|
Log-Analyse und Auswertung: Trojaner Verdacht - CPU im Leerlauf bei 50 - 100% AuslastungWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
26.06.2014, 10:44 | #1 |
| Trojaner Verdacht - CPU im Leerlauf bei 50 - 100% Auslastung Hallo Community, mein Laptop weist im Ruhezustand eine CPU Auslastung zwischen 50% und 100%, kurzzeitig auch 5-7% auf. Das Problem ist, dass sich das im Sekundentakt ändert, also bspw. von 20% auf 95% und das ohne etwas zu machen.Ständig springt der CPU Lüfter an , dabei befindet sich der Laptop im Ruhezustand! Bitte um dringende Hilfe! bisherige Aktionen: - AV AntiVir - ohne Erfolg - Malwarebytes - ohne Erfolg - Spybot Search & Destroy - ohne Erfolg |
26.06.2014, 11:22 | #2 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Trojaner Verdacht - CPU im Leerlauf bei 50 - 100% Auslastung Schau mal nach welche Prozesse die Last verursachen...
__________________
__________________ |
26.06.2014, 14:26 | #3 |
| Trojaner Verdacht - CPU im Leerlauf bei 50 - 100% AuslastungIch habe den Übeltäter anscheinend ausgemacht! Eine sogenannte "Systemunterbrechung" lässt meine CPU intervallmäßig alle 3-4 sek in die Höhe schnellen! Danach wird der Prozess wird zurückgesetzt und neugestartet! Anscheinend versucht er irgendwas im Hintergrund zu "bewältigen"! |
26.06.2014, 14:32 | #4 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Trojaner Verdacht - CPU im Leerlauf bei 50 - 100% Auslastung Scan mit Farbar's Recovery Scan Tool (FRST) Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit (Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ Logfiles bitte immer in CODE-Tags posten |
26.06.2014, 15:14 | #5 |
| Trojaner Verdacht - CPU im Leerlauf bei 50 - 100% AuslastungFRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-06-2014 Ran by lance (administrator) on WIN-HSANQ6N9GDP on 26-06-2014 16:12:29 Running from C:\Users\lance\Downloads Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 11 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (ASUS) C:\Program Files (x86)\Common Files\InstantOn\InsOnSrv.exe (Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe (ASUS) C:\Program Files (x86)\ASUS\SmartLogon\smartlogon.exe (Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe (BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe (ASUS) C:\Program Files (x86)\Common Files\InstantOn\InsOnWMI.exe (ASUS) C:\Program Files\P4G\BatteryLife.exe (ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe (ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe (BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe (Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe (SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE (SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (ASUS) C:\Windows\AsScrPro.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Glarysoft Ltd) C:\Program Files (x86)\Glary Utilities 5\Integrator.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe (BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Service.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe (BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-Network.exe (BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-BlockDevice.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe (BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-SharedFolder.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe (Virage Logic Corporation / Sonic Focus) C:\Program Files (x86)\ASUS\SonicMaster\SonicMasterTray.exe (Disc Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe () C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation) C:\Windows\System32\igfxsrvc.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe (BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Frontend.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Farbar) C:\Users\lance\Downloads\FRST64 (1).exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2277992 2011-11-15] (Realtek Semiconductor) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2785064 2011-05-05] (Synaptics Incorporated) HKLM\...\Run: [SynAsusAcpi] => C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe [97064 2011-05-05] (Synaptics Incorporated) HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2199840 2014-04-30] (NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1225920 2014-04-30] (NVIDIA Corporation) HKLM-x32\...\Run: [SonicMasterTray] => C:\Program Files (x86)\ASUS\SonicMaster\SonicMasterTray.exe [984400 2010-07-10] (Virage Logic Corporation / Sonic Focus) HKLM-x32\...\Run: [Wireless Console 3] => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [1601536 2010-09-24] () HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [750160 2014-06-26] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-05-07] (Oracle Corporation) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X] HKU\S-1-5-21-951093527-3289666354-848172253-1001\...\Run: [Spybot-S&D Cleaning] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe [3713032 2012-11-13] (Safer-Networking Ltd.) HKU\S-1-5-21-951093527-3289666354-848172253-1001\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [37152 2014-06-16] (Glarysoft Ltd) HKU\S-1-5-21-951093527-3289666354-848172253-1001\...\Run: [DAEMON Tools Pro Agent] => C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe [3125280 2013-10-17] (Disc Soft Ltd) AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [146480 2014-05-20] (NVIDIA Corporation) ShellIconOverlayIdentifiers: AsusWSShellExt_B -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\ASUSWSShellExt64.dll (eCareme Technologies, Inc.) ShellIconOverlayIdentifiers: AsusWSShellExt_O -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\ASUSWSShellExt64.dll (eCareme Technologies, Inc.) ShellIconOverlayIdentifiers-x32: SkyDrivePro1 (ErrorConflict) -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: SkyDrivePro2 (SyncInProgress) -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: SkyDrivePro3 (InSync) -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) BootExecute: autocheck autochk * BootDefrag.exebootdelete ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank SearchScopes: HKLM-x32 - DefaultScope value is missing. SearchScopes: HKLM-x32 - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUT SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation) BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.) BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations) BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 FireFox: ======== FF ProfilePath: C:\Users\lance\AppData\Roaming\Mozilla\Firefox\Profiles\nptsdgsu.default FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_125.dll () FF Plugin: @java.com/DTPlugin,version=10.11.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF Plugin: @microsoft.com/GENUINE - disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~3\Office15\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=2.0.4 - C:\Program Files\VideoLAN\VLC\npvlc.dll No File FF Plugin: @videolan.org/vlc,version=2.0.5 - C:\Program Files\VideoLAN\VLC\npvlc.dll No File FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll () FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1207148.dll (Adobe Systems, Inc.) FF Plugin-x32: @java.com/DTPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE - disabled No File FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @veetle.com/veetleCorePlugin,version=0.9.19 - C:\Program Files (x86)\Veetle\plugins\npVeetle.dll (Veetle Inc) FF Plugin-x32: @veetle.com/veetlePlayerPlugin,version=0.9.18 - C:\Program Files (x86)\Veetle\Player\npvlc.dll (Veetle Inc) FF Plugin-x32: @videolan.org/vlc,version=2.0.6 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: ZEON/PDF,version=2.0 - C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll (Zeon Corporation) FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll () FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.) FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml FF Extension: ProxTube - Unblock YouTube - C:\Users\lance\AppData\Roaming\Mozilla\Firefox\Profiles\nptsdgsu.default\Extensions\{2541D29A-DB9E-4c1e-949A-31EFB4AEF4E7} [2014-04-04] FF Extension: FastestFox - C:\Users\lance\AppData\Roaming\Mozilla\Firefox\Profiles\nptsdgsu.default\Extensions\smarterwiki@wikiatic.com.xpi [2014-02-01] FF Extension: StreamBurner - C:\Users\lance\AppData\Roaming\Mozilla\Firefox\Profiles\nptsdgsu.default\Extensions\{1fc895a6-2042-46ec-a61b-233165b4c218}.xpi [2014-02-07] FF Extension: Adblock Plus - C:\Users\lance\AppData\Roaming\Mozilla\Firefox\Profiles\nptsdgsu.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-04-30] Chrome: ======= CHR Extension: (ProxFlow) - C:\Users\lance\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2014-06-25] CHR Extension: (StreamBurner (Previously BetterJTV)) - C:\Users\lance\AppData\Local\Google\Chrome\User Data\Default\Extensions\akpoolpacbnehigfcagnlafodogbejek [2014-05-17] CHR Extension: (Forge of Empires) - C:\Users\lance\AppData\Local\Google\Chrome\User Data\Default\Extensions\anaphblkfplenhkephgneolhnmjminjg [2014-04-25] CHR Extension: (Google Docs) - C:\Users\lance\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-06-06] CHR Extension: (Google Drive) - C:\Users\lance\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-06] CHR Extension: (YouTube) - C:\Users\lance\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-06-06] CHR Extension: (Last updated at $time$ on $date$) - C:\Users\lance\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-04-25] CHR Extension: (Google Search) - C:\Users\lance\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-06-06] CHR Extension: (AdBlock) - C:\Users\lance\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-04-20] CHR Extension: (Google Wallet) - C:\Users\lance\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-12] CHR Extension: (Gmail) - C:\Users\lance\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-06-06] CHR HKLM-x32\...\Chrome\Extension: [aakchaleigkohafkfjfjbblobjifikek] - C:\Users\lance\AppData\LocalLow\proxtube\CHROME\proxtube.crx [2012-04-19] ==================== Services (Whitelisted) ================= R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-06-26] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-06-26] (Avira Operations GmbH & Co. KG) S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1039952 2014-05-27] (Avira Operations GmbH & Co. KG) R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [138400 2011-03-13] (Atheros) [File not signed] R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [74912 2011-03-13] (Atheros Commnucations) [File not signed] R2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [402192 2014-05-21] (BlueStack Systems, Inc.) R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [385808 2014-05-21] (BlueStack Systems, Inc.) R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [774928 2014-05-21] (BlueStack Systems, Inc.) R2 EPSON_EB_RPCV4_04; C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE [166400 2009-09-14] (SEIKO EPSON CORPORATION) [File not signed] R2 EPSON_PM_RPCV4_04; C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE [128512 2009-09-14] (SEIKO EPSON CORPORATION) [File not signed] S3 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [127752 2014-05-05] (SurfRight B.V.) S2 LanmanWorkstation; C:\Windows\System32\svchost.exe [27136 2009-07-14] (Microsoft Corporation) R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation) S4 nHancer; C:\Program Files\nHancer\nHancerService.exe [39424 2010-05-02] (KSE - Korndörfer Software Engineering) [File not signed] R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1617696 2014-04-30] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21007192 2014-04-30] (NVIDIA Corporation) R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1103392 2012-11-13] (Safer-Networking Ltd.) R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1369624 2012-11-13] (Safer-Networking Ltd.) R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [168384 2012-11-13] (Safer-Networking Ltd.) S4 Update-Service; %SystemRoot%\System32\UpdSvc.dll [X] ==================== Drivers (Whitelisted) ==================== R0 62861928; C:\Windows\System32\DRIVERS\62861928.sys [460888 2013-09-03] (Kaspersky Lab ZAO) U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation) R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2013-04-26] () R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-06-26] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-05-27] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-10-31] (Avira Operations GmbH & Co. KG) R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [84720 2013-12-17] (Avira Operations GmbH & Co. KG) R0 BootDefragDriver; C:\Windows\System32\drivers\BootDefragDriver.sys [17600 2014-06-16] (Glarysoft Ltd) R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [123152 2014-05-21] (BlueStack Systems) R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-02-14] (Disc Soft Ltd) R0 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [20672 2014-05-19] (Glarysoft Ltd) S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [32512 2014-06-25] () S3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( ) R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2013-04-26] () R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-06-26] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation) R1 nvkflt; C:\Windows\System32\DRIVERS\nvkflt.sys [301512 2014-05-20] (NVIDIA Corporation) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [18776 2014-04-30] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation) S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-14] (Brother Industries Ltd.) R0 sptd; C:\Windows\System32\Drivers\sptd.sys [381440 2014-02-14] (Duplex Secure Ltd.) S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [13920 2012-06-06] () U5 TMUSB; C:\Windows\System32\DRIVERS\TMUSB64.SYS [63096 2012-12-05] (Seiko Epson Corporation) U3 avax7ep5; C:\Windows\System32\Drivers\avax7ep5.sys [0 ] (Intel Corporation) S4 NVHDA; system32\drivers\nvhda64v.sys [X] S4 TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [X] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-06-26 16:11 - 2014-06-26 16:11 - 00068959 _____ () C:\Users\lance\Desktop\FRST.txt 2014-06-26 16:10 - 2014-06-26 16:10 - 02082816 _____ (Farbar) C:\Users\lance\Downloads\FRST64 (1).exe 2014-06-26 15:39 - 2014-06-26 15:39 - 00003158 _____ () C:\Windows\System32\Tasks\{4CF2D6AB-B588-4EE3-B52A-86E801B4E206} 2014-06-26 15:31 - 2014-06-26 15:33 - 145417920 _____ (Intel Corporation) C:\Users\lance\Downloads\Win64_152822 (1).exe 2014-06-26 10:59 - 2014-06-26 10:59 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-WIN-HSANQ6N9GDP-Microsoft-Windows-7-Home-Premium-(64-bit).dat 2014-06-26 10:58 - 2014-06-26 10:58 - 00000000 ____D () C:\RegBackup 2014-06-26 03:57 - 2014-06-26 03:57 - 00002161 _____ () C:\Users\lance\Desktop\Tweaking.com - Windows Repair (All in One).lnk 2014-06-26 03:57 - 2014-06-26 03:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com 2014-06-26 03:57 - 2014-06-26 03:57 - 00000000 ____D () C:\Program Files (x86)\Tweaking.com 2014-06-26 03:27 - 2014-06-26 03:27 - 00854367 _____ () C:\Users\lance\Downloads\SecurityCheck.exe 2014-06-26 03:10 - 2014-06-26 03:10 - 05461664 _____ () C:\Users\lance\Downloads\tweaking.com_windows_repair_aio_setup.exe 2014-06-26 03:08 - 2014-06-26 03:10 - 03439326 _____ () C:\Users\lance\Downloads\tweaking.com_windows_repair_aio.zip 2014-06-26 03:02 - 2014-06-26 03:02 - 03037958 _____ () C:\Users\lance\Documents\AutoRuns.arn 2014-06-26 03:00 - 2014-06-26 03:00 - 00000000 ____D () C:\Users\lance\Downloads\Autoruns 2014-06-26 02:56 - 2014-06-26 02:56 - 00511782 _____ () C:\Users\lance\Downloads\Autoruns.zip 2014-06-26 02:42 - 2014-06-26 02:44 - 00067160 _____ () C:\Users\lance\Downloads\Addition.txt 2014-06-26 02:41 - 2014-06-26 16:12 - 00025087 _____ () C:\Users\lance\Downloads\FRST.txt 2014-06-26 02:40 - 2014-06-26 16:12 - 00000000 ____D () C:\FRST 2014-06-26 02:40 - 2014-06-26 02:40 - 02082816 _____ (Farbar) C:\Users\lance\Downloads\FRST64.exe 2014-06-26 02:28 - 2014-06-26 02:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-06-26 02:28 - 2014-05-07 15:02 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2014-06-26 02:28 - 2014-05-07 14:59 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe 2014-06-26 02:28 - 2014-05-07 14:59 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe 2014-06-26 02:28 - 2014-05-07 14:58 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe 2014-06-26 02:27 - 2014-06-26 02:28 - 00004471 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_60-b19.log 2014-06-26 02:26 - 2014-06-26 02:26 - 00918952 _____ (Oracle Corporation) C:\Users\lance\Downloads\chromeinstall-7u60.exe 2014-06-26 02:18 - 2014-06-26 02:18 - 02347384 _____ (ESET) C:\Users\lance\Downloads\esetsmartinstaller_deu.exe 2014-06-26 02:18 - 2014-06-26 02:18 - 00000000 ____D () C:\Program Files (x86)\ESET 2014-06-26 02:07 - 2014-06-26 16:02 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-06-26 02:06 - 2014-06-26 02:06 - 00001104 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-06-26 02:06 - 2014-06-26 02:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-06-26 02:06 - 2014-06-26 02:06 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-06-26 02:06 - 2014-06-26 02:06 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-06-26 02:06 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-06-26 02:06 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-06-26 02:06 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2014-06-26 02:01 - 2014-06-26 02:01 - 00003355 _____ () C:\Users\lance\Desktop\JRT.txt 2014-06-26 01:58 - 2014-06-26 01:58 - 00315392 _____ (Malwarebytes Corporation) C:\Users\lance\Downloads\mbam-clean-2.0.2.0.exe 2014-06-26 01:55 - 2014-06-26 01:55 - 01342659 _____ () C:\Users\lance\Downloads\adwcleaner_3.213.exe 2014-06-26 01:54 - 2014-06-26 01:54 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\lance\Downloads\mbam-setup-2.0.2.1012 (1).exe 2014-06-26 01:54 - 2014-06-26 01:54 - 01016261 _____ (Thisisu) C:\Users\lance\Downloads\JRT.exe 2014-06-26 01:54 - 2014-06-26 01:54 - 00000000 ____D () C:\Windows\ERUNT 2014-06-26 01:52 - 2014-06-26 01:52 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\lance\Downloads\mbam-setup-2.0.2.1012.exe 2014-06-26 01:47 - 2014-06-26 01:47 - 702295891 _____ () C:\Windows\MEMORY.DMP 2014-06-26 01:47 - 2014-06-26 01:47 - 00335776 _____ () C:\Windows\Minidump\062614-24367-01.dmp 2014-06-26 00:00 - 2014-06-26 15:43 - 00000000 ____D () C:\Windows\SysWOW64\NV 2014-06-26 00:00 - 2014-06-26 15:43 - 00000000 ____D () C:\Windows\system32\NV 2014-06-25 23:56 - 2014-05-20 01:10 - 00601432 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe 2014-06-25 23:54 - 2014-06-25 23:58 - 145417920 _____ (Intel Corporation) C:\Users\lance\Downloads\win64_152822.exe 2014-06-25 23:50 - 2014-06-25 23:50 - 00000000 ____D () C:\NVIDIA 2014-06-25 23:44 - 2014-06-25 23:50 - 333878864 _____ (NVIDIA Corporation) C:\Users\lance\Downloads\337.88-notebook-win8-win7-64bit-international-whql (1).exe 2014-06-25 23:24 - 2014-06-25 23:24 - 00032512 _____ () C:\Windows\system32\Drivers\hitmanpro37.sys 2014-06-25 23:15 - 2014-06-25 23:15 - 00013356 _____ () C:\Users\lance\Desktop\hijackthis.log 2014-06-23 12:46 - 2014-06-26 15:43 - 00003127 _____ () C:\Windows\setupact.log 2014-06-22 21:32 - 2014-06-22 21:32 - 00003136 _____ () C:\Windows\System32\Tasks\{4C6A2F2F-B96B-4BD2-BE35-5BE1433945B5} 2014-06-22 15:53 - 2014-06-23 15:59 - 00000000 ____D () C:\ProgramData\McAfee Security Scan 2014-06-22 15:49 - 2014-06-26 03:30 - 00002249 _____ () C:\Users\Public\Desktop\Google Chrome.lnk 2014-06-22 15:49 - 2014-06-22 15:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2014-06-21 18:24 - 2014-06-21 17:14 - 00000030 _____ () C:\AVScanner.ini 2014-06-21 12:53 - 2014-06-21 12:53 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-06-20 13:24 - 2014-06-20 16:24 - 00000000 ____D () C:\Users\lance\Documents\Stronghold Crusader 2014-06-20 13:21 - 2014-06-20 13:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefly Studios 2014-06-20 13:09 - 2014-06-16 09:27 - 00017600 _____ (Glarysoft Ltd) C:\Windows\system32\Drivers\BootDefragDriver.sys 2014-06-19 22:24 - 2014-06-19 22:24 - 00000000 ____D () C:\Users\lance\Downloads\Stronghold_Crusader_HD_GERMAN-iND 2014-06-12 21:28 - 2014-06-26 15:54 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-06-12 21:28 - 2014-06-26 15:53 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-06-12 21:28 - 2014-06-22 15:49 - 00004104 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2014-06-12 21:28 - 2014-06-22 15:48 - 00003852 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2014-06-11 01:12 - 2014-04-25 04:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll 2014-06-11 01:12 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll 2014-06-11 01:12 - 2014-04-05 04:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys 2014-06-11 01:12 - 2014-04-05 04:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS 2014-06-11 01:12 - 2014-03-26 16:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll 2014-06-11 01:12 - 2014-03-26 16:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll 2014-06-11 01:12 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll 2014-06-11 01:12 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll 2014-06-11 01:12 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll 2014-06-11 01:12 - 2014-03-26 16:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll 2014-06-11 01:12 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll 2014-06-11 01:12 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll 2014-06-11 01:11 - 2014-05-30 12:21 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-06-11 01:11 - 2014-05-30 12:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-06-11 01:11 - 2014-05-30 12:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-06-11 01:11 - 2014-05-30 11:45 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-06-11 01:11 - 2014-05-30 11:39 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-06-11 01:11 - 2014-05-30 11:39 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-06-11 01:11 - 2014-05-30 11:38 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-06-11 01:11 - 2014-05-30 11:28 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-06-11 01:11 - 2014-05-30 11:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-06-11 01:11 - 2014-05-30 11:24 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-06-11 01:11 - 2014-05-30 11:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-06-11 01:11 - 2014-05-30 11:21 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-06-11 01:11 - 2014-05-30 11:20 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-06-11 01:11 - 2014-05-30 11:18 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-06-11 01:11 - 2014-05-30 11:11 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-06-11 01:11 - 2014-05-30 11:08 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-06-11 01:11 - 2014-05-30 11:06 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-06-11 01:11 - 2014-05-30 11:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-06-11 01:11 - 2014-05-30 10:55 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-06-11 01:11 - 2014-05-30 10:49 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-06-11 01:11 - 2014-05-30 10:46 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-06-11 01:11 - 2014-05-30 10:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-06-11 01:11 - 2014-05-30 10:44 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-06-11 01:11 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-06-11 01:11 - 2014-05-30 10:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-06-11 01:11 - 2014-05-30 10:38 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-06-11 01:11 - 2014-05-30 10:35 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-06-11 01:11 - 2014-05-30 10:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-06-11 01:11 - 2014-05-30 10:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-06-11 01:11 - 2014-05-30 10:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-06-11 01:11 - 2014-05-30 10:29 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-06-11 01:11 - 2014-05-30 10:28 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-06-11 01:11 - 2014-05-30 10:27 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-06-11 01:11 - 2014-05-30 10:24 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-06-11 01:11 - 2014-05-30 10:23 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-06-11 01:11 - 2014-05-30 10:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-06-11 01:11 - 2014-05-30 10:10 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-06-11 01:11 - 2014-05-30 10:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-06-11 01:11 - 2014-05-30 10:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-06-11 01:11 - 2014-05-30 10:02 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-06-11 01:11 - 2014-05-30 09:56 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-06-11 01:11 - 2014-05-30 09:56 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-06-11 01:11 - 2014-05-30 09:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-06-11 01:11 - 2014-05-30 09:50 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2014-06-11 01:11 - 2014-05-30 09:49 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-06-11 01:11 - 2014-05-30 09:43 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-06-11 01:11 - 2014-05-30 09:40 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-06-11 01:11 - 2014-05-30 09:30 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-06-11 01:11 - 2014-05-30 09:21 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-06-11 01:11 - 2014-05-30 09:15 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-06-11 01:11 - 2014-05-30 09:13 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-06-11 01:11 - 2014-05-30 09:13 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-06-11 01:06 - 2014-06-08 11:13 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-06-11 01:06 - 2014-06-08 11:08 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-06-08 20:55 - 2014-06-08 20:56 - 23103466 _____ () C:\Users\lance\Desktop\10371866_1510572839171521_1905598737_n.mp4 2014-06-06 20:02 - 2014-06-26 15:40 - 00007616 _____ () C:\Users\lance\AppData\Local\Resmon.ResmonCfg 2014-06-06 19:56 - 2014-06-06 19:56 - 00000000 ____D () C:\Users\lance\AppData\Roaming\LavasoftStatistics 2014-06-06 19:55 - 2014-06-06 19:55 - 00000000 ____D () C:\Program Files\Lavasoft 2014-06-06 19:54 - 2014-06-23 16:05 - 00000000 ____D () C:\Users\lance\AppData\Roaming\Lavasoft 2014-06-06 19:53 - 2014-06-06 19:53 - 00000000 ____D () C:\ProgramData\Lavasoft 2014-06-06 19:45 - 2014-06-26 11:23 - 00021534 _____ () C:\Windows\PFRO.log 2014-06-06 00:26 - 2014-06-26 11:23 - 00578856 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-06-05 21:29 - 2014-06-05 21:29 - 00000000 _____ () C:\Windows\setuperr.log 2014-06-05 16:36 - 2014-06-26 11:35 - 00175320 _____ () C:\Users\lance\AppData\Local\GDIPFONTCACHEV1.DAT 2014-06-04 15:44 - 2014-06-04 15:44 - 00033039 _____ () C:\ComboFix.txt 2014-06-04 14:58 - 2014-06-04 14:58 - 00000000 __SHD () C:\Users\lance\AppData\Local\EmieUserList 2014-06-04 14:58 - 2014-06-04 14:58 - 00000000 __SHD () C:\Users\lance\AppData\Local\EmieSiteList 2014-06-04 14:56 - 2014-06-20 13:06 - 00000390 _____ () C:\BackupLoader.ini 2014-06-04 12:11 - 2014-06-04 12:11 - 00002772 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC 2014-06-04 12:11 - 2014-06-04 12:11 - 00000824 _____ () C:\Users\Public\Desktop\CCleaner.lnk 2014-06-04 10:07 - 2014-06-04 10:07 - 00001829 _____ () C:\Users\Public\Desktop\Apps.lnk 2014-06-04 10:07 - 2014-06-04 10:07 - 00001809 _____ () C:\Users\Public\Desktop\Start BlueStacks.lnk 2014-06-04 10:07 - 2014-06-04 10:07 - 00000000 ____D () C:\Users\lance\AppData\Local\Bluestacks 2014-06-04 10:07 - 2014-06-04 10:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks 2014-06-04 10:07 - 2014-06-04 10:07 - 00000000 ____D () C:\ProgramData\BlueStacks 2014-06-04 10:07 - 2014-06-04 10:07 - 00000000 ____D () C:\Program Files (x86)\BlueStacks 2014-06-04 01:19 - 2014-05-20 04:44 - 31387936 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll 2014-06-04 01:19 - 2014-05-20 04:44 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll 2014-06-04 01:19 - 2014-05-20 04:44 - 24025376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll 2014-06-04 01:19 - 2014-05-20 04:44 - 18531568 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll 2014-06-04 01:19 - 2014-05-20 04:44 - 17561544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll 2014-06-04 01:19 - 2014-05-20 04:44 - 17480432 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll 2014-06-04 01:19 - 2014-05-20 04:44 - 16003912 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll 2014-06-04 01:19 - 2014-05-20 04:44 - 14434704 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll 2014-06-04 01:19 - 2014-05-20 04:44 - 12688328 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys 2014-06-04 01:19 - 2014-05-20 04:44 - 11644928 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll 2014-06-04 01:19 - 2014-05-20 04:44 - 11599072 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll 2014-06-04 01:19 - 2014-05-20 04:44 - 09735256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll 2014-06-04 01:19 - 2014-05-20 04:44 - 09697640 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll 2014-06-04 01:19 - 2014-05-20 04:44 - 03141976 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll 2014-06-04 01:19 - 2014-05-20 04:44 - 02953672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll 2014-06-04 01:19 - 2014-05-20 04:44 - 02785568 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll 2014-06-04 01:19 - 2014-05-20 04:44 - 02412376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll 2014-06-04 01:19 - 2014-05-20 04:44 - 01889112 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433788.dll 2014-06-04 01:19 - 2014-05-20 04:44 - 01541576 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433788.dll 2014-06-04 01:19 - 2014-05-20 04:44 - 00895776 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll 2014-06-04 01:19 - 2014-05-20 04:44 - 00892704 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll 2014-06-04 01:19 - 2014-05-20 04:44 - 00867784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll 2014-06-04 01:19 - 2014-05-20 04:44 - 00861128 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll 2014-06-04 01:19 - 2014-05-20 04:44 - 00837056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll 2014-06-04 01:19 - 2014-05-20 04:44 - 00354016 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll 2014-06-04 01:19 - 2014-05-20 04:44 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll 2014-06-04 01:19 - 2014-05-20 04:44 - 00301512 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvkflt.sys 2014-06-04 01:19 - 2014-05-20 04:44 - 00166568 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll 2014-06-04 01:19 - 2014-05-20 04:44 - 00146480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll 2014-06-04 01:19 - 2014-05-20 04:44 - 00032544 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvpciflt.sys 2014-06-04 01:14 - 2014-03-31 18:42 - 00040392 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys 2014-06-04 01:13 - 2014-03-31 18:42 - 00034760 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll 2014-06-03 18:29 - 2014-06-03 18:29 - 00000000 ____D () C:\Windows\System32\Tasks\Abelssoft 2014-06-03 18:28 - 2014-06-03 18:31 - 00000000 ____D () C:\Users\lance\AppData\Local\Abelssoft 2014-06-03 18:23 - 2014-06-03 18:23 - 00070000 _____ () C:\Users\lance\Documents\cc_20140603_182326.reg 2014-05-29 02:33 - 2014-05-29 02:33 - 00000000 ____D () C:\ProgramData\TopApp soft ==================== One Month Modified Files and Folders ======= 2014-06-26 16:12 - 2014-06-26 02:41 - 00025087 _____ () C:\Users\lance\Downloads\FRST.txt 2014-06-26 16:12 - 2014-06-26 02:40 - 00000000 ____D () C:\FRST 2014-06-26 16:11 - 2014-06-26 16:11 - 00068959 _____ () C:\Users\lance\Desktop\FRST.txt 2014-06-26 16:10 - 2014-06-26 16:10 - 02082816 _____ (Farbar) C:\Users\lance\Downloads\FRST64 (1).exe 2014-06-26 16:02 - 2014-06-26 02:07 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-06-26 15:54 - 2014-06-12 21:28 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-06-26 15:53 - 2014-06-12 21:28 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-06-26 15:48 - 2009-07-14 06:45 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-06-26 15:48 - 2009-07-14 06:45 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-06-26 15:47 - 2011-12-11 01:52 - 01861618 _____ () C:\Windows\WindowsUpdate.log 2014-06-26 15:44 - 2014-05-19 18:44 - 00000334 _____ () C:\Windows\Tasks\GlaryInitialize 5.job 2014-06-26 15:44 - 2014-05-19 18:44 - 00000000 ____D () C:\Program Files (x86)\Glary Utilities 5 2014-06-26 15:44 - 2011-12-11 02:03 - 00018666 _____ () C:\Windows\system32\results.xml 2014-06-26 15:43 - 2014-06-26 00:00 - 00000000 ____D () C:\Windows\SysWOW64\NV 2014-06-26 15:43 - 2014-06-26 00:00 - 00000000 ____D () C:\Windows\system32\NV 2014-06-26 15:43 - 2014-06-23 12:46 - 00003127 _____ () C:\Windows\setupact.log 2014-06-26 15:43 - 2011-12-10 01:51 - 00045056 _____ () C:\Windows\SysWOW64\acovcnt.exe 2014-06-26 15:42 - 2013-06-05 19:57 - 00000000 ____D () C:\ProgramData\NVIDIA 2014-06-26 15:42 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-06-26 15:40 - 2014-06-06 20:02 - 00007616 _____ () C:\Users\lance\AppData\Local\Resmon.ResmonCfg 2014-06-26 15:39 - 2014-06-26 15:39 - 00003158 _____ () C:\Windows\System32\Tasks\{4CF2D6AB-B588-4EE3-B52A-86E801B4E206} 2014-06-26 15:36 - 2014-02-07 13:07 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-06-26 15:33 - 2014-06-26 15:31 - 145417920 _____ (Intel Corporation) C:\Users\lance\Downloads\Win64_152822 (1).exe 2014-06-26 15:30 - 2012-12-27 20:53 - 00000000 ____D () C:\Users\lance\SystemRequirementsLab 2014-06-26 15:30 - 2012-12-27 20:53 - 00000000 ____D () C:\Program Files (x86)\SystemRequirementsLab 2014-06-26 14:44 - 2011-12-11 02:21 - 00002016 _____ () C:\Windows\system32\ServiceFilter.ini 2014-06-26 11:50 - 2013-11-24 22:44 - 00117712 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys 2014-06-26 11:35 - 2014-06-05 16:36 - 00175320 _____ () C:\Users\lance\AppData\Local\GDIPFONTCACHEV1.DAT 2014-06-26 11:29 - 2011-02-19 06:24 - 00697216 _____ () C:\Windows\system32\perfh007.dat 2014-06-26 11:29 - 2011-02-19 06:24 - 00149356 _____ () C:\Windows\system32\perfc007.dat 2014-06-26 11:29 - 2009-07-14 07:13 - 01651372 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-06-26 11:23 - 2014-06-06 19:45 - 00021534 _____ () C:\Windows\PFRO.log 2014-06-26 11:23 - 2014-06-06 00:26 - 00578856 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-06-26 11:22 - 2012-03-06 00:26 - 01554432 ___SH () C:\Users\lance\Desktop\Thumbs.db 2014-06-26 11:13 - 2009-07-14 04:34 - 00000439 _____ () C:\Windows\win.ini 2014-06-26 10:59 - 2014-06-26 10:59 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-WIN-HSANQ6N9GDP-Microsoft-Windows-7-Home-Premium-(64-bit).dat 2014-06-26 10:58 - 2014-06-26 10:58 - 00000000 ____D () C:\RegBackup 2014-06-26 03:57 - 2014-06-26 03:57 - 00002161 _____ () C:\Users\lance\Desktop\Tweaking.com - Windows Repair (All in One).lnk 2014-06-26 03:57 - 2014-06-26 03:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com 2014-06-26 03:57 - 2014-06-26 03:57 - 00000000 ____D () C:\Program Files (x86)\Tweaking.com 2014-06-26 03:30 - 2014-06-22 15:49 - 00002249 _____ () C:\Users\Public\Desktop\Google Chrome.lnk 2014-06-26 03:27 - 2014-06-26 03:27 - 00854367 _____ () C:\Users\lance\Downloads\SecurityCheck.exe 2014-06-26 03:10 - 2014-06-26 03:10 - 05461664 _____ () C:\Users\lance\Downloads\tweaking.com_windows_repair_aio_setup.exe 2014-06-26 03:10 - 2014-06-26 03:08 - 03439326 _____ () C:\Users\lance\Downloads\tweaking.com_windows_repair_aio.zip 2014-06-26 03:02 - 2014-06-26 03:02 - 03037958 _____ () C:\Users\lance\Documents\AutoRuns.arn 2014-06-26 03:01 - 2014-02-14 09:24 - 00003400 _____ () C:\Windows\System32\Tasks\Auto Re-Aktivierung 2014-06-26 03:01 - 2012-12-19 00:27 - 00002772 _____ () C:\Windows\System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 2014-06-26 03:00 - 2014-06-26 03:00 - 00000000 ____D () C:\Users\lance\Downloads\Autoruns 2014-06-26 02:56 - 2014-06-26 02:56 - 00511782 _____ () C:\Users\lance\Downloads\Autoruns.zip 2014-06-26 02:44 - 2014-06-26 02:42 - 00067160 _____ () C:\Users\lance\Downloads\Addition.txt 2014-06-26 02:40 - 2014-06-26 02:40 - 02082816 _____ (Farbar) C:\Users\lance\Downloads\FRST64.exe 2014-06-26 02:28 - 2014-06-26 02:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-06-26 02:28 - 2014-06-26 02:27 - 00004471 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_60-b19.log 2014-06-26 02:28 - 2013-10-19 02:42 - 00000000 ____D () C:\ProgramData\Oracle 2014-06-26 02:28 - 2013-08-15 14:47 - 00000000 ____D () C:\Program Files (x86)\Java 2014-06-26 02:26 - 2014-06-26 02:26 - 00918952 _____ (Oracle Corporation) C:\Users\lance\Downloads\chromeinstall-7u60.exe 2014-06-26 02:18 - 2014-06-26 02:18 - 02347384 _____ (ESET) C:\Users\lance\Downloads\esetsmartinstaller_deu.exe 2014-06-26 02:18 - 2014-06-26 02:18 - 00000000 ____D () C:\Program Files (x86)\ESET 2014-06-26 02:06 - 2014-06-26 02:06 - 00001104 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-06-26 02:06 - 2014-06-26 02:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-06-26 02:06 - 2014-06-26 02:06 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-06-26 02:06 - 2014-06-26 02:06 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-06-26 02:02 - 2014-03-27 21:08 - 00000000 ____D () C:\Users\lance\AppData\Roaming\DiskDefrag 2014-06-26 02:01 - 2014-06-26 02:01 - 00003355 _____ () C:\Users\lance\Desktop\JRT.txt 2014-06-26 02:01 - 2014-01-11 07:30 - 00000000 ____D () C:\AdwCleaner 2014-06-26 01:59 - 2011-12-15 19:56 - 00000000 ____D () C:\Users\lance\AppData\Local\CrashDumps 2014-06-26 01:58 - 2014-06-26 01:58 - 00315392 _____ (Malwarebytes Corporation) C:\Users\lance\Downloads\mbam-clean-2.0.2.0.exe 2014-06-26 01:55 - 2014-06-26 01:55 - 01342659 _____ () C:\Users\lance\Downloads\adwcleaner_3.213.exe 2014-06-26 01:54 - 2014-06-26 01:54 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\lance\Downloads\mbam-setup-2.0.2.1012 (1).exe 2014-06-26 01:54 - 2014-06-26 01:54 - 01016261 _____ (Thisisu) C:\Users\lance\Downloads\JRT.exe 2014-06-26 01:54 - 2014-06-26 01:54 - 00000000 ____D () C:\Windows\ERUNT 2014-06-26 01:52 - 2014-06-26 01:52 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\lance\Downloads\mbam-setup-2.0.2.1012.exe 2014-06-26 01:47 - 2014-06-26 01:47 - 702295891 _____ () C:\Windows\MEMORY.DMP 2014-06-26 01:47 - 2014-06-26 01:47 - 00335776 _____ () C:\Windows\Minidump\062614-24367-01.dmp 2014-06-26 01:47 - 2012-04-01 21:39 - 00000000 ____D () C:\Windows\Minidump 2014-06-26 01:23 - 2013-10-12 21:13 - 00000000 ____D () C:\Users\lance\Documents\FIFA 14 2014-06-26 00:00 - 2014-01-19 20:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2014-06-25 23:59 - 2014-01-19 20:45 - 00001349 _____ () C:\Users\Public\Desktop\GeForce Experience.lnk 2014-06-25 23:58 - 2014-06-25 23:54 - 145417920 _____ (Intel Corporation) C:\Users\lance\Downloads\win64_152822.exe 2014-06-25 23:56 - 2011-12-11 02:04 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation 2014-06-25 23:50 - 2014-06-25 23:50 - 00000000 ____D () C:\NVIDIA 2014-06-25 23:50 - 2014-06-25 23:44 - 333878864 _____ (NVIDIA Corporation) C:\Users\lance\Downloads\337.88-notebook-win8-win7-64bit-international-whql (1).exe 2014-06-25 23:24 - 2014-06-25 23:24 - 00032512 _____ () C:\Windows\system32\Drivers\hitmanpro37.sys 2014-06-25 23:15 - 2014-06-25 23:15 - 00013356 _____ () C:\Users\lance\Desktop\hijackthis.log 2014-06-25 23:12 - 2009-07-14 07:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT 2014-06-25 20:19 - 2011-12-10 19:03 - 00000000 ____D () C:\Users\lance\AppData\Roaming\Skype 2014-06-23 16:05 - 2014-06-06 19:54 - 00000000 ____D () C:\Users\lance\AppData\Roaming\Lavasoft 2014-06-23 15:59 - 2014-06-22 15:53 - 00000000 ____D () C:\ProgramData\McAfee Security Scan 2014-06-23 14:56 - 2013-02-09 12:23 - 00005857 _____ () C:\Users\lance\Sti_Trace.log 2014-06-22 21:32 - 2014-06-22 21:32 - 00003136 _____ () C:\Windows\System32\Tasks\{4C6A2F2F-B96B-4BD2-BE35-5BE1433945B5} 2014-06-22 15:53 - 2014-02-07 13:07 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-06-22 15:53 - 2014-01-30 00:12 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-06-22 15:53 - 2014-01-30 00:12 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-06-22 15:49 - 2014-06-22 15:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2014-06-22 15:49 - 2014-06-12 21:28 - 00004104 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2014-06-22 15:48 - 2014-06-12 21:28 - 00003852 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2014-06-22 15:48 - 2011-04-13 04:33 - 00000000 ____D () C:\Program Files (x86)\Google 2014-06-21 23:45 - 2014-01-31 20:49 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-06-21 17:14 - 2014-06-21 18:24 - 00000030 _____ () C:\AVScanner.ini 2014-06-21 12:53 - 2014-06-21 12:53 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-06-20 16:24 - 2014-06-20 13:24 - 00000000 ____D () C:\Users\lance\Documents\Stronghold Crusader 2014-06-20 13:23 - 2014-06-20 13:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefly Studios 2014-06-20 13:23 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2014-06-20 13:21 - 2011-12-11 02:06 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information 2014-06-20 13:18 - 2012-10-02 18:19 - 00000000 ____D () C:\Users\lance\AppData\Roaming\DAEMON Tools Pro 2014-06-20 13:09 - 2014-05-19 18:44 - 00002986 _____ () C:\Windows\System32\Tasks\GU5SkipUAC 2014-06-20 13:09 - 2014-05-19 18:44 - 00002644 _____ () C:\Windows\System32\Tasks\GlaryInitialize 5 2014-06-20 13:09 - 2014-05-19 18:44 - 00001094 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk 2014-06-20 13:09 - 2014-05-19 18:44 - 00001082 _____ () C:\Users\Public\Desktop\Glary Utilities 5.lnk 2014-06-20 13:06 - 2014-06-04 14:56 - 00000390 _____ () C:\BackupLoader.ini 2014-06-19 22:24 - 2014-06-19 22:24 - 00000000 ____D () C:\Users\lance\Downloads\Stronghold_Crusader_HD_GERMAN-iND 2014-06-18 19:29 - 2012-02-02 03:23 - 00000000 ____D () C:\Program Files (x86)\Steam 2014-06-16 10:37 - 2014-05-19 19:14 - 00118048 _____ (Glarysoft Ltd) C:\Windows\system32\BootDefrag.exe 2014-06-16 09:27 - 2014-06-20 13:09 - 00017600 _____ (Glarysoft Ltd) C:\Windows\system32\Drivers\BootDefragDriver.sys 2014-06-15 03:01 - 2014-02-14 08:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013 2014-06-15 03:01 - 2013-04-20 14:29 - 00000000 ____D () C:\ProgramData\Microsoft Help 2014-06-15 02:26 - 2011-12-10 19:00 - 00000000 ____D () C:\Users\lance\AppData\Roaming\ICQ 2014-06-14 16:03 - 2012-10-10 09:26 - 00000000 ____D () C:\Windows\rescache 2014-06-11 03:13 - 2013-07-18 03:00 - 00000000 ____D () C:\Windows\system32\MRT 2014-06-11 03:09 - 2011-12-11 23:01 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-06-11 03:01 - 2014-05-06 14:15 - 00000000 ___SD () C:\Windows\system32\CompatTel 2014-06-08 20:56 - 2014-06-08 20:55 - 23103466 _____ () C:\Users\lance\Desktop\10371866_1510572839171521_1905598737_n.mp4 2014-06-08 17:02 - 2012-10-29 20:02 - 00000000 ____D () C:\Program Files (x86)\Xleaner 2014-06-08 16:55 - 2011-12-10 18:56 - 00000000 ____D () C:\Users\lance\AppData\Local\Google 2014-06-08 11:13 - 2014-06-11 01:06 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-06-08 11:08 - 2014-06-11 01:06 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-06-07 00:18 - 2011-12-11 02:21 - 00003548 _____ () C:\Windows\system32\AutoRunFilter.ini 2014-06-06 19:56 - 2014-06-06 19:56 - 00000000 ____D () C:\Users\lance\AppData\Roaming\LavasoftStatistics 2014-06-06 19:55 - 2014-06-06 19:55 - 00000000 ____D () C:\Program Files\Lavasoft 2014-06-06 19:53 - 2014-06-06 19:53 - 00000000 ____D () C:\ProgramData\Lavasoft 2014-06-05 21:29 - 2014-06-05 21:29 - 00000000 _____ () C:\Windows\setuperr.log 2014-06-05 13:02 - 2011-12-17 17:32 - 00000000 ____D () C:\Users\lance\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\xp-AntiSpy 2014-06-04 17:30 - 2014-05-24 01:34 - 00000000 ____D () C:\Users\lance\AppData\Roaming\Tropico 5 2014-06-04 15:44 - 2014-06-04 15:44 - 00033039 _____ () C:\ComboFix.txt 2014-06-04 15:44 - 2014-05-25 22:44 - 00000000 ____D () C:\Qoobox 2014-06-04 15:44 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default 2014-06-04 15:42 - 2014-05-25 22:43 - 00000000 ____D () C:\Windows\erdnt 2014-06-04 15:38 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini 2014-06-04 14:58 - 2014-06-04 14:58 - 00000000 __SHD () C:\Users\lance\AppData\Local\EmieUserList 2014-06-04 14:58 - 2014-06-04 14:58 - 00000000 __SHD () C:\Users\lance\AppData\Local\EmieSiteList 2014-06-04 14:19 - 2014-04-01 14:00 - 00000000 ____D () C:\ProgramData\HitmanPro 2014-06-04 12:30 - 2013-05-20 19:34 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2 2014-06-04 12:11 - 2014-06-04 12:11 - 00002772 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC 2014-06-04 12:11 - 2014-06-04 12:11 - 00000824 _____ () C:\Users\Public\Desktop\CCleaner.lnk 2014-06-04 12:11 - 2012-04-08 03:25 - 00000000 ____D () C:\Program Files\CCleaner 2014-06-04 12:09 - 2013-09-23 14:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PESEdit.com 2014 Patch 2014-06-04 10:09 - 2013-04-19 12:18 - 00000000 ____D () C:\ProgramData\BlueStacksSetup 2014-06-04 10:07 - 2014-06-04 10:07 - 00001829 _____ () C:\Users\Public\Desktop\Apps.lnk 2014-06-04 10:07 - 2014-06-04 10:07 - 00001809 _____ () C:\Users\Public\Desktop\Start BlueStacks.lnk 2014-06-04 10:07 - 2014-06-04 10:07 - 00000000 ____D () C:\Users\lance\AppData\Local\Bluestacks 2014-06-04 10:07 - 2014-06-04 10:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks 2014-06-04 10:07 - 2014-06-04 10:07 - 00000000 ____D () C:\ProgramData\BlueStacks 2014-06-04 10:07 - 2014-06-04 10:07 - 00000000 ____D () C:\Program Files (x86)\BlueStacks 2014-06-04 10:07 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Public\Libraries 2014-06-03 18:31 - 2014-06-03 18:28 - 00000000 ____D () C:\Users\lance\AppData\Local\Abelssoft 2014-06-03 18:29 - 2014-06-03 18:29 - 00000000 ____D () C:\Windows\System32\Tasks\Abelssoft 2014-06-03 18:23 - 2014-06-03 18:23 - 00070000 _____ () C:\Users\lance\Documents\cc_20140603_182326.reg 2014-05-30 12:21 - 2014-06-11 01:11 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-05-30 12:02 - 2014-06-11 01:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-05-30 12:02 - 2014-06-11 01:11 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-05-30 11:45 - 2014-06-11 01:11 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-05-30 11:39 - 2014-06-11 01:11 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-05-30 11:39 - 2014-06-11 01:11 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-05-30 11:38 - 2014-06-11 01:11 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-05-30 11:28 - 2014-06-11 01:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-05-30 11:27 - 2014-06-11 01:11 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-05-30 11:24 - 2014-06-11 01:11 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-05-30 11:21 - 2014-06-11 01:11 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-05-30 11:21 - 2014-06-11 01:11 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-05-30 11:20 - 2014-06-11 01:11 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-05-30 11:18 - 2014-06-11 01:11 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-05-30 11:11 - 2014-06-11 01:11 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-05-30 11:08 - 2014-06-11 01:11 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-05-30 11:06 - 2014-06-11 01:11 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-05-30 11:02 - 2014-06-11 01:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-05-30 10:55 - 2014-06-11 01:11 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-05-30 10:49 - 2014-06-11 01:11 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-05-30 10:46 - 2014-06-11 01:11 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-05-30 10:44 - 2014-06-11 01:11 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-05-30 10:44 - 2014-06-11 01:11 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-05-30 10:43 - 2014-06-11 01:11 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-05-30 10:42 - 2014-06-11 01:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-05-30 10:38 - 2014-06-11 01:11 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-05-30 10:35 - 2014-06-11 01:11 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-05-30 10:34 - 2014-06-11 01:11 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-05-30 10:33 - 2014-06-11 01:11 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-05-30 10:30 - 2014-06-11 01:11 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-05-30 10:29 - 2014-06-11 01:11 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-05-30 10:28 - 2014-06-11 01:11 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-05-30 10:27 - 2014-06-11 01:11 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-05-30 10:24 - 2014-06-11 01:11 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-05-30 10:23 - 2014-06-11 01:11 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-05-30 10:16 - 2014-06-11 01:11 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-05-30 10:10 - 2014-06-11 01:11 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-05-30 10:06 - 2014-06-11 01:11 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-05-30 10:04 - 2014-06-11 01:11 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-05-30 10:02 - 2014-06-11 01:11 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-05-30 09:56 - 2014-06-11 01:11 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-05-30 09:56 - 2014-06-11 01:11 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-05-30 09:54 - 2014-06-11 01:11 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-05-30 09:50 - 2014-06-11 01:11 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2014-05-30 09:49 - 2014-06-11 01:11 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-05-30 09:43 - 2014-06-11 01:11 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-05-30 09:40 - 2014-06-11 01:11 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-05-30 09:30 - 2014-06-11 01:11 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-05-30 09:21 - 2014-06-11 01:11 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-05-30 09:15 - 2014-06-11 01:11 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-05-30 09:13 - 2014-06-11 01:11 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-05-30 09:13 - 2014-06-11 01:11 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-05-29 02:44 - 2014-04-01 14:10 - 00021164 _____ () C:\Windows\system32\.crusader 2014-05-29 02:44 - 2014-01-31 20:49 - 00001161 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2014-05-29 02:33 - 2014-05-29 02:33 - 00000000 ____D () C:\ProgramData\TopApp soft 2014-05-29 02:33 - 2013-12-14 05:42 - 00000000 ____D () C:\ProgramData\InstallMate 2014-05-27 16:00 - 2013-11-24 22:44 - 00130584 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys Some content of TEMP: ==================== C:\Users\lance\AppData\Local\Temp\avgnt.exe C:\Users\lance\AppData\Local\Temp\nvStInst.exe C:\Users\lance\AppData\Local\Temp\Quarantine.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-06-20 17:16 ==================== End Of Log ============================ |
26.06.2014, 15:14 | #6 |
| Trojaner Verdacht - CPU im Leerlauf bei 50 - 100% AuslastungCode:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-06-2014 Ran by lance at 2014-06-26 16:12:55 Running from C:\Users\lance\Downloads Boot Mode: Normal ========================================================== ==================== Security Center ======================== AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859} AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4} AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0} ==================== Installed Programs ====================== Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated) Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.125 - Adobe Systems Incorporated) Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.7.148 - Adobe Systems, Inc.) Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 1.2.0117.08443 - Alcor Micro Corp.) Alcor Micro USB Card Reader (x32 Version: 1.2.0117.08443 - Alcor Micro Corp.) Hidden Allgemeine Runtime Files (x86) (HKLM\...\{1F6D1DB5-82B5-41A4-85A2-0A382C142A35}_is1) (Version: 1.0.3.4 - Sereby Corporation) ANNO 1404 - Venedig (HKLM-x32\...\{A07B2C21-863B-47AB-AE7E-20BB00BD7D33}) (Version: 2.01.5010 - Ubisoft) ANNO 1404 (HKLM-x32\...\{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775}) (Version: 1.02.0000 - Ubisoft) Anno 1404 (x32 Version: 1.00.0000 - Ubisoft) Hidden Applian FLV and Media Player 3.1.1.12 (HKLM-x32\...\Applian FLV and Media Player) (Version: 3.1.1.12 - Applian Technologies) ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.10 - Michael Tippach) Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.6.3.0 - Asmedia Technology) Assassin's Creed III 1.01 (HKLM-x32\...\{9D15E813-0C26-41E7-ABC5-3EB06FF1B3CF}) (Version: 1.01 - Ubisoft) ASUS AI Recovery (HKLM-x32\...\{38253529-D97D-4901-AE53-5CC9736D3A2E}) (Version: 1.0.13 - ASUS) ASUS FancyStart (HKLM-x32\...\{2B81872B-A054-48DA-BE3B-FA5C164C303A}) (Version: 1.1.0 - ASUSTeK Computer Inc.) ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.0.30 - ASUS) ASUS Power4Gear Hybrid (HKLM\...\{33B98264-A889-4913-A0CA-C364A75032B3}) (Version: 1.1.45 - ASUS) ASUS SmartLogon (HKLM-x32\...\{64452561-169F-4A36-A2FF-B5E118EC65F5}) (Version: 1.0.0011 - ASUS) ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.02.0033 - ASUS) ASUS USB Charger Plus (HKLM-x32\...\{AECA3622-E634-4A55-A696-70A511CBE06E}) (Version: 2.0.2 - AsusTek Computer Inc.) ASUS Video Magic (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 6.0.4710 - CyberLink Corp.) ASUS Video Magic (x32 Version: 6.0.4710 - CyberLink Corp.) Hidden ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.26 - ASUS) ASUS WebStorage (HKLM-x32\...\ASUS WebStorage) (Version: 3.0.84.161 - eCareme Technologies, Inc.) AsusScr_N5_En (HKLM-x32\...\AsusScr_N5_En) (Version: 1.0.0001 - ASUS) AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.10.168 - ASUSTEK) Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 7.0 - Atheros) ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0023 - ASUS) Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.5.450 - Avira) Batman Arkham City version 1.0 (HKLM-x32\...\{B531E735-8ED5-4270-ACCE-3809086FBD02}_is1) (Version: 1.0 - WB Games) Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.0.0.0 - Electronic Arts) BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.8.10.3096 - BlueStack Systems, Inc.) BlueStacks Notification Center (HKLM-x32\...\{0BED0B96-70B8-4893-884B-DC485DC8C1B7}) (Version: 0.8.10.3096 - BlueStack Systems, Inc.) Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.2.0.65 - Atheros Communications) Bookworm Deluxe (HKLM-x32\...\Bookworm Deluxe) (Version: - Oberon Media Inc.) Call of Duty Modern Warfare 3 (c) Activision version 1 (HKLM-x32\...\Call of Duty Modern Warfare 3 (c) Activision_is1) (Version: 1 - ) Call of Duty(R) - World at War(TM) (HKLM-x32\...\InstallShield_{D80A6A73-E58A-4673-AFF5-F12D7110661F}) (Version: 1.0 - Activision) Call of Duty(R) - World at War(TM) (x32 Version: 1.0 - Activision) Hidden CCleaner (HKLM\...\CCleaner) (Version: 4.14 - Piriform) Company of Heroes - FAKEMSI (x32 Version: 2.0.0.0 - THQ Inc.) Hidden ConvertHelper 2.2 (HKLM-x32\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1) (Version: - DownloadHelper) Cooking Dash (HKLM-x32\...\Cooking Dash) (Version: - Oberon Media Inc.) Counter-Strike (HKLM-x32\...\Steam App 10) (Version: - Valve) Counter-Strike: Global Offensive - SDK (HKLM-x32\...\Steam App 745) (Version: - ) Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - ) Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version: - Valve) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden DAEMON Tools Pro (HKLM-x32\...\DAEMON Tools Pro) (Version: 5.4.0.0377 - Disc Soft Ltd) Day of Defeat (HKLM-x32\...\Steam App 30) (Version: - Valve) Day of Defeat: Source (HKLM-x32\...\Steam App 300) (Version: - Valve) Deckadance (HKLM-x32\...\Deckadance) (Version: 2.0 - Image-Line) Definition Update for Microsoft Office 2013 (KB2760587) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{AD09282B-E878-4C2C-914D-E67475E4729C}) (Version: - Microsoft) DH Driver Cleaner Professional Edition (HKLM-x32\...\Driver Cleaner Pro) (Version: Version 1.5 - Ruud Ketelaars) DHTML Editing Component (HKLM-x32\...\{2EA870FA-585F-4187-903D-CB9FFD21E2E0}) (Version: 6.02.0001 - Microsoft Corporation) Die Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.63.5 - Electronic Arts) Die Sims™ 3 Diesel Accessoires (HKLM-x32\...\{1C9B6173-6DC9-4EEE-9EFC-6BA115CFBE43}) (Version: 14.0.48 - Electronic Arts) Die Sims™ 3 Luxus-Accessoires (HKLM-x32\...\{71828142-5A24-4BD0-97E7-976DA08CE6CF}) (Version: 3.0.38 - Electronic Arts) Die Sims™ 3 Traumkarrieren (HKLM-x32\...\{910F4A29-1134-49E0-AD8B-56E4A3152BD1}) (Version: 4.0.87 - Electronic Arts) Druckerdeinstallation für EPSON SX125 Series (HKLM\...\EPSON SX125 Series) (Version: - SEIKO EPSON Corporation) EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation) ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - ) Fast Boot (HKLM\...\{13F4A7F3-EABC-4261-AF6B-1317777F0755}) (Version: 1.0.9 - ASUS) FIFA 14 (HKLM-x32\...\{7A6577E7-F341-430F-9173-91E14E2DE270}) (Version: 1.0.0.0 - Electronic Arts) FIFA 14 (HKLM-x32\...\{7A6577E7-F341-430F-9173-91E14E2DE270}_is1) (Version: 1.0 - Electronic Arts) Futuremark SystemInfo (HKLM-x32\...\{BEE64C14-BEF1-4610-8A68-A16EAA47B882}) (Version: 4.9.0 - Futuremark Corporation) Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Game Park Console (HKLM-x32\...\{E71E60C1-533E-45A5-8D80-E475E88D2B17}_is1) (Version: 6.2.1.1 - Oberon Media, Inc.) Glary Utilities PRO 5.2 (HKLM-x32\...\Glary Utilities 5) (Version: 5.2.0.5 - Glarysoft Ltd) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 36.0.1985.97 - Google Inc.) Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.9.216 - SurfRight B.V.) ICQ7.7 (HKLM-x32\...\{77F665FD-3F60-4B0A-AE14-EC124B7A7FCE}) (Version: 7.7 - ICQ) InstantOn (HKLM-x32\...\{749F674B-2674-47E8-879C-5626A06B2A91}) (Version: 2.1.0 - ASUS) Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1118 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3517 - Intel Corporation) Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation) Intel(R) Turbo Boost Technology Monitor 2.0 (HKLM\...\{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}) (Version: 2.1.23.0 - Intel) Java 7 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.600 - Oracle) Java Auto Updater (x32 Version: 2.1.60.19 - Oracle, Inc.) Hidden Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden LEGO MARVEL Super Heroes (HKLM-x32\...\LEGO MARVEL Super Heroes_is1) (Version: - Warner Bros. Games) Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation) Max Payne 3 (HKLM-x32\...\{1AA94747-3BF6-4237-9E1A-7B3067738FE1}) (Version: 1.0.0.0 - Rockstar Games) Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden Microsoft Access MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden Microsoft DCF MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden Microsoft Excel MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation) Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation) Microsoft Groove MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden Microsoft InfoPath MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden Microsoft Lync MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden Microsoft Office 32-bit Components 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden Microsoft Office Korrekturhilfen 2013 - Deutsch (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden Microsoft Office OSM MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden Microsoft Office OSM UX MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation) Microsoft Office Professional Plus 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden Microsoft Office Proofing (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden Microsoft Office Proofing Tools 2013 - English (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden Microsoft Office Proofing Tools 2013 - Italiano (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden Microsoft Office Shared 32-bit MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden Microsoft Office Shared MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden Microsoft OneNote MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden Microsoft Outlook MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden Microsoft PowerPoint MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden Microsoft Publisher MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual Basic PowerPacks 10.0 (HKLM-x32\...\{2D9F8079-7D50-3EFD-B3BD-ED642E4EE756}) (Version: 10.0.20911 - Microsoft) Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{09298F26-A95C-31E2-9D95-2C60F586F075}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation) Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden Microsoft Visual J# 2.0 Redistributable Package (HKLM-x32\...\Microsoft Visual J# 2.0 Redistributable Package) (Version: - Microsoft Corporation) Microsoft Visual J# 2.0 Redistributable Package (x32 Version: 2.0.50727 - Microsoft Corporation) Hidden Microsoft Word MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.) Mozilla Firefox 30.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 de)) (Version: 30.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla) MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) nHancer (HKLM-x32\...\nHancer) (Version: 2.5.0900 - KSE) nHancer (Version: 2.5.0900 - KSE) Hidden Nuance PDF Reader (HKLM-x32\...\{B480904D-F73F-4673-B034-8A5F492C9184}) (Version: 6.00.0041 - Nuance Communications, Inc.) NVIDIA 3D Vision Treiber 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 337.88 - NVIDIA Corporation) NVIDIA GeForce Experience 2.0.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.0.1 - NVIDIA Corporation) NVIDIA Grafiktreiber 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 337.88 - NVIDIA Corporation) NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation) NVIDIA Install Application (Version: 2.1002.154.1168 - NVIDIA Corporation) Hidden NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden NVIDIA Optimus Update 12.4.67 (Version: 12.4.67 - NVIDIA Corporation) Hidden NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation) NVIDIA ShadowPlay 12.4.67 (Version: 12.4.67 - NVIDIA Corporation) Hidden NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6514 - NVIDIA Corporation) Hidden NVIDIA Systemsteuerung 337.88 (Version: 337.88 - NVIDIA Corporation) Hidden NVIDIA Update 12.4.67 (Version: 12.4.67 - NVIDIA Corporation) Hidden NVIDIA Update Core (Version: 12.4.67 - NVIDIA Corporation) Hidden NVIDIA Virtual Audio 1.2.23 (Version: 1.2.23 - NVIDIA Corporation) Hidden OpenAL (HKLM-x32\...\OpenAL) (Version: - ) Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden Paint.NET v3.5.11 (HKLM\...\{72EF03F5-0507-4861-9A44-D99FD4C41418}) (Version: 3.61.0 - dotPDN LLC) Panzerkrieg Bundle (HKLM-x32\...\Panzerkrieg Bundle) (Version: 1.00 - United Publishing Interactive Ltd.) Plants vs Zombies (HKLM-x32\...\Plants vs Zombies) (Version: - Oberon Media Inc.) Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6526 - Realtek Semiconductor Corp.) Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.0.9.5 - Rockstar Games) Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft) Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version: - Microsoft) Hidden SHIELD Streaming (Version: 2.1.108 - NVIDIA Corporation) Hidden Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.) SonicMaster (HKLM-x32\...\{09BCB9CE-964B-4BDA-AE46-B5A0ABEF1D3F}) (Version: 1.0.0.4 - Synopsys) Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.0.12 - Safer-Networking Ltd.) Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation) Stronghold Crusader HD (HKLM-x32\...\{8C3727F2-8E37-49E4-820C-03B1677F53B6}) (Version: 1.30.0000 - Firefly Studios) swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.6.0 - Synaptics Incorporated) syncables desktop SE (HKLM-x32\...\{341697D8-9923-445E-B42A-529E5A99CB7A}) (Version: 5.5.746.11492 - syncables) System Requirements Lab for Intel (HKLM-x32\...\{04C4B49D-45D9-4A28-9ED1-B45CBD99B8C7}) (Version: 4.5.24.0 - Husdawg, LLC) TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.10 - TeamSpeak Systems GmbH) Tropico 5 (HKLM-x32\...\Tropico 5_is1) (Version: 1.0 - ADDONiA) TuneUp Utilities 2013 (x32 Version: 13.0.3000.132 - TuneUp Software) Hidden TuneUp Utilities Language Pack (de-DE) (x32 Version: 13.0.3000.132 - TuneUp Software) Hidden Tweaking.com - Windows Repair (All in One) (HKLM-x32\...\Tweaking.com - Windows Repair (All in One)) (Version: 2.7.5 - Tweaking.com) Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT) Update for Microsoft Excel 2013 (KB2881014) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D8C78DED-3543-449A-8E3E-9391643EBB0E}) (Version: - Microsoft) Update for Microsoft Excel 2013 (KB2881014) 64-Bit Edition (HKLM\...\{90150000-0016-0407-1000-0000000FF1CE}_Office15.PROPLUS_{D8C78DED-3543-449A-8E3E-9391643EBB0E}) (Version: - Microsoft) Update for Microsoft Excel 2013 (KB2881014) 64-Bit Edition (HKLM\...\{90150000-0018-0407-1000-0000000FF1CE}_Office15.PROPLUS_{D8C78DED-3543-449A-8E3E-9391643EBB0E}) (Version: - Microsoft) Update for Microsoft Excel 2013 (KB2881014) 64-Bit Edition (HKLM\...\{90150000-001B-0407-1000-0000000FF1CE}_Office15.PROPLUS_{D8C78DED-3543-449A-8E3E-9391643EBB0E}) (Version: - Microsoft) Update for Microsoft Excel 2013 (KB2881014) 64-Bit Edition (HKLM\...\{90150000-00C1-0407-1000-0000000FF1CE}_Office15.PROPLUS_{D8C78DED-3543-449A-8E3E-9391643EBB0E}) (Version: - Microsoft) Update for Microsoft Lync 2013 (KB2850074) 64-Bit Edition (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.PROPLUS_{CE9A9D7C-B6FB-4F6C-8BDE-9A1ADBBAC1EE}) (Version: - Microsoft) Update for Microsoft Office 2013 (KB2760344) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{EF77B4A6-DFEC-4010-A87D-9B6BF87FABEC}) (Version: - Microsoft) Update for Microsoft Office 2013 (KB2760544) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{62857CDD-2985-4939-91BA-19ED0B0031A5}) (Version: - Microsoft) Update for Microsoft Office 2013 (KB2768012) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{0814662C-FD28-4DE0-ACE5-EE50D1D6C8FB}) (Version: - Microsoft) Update for Microsoft Office 2013 (KB2817302) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{E79EFFDB-192A-4D9E-A2DB-C0F774E6EC32}) (Version: - Microsoft) Update for Microsoft Office 2013 (KB2817302) 64-Bit Edition (HKLM\...\{90150000-0016-0407-1000-0000000FF1CE}_Office15.PROPLUS_{E79EFFDB-192A-4D9E-A2DB-C0F774E6EC32}) (Version: - Microsoft) Update for Microsoft Office 2013 (KB2826040) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{C4AEA56A-0759-4D08-9FAB-31A92137D0B8}) (Version: - Microsoft) Update for Microsoft Office 2013 (KB2837644) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D692E9FF-84BF-4F44-A0EA-D58ECE0D538E}) (Version: - Microsoft) Update for Microsoft Office 2013 (KB2863843) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{290D80DE-03AB-47EC-9402-108AF4CE4F66}) (Version: - Microsoft) Update for Microsoft Office 2013 (KB2878313) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{98821750-2C79-4A07-9AE9-D2536FD9491D}) (Version: - Microsoft) Update for Microsoft Office 2013 (KB2880457) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{EC2AF602-2730-4B05-9438-06CDE43153F2}) (Version: - Microsoft) Update for Microsoft Office 2013 (KB2880462) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{24584DD4-C680-4FEB-A464-D760C7A5B041}) (Version: - Microsoft) Update for Microsoft Office 2013 (KB2880462) 64-Bit Edition (HKLM\...\{90150000-006E-0407-1000-0000000FF1CE}_Office15.PROPLUS_{24584DD4-C680-4FEB-A464-D760C7A5B041}) (Version: - Microsoft) Update for Microsoft Office 2013 (KB2880462) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{24584DD4-C680-4FEB-A464-D760C7A5B041}) (Version: - Microsoft) Update for Microsoft Office 2013 (KB2880464) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{88B29AA5-71EE-4692-91E2-E89407F0B783}) (Version: - Microsoft) Update for Microsoft Office 2013 (KB2880476) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D3FC5B59-0F86-4B9A-94DF-FC213DF4FA63}) (Version: - Microsoft) Update for Microsoft Office 2013 (KB2880476) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D3FC5B59-0F86-4B9A-94DF-FC213DF4FA63}) (Version: - Microsoft) Update for Microsoft Office 2013 (KB2880478) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{8116ED50-F1E7-49E1-9D8D-421497D34B0F}) (Version: - Microsoft) Update for Microsoft Office 2013 (KB2880991) 64-Bit Edition (HKLM\...\{90150000-001F-0407-1000-0000000FF1CE}_Office15.PROPLUS_{B386BAA9-7D92-450E-B43E-BD96B01ADEC0}) (Version: - Microsoft) Update for Microsoft Office 2013 (KB2880991) 64-Bit Edition (HKLM\...\{90150000-001F-0409-1000-0000000FF1CE}_Office15.PROPLUS_{F6CE638B-5A06-4EDD-A1FA-BFA827D14071}) (Version: - Microsoft) Update for Microsoft Office 2013 (KB2880991) 64-Bit Edition (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}_Office15.PROPLUS_{927B47DF-91B2-4EBF-9B66-43B2C95E41BF}) (Version: - Microsoft) Update for Microsoft Office 2013 (KB2880991) 64-Bit Edition (HKLM\...\{90150000-001F-0410-1000-0000000FF1CE}_Office15.PROPLUS_{7BD6AF81-49D4-482A-8CDD-90B4031627F2}) (Version: - Microsoft) Update for Microsoft Office 2013 (KB2881035) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{885C981B-F1E3-430A-A099-31CA9D28C251}) (Version: - Microsoft) Update for Microsoft Office 2013 (KB2881035) 64-Bit Edition (HKLM\...\{90150000-0016-0407-1000-0000000FF1CE}_Office15.PROPLUS_{885C981B-F1E3-430A-A099-31CA9D28C251}) (Version: - Microsoft) Update for Microsoft Office 2013 (KB2881035) 64-Bit Edition (HKLM\...\{90150000-0090-0407-1000-0000000FF1CE}_Office15.PROPLUS_{885C981B-F1E3-430A-A099-31CA9D28C251}) (Version: - Microsoft) Update for Microsoft OneDrive for Business (KB2881018) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{F0B3B3E0-40AC-4339-83F7-735DD302ADDE}) (Version: - Microsoft) Update for Microsoft OneDrive for Business (KB2881018) 64-Bit Edition (HKLM\...\{90150000-00BA-0407-1000-0000000FF1CE}_Office15.PROPLUS_{F0B3B3E0-40AC-4339-83F7-735DD302ADDE}) (Version: - Microsoft) Update for Microsoft OneDrive for Business (KB2881018) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{F0B3B3E0-40AC-4339-83F7-735DD302ADDE}) (Version: - Microsoft) Update for Microsoft OneDrive for Business (KB2881018) 64-Bit Edition (HKLM\...\{90150000-00C1-0407-1000-0000000FF1CE}_Office15.PROPLUS_{F0B3B3E0-40AC-4339-83F7-735DD302ADDE}) (Version: - Microsoft) Update for Microsoft OneNote 2013 (KB2880458) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D2CD59AB-CA83-44D4-AEF8-E49A3FE8FD7F}) (Version: - Microsoft) Update for Microsoft OneNote 2013 (KB2880458) 64-Bit Edition (HKLM\...\{90150000-00A1-0407-1000-0000000FF1CE}_Office15.PROPLUS_{D2CD59AB-CA83-44D4-AEF8-E49A3FE8FD7F}) (Version: - Microsoft) Update for Microsoft OneNote 2013 (KB2880458) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D2CD59AB-CA83-44D4-AEF8-E49A3FE8FD7F}) (Version: - Microsoft) Update for Microsoft Outlook 2013 (KB2880470) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{34A169EC-990A-4DAE-AC65-9F981158B7DB}) (Version: - Microsoft) Update for Microsoft Outlook 2013 (KB2880470) 64-Bit Edition (HKLM\...\{90150000-001A-0407-1000-0000000FF1CE}_Office15.PROPLUS_{34A169EC-990A-4DAE-AC65-9F981158B7DB}) (Version: - Microsoft) Update for Microsoft PowerPoint 2013 (KB2881000) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D3F7B995-360E-406A-B74B-5EA682159985}) (Version: - Microsoft) Update for Microsoft PowerPoint 2013 (KB2881000) 64-Bit Edition (HKLM\...\{90150000-0018-0407-1000-0000000FF1CE}_Office15.PROPLUS_{D3F7B995-360E-406A-B74B-5EA682159985}) (Version: - Microsoft) Update for Microsoft Publisher 2013 (KB2726952) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{03B2C707-503D-4979-8322-CA92C45AD6B4}) (Version: - Microsoft) Update for Microsoft Publisher 2013 (KB2726952) 64-Bit Edition (HKLM\...\{90150000-0019-0407-1000-0000000FF1CE}_Office15.PROPLUS_{03B2C707-503D-4979-8322-CA92C45AD6B4}) (Version: - Microsoft) Update for Microsoft Visio Viewer 2013 (KB2817301) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{8E5CD68A-CDF8-4930-88DF-B7778B1871A9}) (Version: - Microsoft) Update for Microsoft Visio Viewer 2013 (KB2817301) 64-Bit Edition (HKLM\...\{90150000-006E-0407-1000-0000000FF1CE}_Office15.PROPLUS_{8E5CD68A-CDF8-4930-88DF-B7778B1871A9}) (Version: - Microsoft) Update for Microsoft Word 2013 (KB2878319) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{BC51FE30-3A56-4802-8D9E-E9BC05B56B49}) (Version: - Microsoft) Update for Microsoft Word 2013 (KB2881005) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{125BAFEC-EB26-45C3-B97A-475162C6BDC0}) (Version: - Microsoft) Update for Microsoft Word 2013 (KB2881005) 64-Bit Edition (HKLM\...\{90150000-001A-0407-1000-0000000FF1CE}_Office15.PROPLUS_{125BAFEC-EB26-45C3-B97A-475162C6BDC0}) (Version: - Microsoft) Update for Microsoft Word 2013 (KB2881005) 64-Bit Edition (HKLM\...\{90150000-001B-0407-1000-0000000FF1CE}_Office15.PROPLUS_{125BAFEC-EB26-45C3-B97A-475162C6BDC0}) (Version: - Microsoft) Update for Microsoft Word 2013 (KB2881005) 64-Bit Edition (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.PROPLUS_{125BAFEC-EB26-45C3-B97A-475162C6BDC0}) (Version: - Microsoft) VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden Veetle TV (HKLM-x32\...\Veetle TV) (Version: 0.9.19 - Veetle, Inc) VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN) Winamp (HKLM-x32\...\Winamp) (Version: 5.622 - Nullsoft, Inc) Winamp Erkennungs-Plug-in (HKCU\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc) Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation) Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Family Safety (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Language Selector (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (HKLM-x32\...\{C32CE55C-12BA-4951-8797-0967FDEF556F}) (Version: 15.4.5722.2 - Microsoft Corporation) Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation) Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation) Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}) (Version: 15.4.5722.2 - Microsoft Corporation) Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden Windows Live Messenger (x32 Version: 15.4.3538.0513 - Корпорация Майкрософт) Hidden Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live 影像中心 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live 程式集 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp) Windows Mobile-Gerätecenter (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation) WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.31.1 - ASUS) WinRAR 5.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH) Wireless Console 3 (HKLM-x32\...\{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}) (Version: 3.0.19 - ASUS) World of Goo (HKLM-x32\...\World of Goo) (Version: - Oberon Media Inc.) Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden بريد Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden معرض صور Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden ==================== Restore Points ========================= ==================== Hosts content: ========================== 2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= Task: {036C3DDC-1960-4353-8165-16828AC3A55C} - System32\Tasks\{8A951444-42E9-49EA-A0F7-F2FC8BB7C838} => C:\Users\lance\Downloads\epson374893eu (1).exe Task: {0E1E98F2-CC40-4CDD-A32D-D700B5D7A12C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-06-22] (Google Inc.) Task: {0E667613-6D23-4778-8B2B-0BE0B9350F13} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2013\OneClick.exe Task: {11807DF7-3F78-41BA-AB49-E2D62A9FFE4D} - System32\Tasks\{EE45B575-CB3B-403B-8C8F-EA466FDEB03D} => C:\Users\lance\Downloads\epson374893eu (1).exe Task: {1438FA8D-114C-48E4-9110-478CA2CCA03B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-06-22] (Adobe Systems Incorporated) Task: {16EAAAF3-3458-4D2A-89AA-B609A73B4E94} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation) Task: {1C7A7057-6C2F-4987-B132-86FC7075F361} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation) Task: {264D167F-1121-4F83-B37D-6748A7715CDE} - System32\Tasks\ASUS P4G => C:\Program Files\P4G\BatteryLife.exe [2011-06-01] (ASUS) Task: {2BFA372B-9ED0-43A0-BE5E-70F329472CA0} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe [2010-11-20] (Microsoft Corporation) Task: {2C59A3C6-0824-4037-AA96-9E587C108AD2} - System32\Tasks\GU5SkipUAC => C:\Program Files (x86)\Glary Utilities 5\Integrator.exe [2014-06-16] (Glarysoft Ltd) Task: {3673727A-19D7-424F-9775-549F48DEF4D6} - System32\Tasks\ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2012-09-14] (ASUSTek Computer Inc.) Task: {3A7FE4D6-D2C9-44C4-A968-610F2F585F9E} - System32\Tasks\GlaryInitialize 5 => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe [2014-06-16] (Glarysoft Ltd) Task: {47683003-C086-4ED1-8276-69B6D62A11CC} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation) Task: {66285C91-5B4A-4BB7-A4E5-446524EC8E09} - System32\Tasks\{B28E42AC-E7E5-45A0-AFBC-6AB90D8F2C32} => C:\Users\lance\Downloads\epson374893eu (1).exe Task: {691A4EDD-14D0-40E3-82F0-E459024217FE} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe Task: {731A2881-1CAB-4DE8-BADD-6CA159B2C510} - System32\Tasks\ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2011-05-30] (ASUS) Task: {8E3364BF-2587-4ADC-A3F8-F1F00A4C1EAE} - System32\Tasks\{EAB89D30-1FBA-4D61-84E1-EAD36C255BC1} => Chrome.exe hxxp://ui.skype.com/ui/0/6.3.0.107/de/abandoninstall?source=lightinstaller&page=tsMain Task: {9AD9F545-B2A6-49A0-8B59-154B7DB1FE11} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-06-22] (Google Inc.) Task: {A30FEA26-72F9-40B2-8723-56325EF0699F} - System32\Tasks\{BB7E9358-E8F8-406C-BCD8-B18C03D4A195} => C:\Users\lance\Downloads\epson374893eu (1).exe Task: {AD332869-E2AF-4F38-8726-E9301263F72D} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe Task: {B6915C49-25DF-48CD-A290-111B64116C13} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe Task: {CA51CE12-4727-4B7B-A967-27B90F470078} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-05-07] (Oracle Corporation) Task: {CEAD1883-9D03-42E6-BCB6-11893EF88E91} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-05-20] (Piriform Ltd) Task: {D01738A6-E229-4316-98FD-B2C0A9430A03} - \FoxTab No Task File <==== ATTENTION Task: {D9274D85-2C5C-4B88-A0A4-3BD153A6B4D6} - System32\Tasks\ASUS SmartLogon Console Sensor => C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe [2010-11-15] (ASUS) Task: {DA5CF95C-BAAC-4ADF-9EB6-08565D8821D1} - System32\Tasks\USBChargerPlus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2011-06-18] (ASUSTek Computer Inc.) Task: {E9C174B9-9720-485F-9E81-93DD77611CC0} - System32\Tasks\Abelssoft\CheckDriveBackgroundGuard => C:\Program Files (x86)\CheckDrive\CheckDriveBackgroundGuard.exe Task: {F7732ADE-D611-4AD2-AE08-C46D05E2EE1F} - System32\Tasks\Auto Re-Aktivierung => C:\Windows\Re-Aktivierung\TriggerKMS.exe Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GlaryInitialize 5.job => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2014-04-24 23:56 - 2014-05-20 03:25 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2010-07-15 02:11 - 2010-07-15 02:11 - 00031360 _____ () C:\Program Files\P4G\DevMng.dll 2011-07-12 10:14 - 2011-05-05 14:30 - 00057640 _____ () C:\Program Files\Synaptics\SynTP\SynTPEnhPS.dll 2011-07-12 10:13 - 2011-04-10 04:40 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll 2010-09-24 02:53 - 2010-09-24 02:53 - 01601536 _____ () C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe 2014-06-04 01:19 - 2014-05-20 04:44 - 00012120 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll 2011-05-30 23:48 - 2011-05-30 23:48 - 00009216 _____ () C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll 2013-05-20 19:34 - 2012-11-13 14:06 - 00108960 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl 2013-05-20 19:34 - 2012-11-13 14:06 - 00416160 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl 2013-05-20 19:34 - 2012-11-13 14:06 - 00158624 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl 2013-05-20 19:34 - 2012-08-23 09:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll 2013-05-20 19:34 - 2012-11-13 14:06 - 00528288 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\JSDialogPack150.bpl 2014-06-16 10:37 - 2014-06-16 10:37 - 00080160 _____ () C:\Program Files (x86)\Glary Utilities 5\zlib1.dll 2014-06-26 03:30 - 2014-06-25 04:35 - 00718664 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.97\libglesv2.dll 2014-06-26 03:30 - 2014-06-25 04:35 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.97\libegl.dll 2014-06-26 03:30 - 2014-06-25 04:35 - 08537928 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.97\pdf.dll 2014-06-26 03:30 - 2014-06-25 04:35 - 00353096 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.97\ppGoogleNaClPluginChrome.dll 2014-06-26 03:30 - 2014-06-25 04:35 - 01732936 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.97\ffmpegsumo.dll ==================== Alternate Data Streams (whitelisted) ========= AlternateDataStreams: C:\ProgramData\Temp:373E1720 AlternateDataStreams: C:\Users\lance\Downloads\email_18604_20120419024301.eml:OECustomProperty AlternateDataStreams: C:\Users\lance\Downloads\email_18619_20120419024243.eml:OECustomProperty AlternateDataStreams: C:\Users\lance\Downloads\email_18642_20120419024206.eml:OECustomProperty AlternateDataStreams: C:\Users\lance\Downloads\email_20466_20120226100309.eml:OECustomProperty AlternateDataStreams: C:\Users\lance\Downloads\email_20467_20120226101645.eml:OECustomProperty AlternateDataStreams: C:\Users\lance\Downloads\email_21537_20120426201901.eml:OECustomProperty AlternateDataStreams: C:\Users\lance\Downloads\email_22244_20120601160044.eml:OECustomProperty AlternateDataStreams: C:\Users\lance\Downloads\email_23636_20120804220742.eml:OECustomProperty AlternateDataStreams: C:\Users\lance\Downloads\email_23638_20120804222330.eml:OECustomProperty AlternateDataStreams: C:\Users\lance\Downloads\email_23638_20120804223530.eml:OECustomProperty AlternateDataStreams: C:\Users\lance\Downloads\email_23652_20120805180018.eml:OECustomProperty AlternateDataStreams: C:\Users\lance\Downloads\email_30058_20130517024101.eml:OECustomProperty ==================== Safe Mode (whitelisted) =================== ==================== EXE Association (whitelisted) ============= ==================== MSCONFIG/TASK MANAGER disabled items ========= MSCONFIG\Services: LavasoftAdAwareService11 => 2 MSCONFIG\Services: UxTuneUp => 3 MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^FancyStart daemon.lnk => C:\Windows\pss\FancyStart daemon.lnk.CommonStartup MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup MSCONFIG\startupfolder: C:^Users^lance^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Facebook Messenger.lnk => C:\Windows\pss\Facebook Messenger.lnk.Startup MSCONFIG\startupfolder: C:^Users^lance^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.3.lnk => C:\Windows\pss\OpenOffice.org 3.3.lnk.Startup MSCONFIG\startupreg: AdAwareTray => "C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareTray.exe" MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" MSCONFIG\startupreg: Akamai NetSession Interface => "C:\Users\lance\AppData\Local\Akamai\netsession_win.exe" MSCONFIG\startupreg: AlcoholAutomount => "C:\Program Files (x86)\Alcohol Soft\Alcohol 120\axcmd.exe" /automount MSCONFIG\startupreg: AmIcoSinglun64 => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe MSCONFIG\startupreg: ASUS Screen Saver Protector => C:\Windows\AsScrPro.exe MSCONFIG\startupreg: ATKMEDIA => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe MSCONFIG\startupreg: ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe MSCONFIG\startupreg: BlueStacks Agent => C:\Program Files (x86)\BlueStacks\HD-Agent.exe MSCONFIG\startupreg: DAEMON Tools Pro Agent => "C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe" -autorun MSCONFIG\startupreg: EPSON SX125 Series => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIGGE.EXE /FU "C:\Windows\TEMP\E_SFA28.tmp" /EF "HKCU" MSCONFIG\startupreg: Google Update => "C:\Users\lance\AppData\Local\Google\Update\GoogleUpdate.exe" /c MSCONFIG\startupreg: GUDelayStartup => "C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe" -delayrun MSCONFIG\startupreg: HControlUser => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe MSCONFIG\startupreg: icq => C:\Users\lance\AppData\Roaming\ICQM\icq.exe -CU MSCONFIG\startupreg: L => MSCONFIG\startupreg: Nuance PDF Reader-reminder => "C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF Reader\Ereg\Ereg.ini" MSCONFIG\startupreg: Ocs_SM => C:\Users\lance\AppData\Roaming\OCS\SM\SearchAnonymizer.exe MSCONFIG\startupreg: ONAIR => C:\Program Files\ONAIR\ONAIR.exe MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s MSCONFIG\startupreg: SDTray => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun MSCONFIG\startupreg: Spybot-S&D Cleaning => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent MSCONFIG\startupreg: UpdateLBPShortCut => "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5" MSCONFIG\startupreg: UpdateP2GoShortCut => "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0" MSCONFIG\startupreg: uTorrent => "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED MSCONFIG\startupreg: WinampAgent => "C:\Program Files (x86)\Winamp\winampa.exe" ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (06/26/2014 04:12:01 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (06/26/2014 03:41:27 PM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (EventID: 1) (User: ) Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008] Error: (06/26/2014 02:43:02 PM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (EventID: 1) (User: ) Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008] Error: (06/26/2014 11:30:16 AM) (Source: .NET Runtime Optimization Service) (EventID: 1103) (User: ) Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_64) - Tried to start a service that wasn't the latest version of CLR Optimization service. Will shutdown Error: (06/26/2014 11:30:16 AM) (Source: .NET Runtime Optimization Service) (EventID: 1103) (User: ) Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Tried to start a service that wasn't the latest version of CLR Optimization service. Will shutdown Error: (06/26/2014 11:22:28 AM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (EventID: 1) (User: ) Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008] Error: (06/26/2014 11:09:58 AM) (Source: WinMgmt) (EventID: 4) (User: ) Description: 0x8004401eC:\WINDOWS\SYSTEM32\WBEM\AR-SA\MSFEEDS.MFL Error: (06/26/2014 11:09:58 AM) (Source: WinMgmt) (EventID: 4) (User: ) Description: 0x8004401eC:\WINDOWS\SYSTEM32\WBEM\RU-RU\MSFEEDSBS.MFL Error: (06/26/2014 11:09:58 AM) (Source: WinMgmt) (EventID: 4) (User: ) Description: 0x8004401eC:\WINDOWS\SYSTEM32\WBEM\HE-IL\MSFEEDSBS.MFL Error: (06/26/2014 11:09:58 AM) (Source: WinMgmt) (EventID: 4) (User: ) Description: 0x8004401eC:\WINDOWS\SYSTEM32\WBEM\EL-GR\MSFEEDSBS.MFL System errors: ============= Error: (06/26/2014 04:11:52 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Der Dienst "Arbeitsstationsdienst" wurde mit folgendem Fehler beendet: %%2 Error: (06/26/2014 04:11:52 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Der Dienst "Computerbrowser" ist vom Dienst "Arbeitsstationsdienst" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%2 Error: (06/26/2014 04:11:52 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Der Dienst "Computerbrowser" ist vom Dienst "Arbeitsstationsdienst" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%2 Error: (06/26/2014 04:11:52 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Der Dienst "Arbeitsstationsdienst" wurde mit folgendem Fehler beendet: %%2 Error: (06/26/2014 04:11:52 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Der Dienst "Arbeitsstationsdienst" wurde mit folgendem Fehler beendet: %%2 Error: (06/26/2014 04:11:52 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Der Dienst "Computerbrowser" ist vom Dienst "Arbeitsstationsdienst" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%2 Error: (06/26/2014 04:11:42 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Der Dienst "Arbeitsstationsdienst" wurde mit folgendem Fehler beendet: %%2 Error: (06/26/2014 04:11:42 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Der Dienst "Computerbrowser" ist vom Dienst "Arbeitsstationsdienst" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%2 Error: (06/26/2014 04:11:42 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Der Dienst "Computerbrowser" ist vom Dienst "Arbeitsstationsdienst" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%2 Error: (06/26/2014 04:11:42 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Der Dienst "Arbeitsstationsdienst" wurde mit folgendem Fehler beendet: %%2 Microsoft Office Sessions: ========================= Error: (06/26/2014 04:12:01 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\lance\Downloads\esetsmartinstaller_deu.exe Error: (06/26/2014 03:41:27 PM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (EventID: 1) (User: ) Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008] Error: (06/26/2014 02:43:02 PM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (EventID: 1) (User: ) Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008] Error: (06/26/2014 11:30:16 AM) (Source: .NET Runtime Optimization Service) (EventID: 1103) (User: ) Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_64) - Tried to start a service that wasn't the latest version of CLR Optimization service. Will shutdown Error: (06/26/2014 11:30:16 AM) (Source: .NET Runtime Optimization Service) (EventID: 1103) (User: ) Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Tried to start a service that wasn't the latest version of CLR Optimization service. Will shutdown Error: (06/26/2014 11:22:28 AM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (EventID: 1) (User: ) Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008] Error: (06/26/2014 11:09:58 AM) (Source: WinMgmt) (EventID: 4) (User: ) Description: 0x8004401eC:\WINDOWS\SYSTEM32\WBEM\AR-SA\MSFEEDS.MFL Error: (06/26/2014 11:09:58 AM) (Source: WinMgmt) (EventID: 4) (User: ) Description: 0x8004401eC:\WINDOWS\SYSTEM32\WBEM\RU-RU\MSFEEDSBS.MFL Error: (06/26/2014 11:09:58 AM) (Source: WinMgmt) (EventID: 4) (User: ) Description: 0x8004401eC:\WINDOWS\SYSTEM32\WBEM\HE-IL\MSFEEDSBS.MFL Error: (06/26/2014 11:09:58 AM) (Source: WinMgmt) (EventID: 4) (User: ) Description: 0x8004401eC:\WINDOWS\SYSTEM32\WBEM\EL-GR\MSFEEDSBS.MFL CodeIntegrity Errors: =================================== Date: 2014-06-04 15:36:04.993 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2014-06-04 15:36:04.900 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2013-09-22 14:29:46.845 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\lance\AppData\Local\Temp\EverestDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2013-09-22 14:29:46.777 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\lance\AppData\Local\Temp\EverestDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2013-09-22 14:29:46.566 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2013-09-22 14:29:46.490 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2013-09-19 18:11:56.848 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Glary Utilities 3\ProcObsrv.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2013-09-19 18:11:56.781 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Glary Utilities 3\ProcObsrv.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. ==================== Memory info =========================== Percentage of memory in use: 47% Total physical RAM: 8102.07 MB Available physical RAM: 4238.87 MB Total Pagefile: 16202.31 MB Available Pagefile: 11573.52 MB Total Virtual: 8192 MB Available Virtual: 8191.84 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:305.67 GB) (Free:33.63 GB) NTFS ==>[Drive with boot components (obtained from BCD)] Drive d: (DATA) (Fixed) (Total:367.96 GB) (Free:33.8 GB) NTFS Drive e: (GameZ) (Fixed) (Total:349.32 GB) (Free:23.34 GB) NTFS Drive f: (SDATA2) (Fixed) (Total:349.31 GB) (Free:27.9 GB) NTFS Drive i: (Stronghold Crusa) (CDROM) (Total:0.54 GB) (Free:0 GB) CDFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 699 GB) (Disk ID: F3C6F6A7) Partition 1: (Not Active) - (Size=25 GB) - (Type=1C) Partition 2: (Active) - (Size=306 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=368 GB) - (Type=OF Extended) ======================================================== Disk: 1 (Size: 699 GB) (Disk ID: 8FAC169A) Partition 1: (Not Active) - (Size=699 GB) - (Type=OF Extended) ==================== End Of Log ============================ |
26.06.2014, 18:36 | #7 | |
/// Winkelfunktion /// TB-Süch-Tiger™ | Trojaner Verdacht - CPU im Leerlauf bei 50 - 100% AuslastungZitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
26.06.2014, 18:52 | #8 | |
| Trojaner Verdacht - CPU im Leerlauf bei 50 - 100% AuslastungZitat:
|
26.06.2014, 19:08 | #9 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Trojaner Verdacht - CPU im Leerlauf bei 50 - 100% Auslastung Was meinst du wohl wofür C:\Windows\Re-Aktivierung\TriggerKMS.exe steht...in diesem Zusammenhang auch KMSnano. Das sind alles bekannte Hacks/Cracks für Microsoft-Software (Windows/Office)
__________________ Logfiles bitte immer in CODE-Tags posten |
Themen zu Trojaner Verdacht - CPU im Leerlauf bei 50 - 100% Auslastung |
100%, 100% auslastung, antivir, auslastung, befindet, community, cpu, cpu auslastung, destroy, dringende, hilfe!, kurzzeitig, laptop, lüfter, malwarebytes, problem, search, sekunden, spring, spybot, troja, trojaner, verdacht, zwischen, ändert |