win XP SP3: der Dienst "Automatische Updates" lässt sich nicht aktivieren
    Log-Analyse und Auswertung - 09.01.2014 (5)
  10. [Meldung im Wartecenter] 'Dienst "Windows-Sicherheitscenter" aktivieren (Wichtig)'
    Plagegeister aller Art und deren Bekämpfung - 10.11.2013 (1)
  11. Windows (Task-Manager, etc.) blockiert; "Achtung! Aus Sicherheitsgründen wurde Ihr Windowssystem..."
    Log-Analyse und Auswertung - 08.03.2012 (12)
  12. Dienst "Windows-Sicherheitscenter" lässt sich nicht aktivieren
    Log-Analyse und Auswertung - 21.06.2011 (21)
  13. Unbekannter Windows Dienst "WWY"
    Plagegeister aller Art und deren Bekämpfung - 16.03.2011 (9)
  14. Dienst "Sicherheitscenter" lässt sich nicht starten - Googleumleitungen - Trojaner on Board ?
    Log-Analyse und Auswertung - 10.02.2011 (25)
  15. Windows Update Dienst bleibt im Status "wird gestartet" stehen
    Alles rund um Windows - 05.06.2010 (0)
  16. "Der angegebene Dienst ist kein istallierter Dienst."
    Plagegeister aller Art und deren Bekämpfung - 29.07.2009 (0)
  17. Computer aufeinmal sehr langsam , AntiVir "Dienst gestoppt"
    Log-Analyse und Auswertung - 08.07.2009 (16)

Zum Thema Windows 8.1: Dienst "Geräteinstallations-Manager" (DsmSvc) beansprucht 20-30% CPU-Auslastung im Ruhezustand - Hallo zusammen, nachdem ich den ganzen Tag zweifelhaft und erfolglos nach einer Lösung für mein Problem gesucht habe, versuche ich es nun auf diesem Wege. Seit einigen Tage beansprucht der - Windows 8.1: Dienst "Geräteinstallations-Manager" (DsmSvc) beansprucht 20-30% CPU-Auslastung im Ruhezustand...
Archiv
Du betrachtest: Windows 8.1: Dienst "Geräteinstallations-Manager" (DsmSvc) beansprucht 20-30% CPU-Auslastung im Ruhezustand auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.