Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Windows 7 - svchost.exe 100% CPU-Auslastung

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML

Antwort
Alt 04.04.2014, 06:12   #1
Morgrain
 
Windows 7 - svchost.exe 100% CPU-Auslastung - Standard

Windows 7 - svchost.exe 100% CPU-Auslastung



Hallo Leute,

ich bin momentan ziemlich am Verzweifeln und weiß nicht mehr weiter. Jedes mal wenn ich den PC starte (seit gestern Abend) schraubt sich die CPU Auslastung automatisch auf 100% und verlangsamt das ganze System immens. Wenn ich in den Task Manager schaue, sehe ich eine mehr oder minder ominiöse Anwendung unter "C:\Windows\SysWOW64\svchost.exe".

Das ist zwar (laut meiner Recherche) ein vollkommen normaler Windowsprozess, verbraucht aber auf einmal alle meine Ressourcen. Ich vermute leider einen Virus oder ähnliches. Habe schon SpyBot, Malwarebytes Anti Malware und Norton mehrfach drüberlaufen lassen - zwar wurde etwas gefunden, dass war aber ein veraltetes Trainer und dementsprechend nicht weiter wichtig. Ansonsten null, naja, niente.

Merkwürdigerweise tritt dieser Prozess zwar auch auf, wenn ich das Lan-Kabel ziehe (also Internet gewaltsam ausstelle), aber dann verhält der Prozess sich inaktiv. Zwar sehe ich diesen svchost im Task Manager und Anwendungen, er verbraucht aber unter Leistung keine CPU-Auslastung (bei ausgestelltem Internet).

Außerdem startet diese Anwendung/Prozess nicht, wenn ich den PC im gesicherten Modus (also nur grundlegende Geräte und Dienste) starte. Dementsprechend habe ich mir wohl einen Schädling eingefangen und werde anscheinend zum BitCoinMining oder etwas ähnlichem ausgenutzt..

Sollte ich weitere Programme benötigen um differenziertere Logs zu posten, bitte einfach sagen und ich werde versuchen dem bestmöglichst nachzukommen.

Ich hoffe man kann mir helfen.

Edit: Ich habe vor heute Mittag (muss jetzt zur Arbeit) diese Schritte durchzuarbeiten (http://www.trojaner-board.de/69886-a...-beachten.html), wollte aber vorher schonmal auf diesen Thread aufmerksam machen, da vielleicht jemand mit demselben Problem zu kämpfen hat und mit diesem Schädling schon Bekanntschaft gemacht hat (wird wohl kaum "Normal" sein) und mir wohlmöglich helfen kann. Edit2: Da ich mir nicht sicher bin, wo oder was genau das Problem ist, habe ich parallel im hijackthis-forum einen Beitrag erstellt.

Geändert von Morgrain (04.04.2014 um 06:32 Uhr) Grund: Neues Wissen

Alt 04.04.2014, 06:30   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Windows 7 - svchost.exe 100% CPU-Auslastung - Standard

Windows 7 - svchost.exe 100% CPU-Auslastung



hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________

Alt 04.04.2014, 11:42   #3
Morgrain
 
Windows 7 - svchost.exe 100% CPU-Auslastung - Standard

Windows 7 - svchost.exe 100% CPU-Auslastung



Hallo,

Danke für die schnelle Antwort.

FRST.txt

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by DAUM (administrator) on DAUM-PC on 04-04-2014 12:30:00
Running from C:\Users\DAUM\Desktop\PC retten
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\WiFi GO! Server.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ Power Control\PowerControlHelp.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.15\AsusFanControlService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(CyberLink) C:\Program Files (x86)\Cyberlink\PowerDVD13\Kernel\DMS\CLMSMonitorServicePDVD13.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
() C:\Windows\system\HsMgr64.exe
(CyberLink) C:\Program Files (x86)\Cyberlink\PowerDVD13\Kernel\DMS\CLMSServerPDVD13.exe
() C:\Windows\SysWOW64\HsMgr.exe
(Binary Fortress Software) C:\Program Files (x86)\DisplayFusion\DisplayFusionService.exe
(DTS, Inc) C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.0.43\NST.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.2.0.38\NIS.exe
(Locktime Software) C:\Program Files\NetLimiter 3\nlsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Razer Inc.) E:\Programme\Razer\Razer Game Booster\RzKLService.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.0.43\NST.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
(SMART Technologies) E:\Programme\SMART Technologies\Education Software\SMARTHelperService.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.2.0.38\NIS.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\USB 3.0 Boost\U3BoostSvr64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVHelp.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AsDLNAServerReal.exe
(Binary Fortress Software) C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe
(ROCCAT GmbH Co., Ltd.) C:\Program Files (x86)\ROCCAT\Ryos Keyboard\Ryos MK Monitor.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(Binary Fortress Software) C:\Program Files (x86)\DisplayFusion\DisplayFusionHookAppWIN6032.exe
(Binary Fortress Software) C:\Program Files (x86)\DisplayFusion\DisplayFusionHookAppWIN6064.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
() I:\Core Temp.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [ShadowPlay] - C:\Windows\system32\nvspcap64.dll [1179576 2014-01-21] (NVIDIA Corporation)
HKLM\...\Run: [RtHDVBg_DTS] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1215632 2012-08-06] (Realtek Semiconductor)
HKLM\...\Run: [Nvtmru] - "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
HKLM\...\Run: [NvBackend] - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-01-21] (NVIDIA Corporation)
HKLM\...\Run: [Cmaudio8788GX64] - C:\Windows\system\HsMgr64.exe [282112 2008-07-11] ()
HKLM\...\Run: [Cmaudio8788GX] - C:\Windows\syswow64\HsMgr.exe [200704 2008-07-11] ()
HKLM-x32\...\Run: [] - [X]
HKLM-x32\...\Run: [Razer Synapse] - C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [444760 2014-03-07] (Razer Inc.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\.DEFAULT\...\RunOnce: [SPReview] - C:\Windows\System32\SPReview\SPReview.exe [301568 2013-08-25] (Microsoft Corporation)
HKU\S-1-5-21-2263915838-1270488654-868256476-1000\...\Run: [DisplayFusion] - C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe [7952224 2013-11-27] (Binary Fortress Software)
HKU\S-1-5-21-2263915838-1270488654-868256476-1000\...\Policies\Explorer: [HideSCAVolume] 0

==================== Internet (Whitelisted) ====================

ProxyServer: http=;ftp=;https=;
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xF887D9F9BEA1CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.2.0.38\coIEPlg.dll (Symantec Corporation)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Norton Identity Protection - {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.0.43\coIEPlg.dll (Symantec Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\21.2.0.38\coIEPlg.dll (Symantec Corporation)
BHO-x32: SMART Notebook Download Utility - {67BCF957-85FC-4036-8DC4-D4D80E00A77B} - E:\Programme\SMART Technologies\Education Software\NotebookPlugin.dll (SMART Technologies ULC.)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\21.2.0.38\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - E:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.0.43\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.2.0.38\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\21.2.0.38\coIEPlg.dll (Symantec Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1

Chrome: 
=======
CHR HomePage: hxxp://www.buffed.de/E-Commerce-Thema-223039/News/Die-besten-Schnaeppchen-im-Internet-Spiele-Filme-Elektronik-683186/
CHR Extension: (ProxTube) - C:\Users\DAUM\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2013-11-04]
CHR Extension: (Google Docs) - C:\Users\DAUM\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-08-24]
CHR Extension: (Google Drive) - C:\Users\DAUM\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-08-24]
CHR Extension: (YouTube) - C:\Users\DAUM\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-08-24]
CHR Extension: (Google-Suche) - C:\Users\DAUM\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-08-24]
CHR Extension: (iCloud-Lesezeichen) - C:\Users\DAUM\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkepacicchenbjecpbpbclokcabebhah [2014-03-26]
CHR Extension: (AdBlock) - C:\Users\DAUM\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-11-02]
CHR Extension: (BittorrentBar_DE) - C:\Users\DAUM\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl [2013-11-02]
CHR Extension: (Google Dictionary (by Google)) - C:\Users\DAUM\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgijmajocgfcbeboacabfgobmjgjcoja [2014-03-23]
CHR Extension: (Norton Identity Protection) - C:\Users\DAUM\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2014-03-03]
CHR Extension: (FastestFox – Schneller browsen) - C:\Users\DAUM\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmffncokckfccddfenhkhnllmlobdahm [2013-12-06]
CHR Extension: (Erweiterung \) - C:\Users\DAUM\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlbjncdgjeocebhnmkbbbdekmmmcbfjd [2013-11-02]
CHR Extension: (Google Wallet) - C:\Users\DAUM\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-24]
CHR Extension: (Norton Identity Protection) - C:\Users\DAUM\AppData\Local\Google\Chrome\User Data\Default\Extensions\nppllibpnmahfaklnpggkibhkapjkeob [2014-03-20]
CHR Extension: (Google Mail) - C:\Users\DAUM\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-08-24]
CHR Extension: (Abstract-Blue) - C:\Users\DAUM\AppData\Local\Google\Chrome\User Data\Default\Extensions\plnacehkknmafkjgkikclamogikoiaaa [2013-11-02]
CHR HKCU\...\Chrome\Extension: [hempmfkijmahkaddljkmchcmjbojoedl] - C:\Users\DAUM\AppData\Local\CRE\hempmfkijmahkaddljkmchcmjbojoedl.crx [2013-07-27]
CHR HKLM-x32\...\Chrome\Extension: [hempmfkijmahkaddljkmchcmjbojoedl] - C:\Users\DAUM\AppData\Local\CRE\hempmfkijmahkaddljkmchcmjbojoedl.crx [2013-07-27]
CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2013-08-24]
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\21.2.0.38\Exts\Chrome.crx [2014-03-19]
CHR HKLM-x32\...\Chrome\Extension: [nppllibpnmahfaklnpggkibhkapjkeob] - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.0.43\Exts\Chrome.crx [2014-03-20]

==================== Services (Whitelisted) =================

R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2012-06-01] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [951936 2012-06-01] (ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [149120 2012-02-17] (ASUSTeK Computer Inc.)
U2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.15\AsusFanControlService.exe [1457664 2012-06-19] (ASUSTeK Computer Inc.)
R2 CyberLink PowerDVD 13 Media Server Monitor Service; C:\Program Files (x86)\Cyberlink\PowerDVD13\Kernel\DMS\CLMSMonitorServicePDVD13.exe [77576 2013-07-05] (CyberLink)
R2 CyberLink PowerDVD 13 Media Server Service; C:\Program Files (x86)\Cyberlink\PowerDVD13\Kernel\DMS\CLMSServerPDVD13.exe [327432 2013-07-05] (CyberLink)
R2 DisplayFusionService; C:\Program Files (x86)\DisplayFusion\DisplayFusionService.exe [1375600 2013-11-27] (Binary Fortress Software)
R2 DTSAudioSvc; C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [233328 2012-01-23] (DTS, Inc)
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [520416 2014-02-28] (Futuremark)
S2 KMService; C:\Windows\SysWOW64\srvany.exe [8192 2014-01-19] ()
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-03-05] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [857912 2014-03-05] (Malwarebytes Corporation)
R2 NCO; C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.0.43\NST.exe [130104 2014-03-11] (Symantec Corporation)
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\21.2.0.38\NIS.exe [276376 2014-03-12] (Symantec Corporation)
R2 nlsvc; C:\Program Files\NetLimiter 3\nlsvc.exe [1851008 2013-10-10] (Locktime Software)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-01-21] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16939296 2014-01-21] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76888 2013-11-30] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-12-31] ()
R2 RzKLService; E:\Programme\Razer\Razer Game Booster\RzKLService.exe [105448 2014-02-25] (Razer Inc.)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3921880 2013-10-15] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1042272 2013-09-20] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171416 2013-09-13] (Safer-Networking Ltd.)
S2 SkypeUpdate; E:\Skype\Updater\Updater.exe [172192 2013-10-23] (Skype Technologies)
R2 SMARTHelperService; E:\Programme\SMART Technologies\Education Software\SMARTHelperService.exe [538416 2013-11-22] (SMART Technologies)
S2 CLKMSVC10_20EFDAAB; "E:\PowerDVD10\NavFilter\kmsvc.exe" /svc [X]

==================== Drivers (Whitelisted) ====================

R3 AiChargerPlus; C:\Windows\SysWow64\drivers\AiChargerPlus.sys [14848 2012-04-19] (ASUSTek Computer Inc.)
R0 asahci64; C:\Windows\System32\DRIVERS\asahci64.sys [49760 2012-01-06] (Asmedia Technology)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-22] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2012-09-14] ()
R3 ASUSFILTER; C:\Windows\SysWow64\drivers\ASUSFILTER.sys [46152 2011-09-20] (MCCI Corporation)
R1 BHDrvx64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\BASHDefs\20140319.001\BHDrvx64.sys [1525976 2014-03-19] (Symantec Corporation)
R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1502000.026\ccSetx64.sys [162392 2013-09-26] (Symantec Corporation)
R1 ccSet_NST; C:\Windows\system32\drivers\NSTx64\7DE07000.02B\ccSetx64.sys [162392 2013-09-27] (Symantec Corporation)
R3 cmudaxp; C:\Windows\System32\drivers\cmudaxp.sys [2725376 2011-03-10] (C-Media Inc)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2014-02-19] (DT Soft Ltd)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2014-03-02] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [137648 2014-03-02] (Symantec Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\IPSDefs\20140402.001\IDSvia64.sys [525016 2014-03-26] (Symantec Corporation)
R1 MagicTune; C:\Windows\system32\drivers\MTiCtwl.sys [23096 2008-11-04] (Samsung Electronics, Inc. )
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-03-05] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2014-04-04] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63192 2014-03-05] (Malwarebytes Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20140403.002\ENG64.SYS [126040 2014-03-31] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20140403.002\EX64.SYS [2099288 2014-03-31] (Symantec Corporation)
R1 nltdi; C:\Program Files\NetLimiter 3\nltdi.sys [87472 2013-06-12] (Locktime Software)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation)
S3 SaiK0728; C:\Windows\System32\DRIVERS\SaiK0728.sys [180584 2012-12-05] (Saitek)
R3 SaiMini; C:\Windows\System32\DRIVERS\SaiMini.sys [25120 2013-04-30] (Saitek)
R3 SaiNtBus; C:\Windows\System32\drivers\SaiBus.sys [52640 2013-04-30] (Saitek)
R3 SMARTMouseFilterx64; C:\Windows\System32\DRIVERS\SMARTMouseFilterx64.sys [10240 2013-11-04] (SMART Technologies)
R3 SMARTVHidMiniVistaAmd64; C:\Windows\System32\DRIVERS\SMARTVHidMiniVistaAmd64.sys [9216 2013-11-04] (SMART Technologies)
S3 SMARTVTabletPCx64; C:\Windows\System32\DRIVERS\SMARTVTabletPCx64.sys [22184 2013-11-04] (SMART Technologies ULC)
R3 SRTSP; C:\Windows\System32\Drivers\NISx64\1502000.026\SRTSP64.SYS [875736 2014-02-13] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1502000.026\SRTSPX64.SYS [36952 2013-09-10] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NISx64\1502000.026\SYMDS64.SYS [493656 2013-09-10] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1502000.026\SYMEFA64.SYS [1148120 2014-03-04] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-03-03] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1502000.026\Ironx64.SYS [264280 2013-09-27] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1502000.026\SYMNETS.SYS [593112 2014-02-18] (Symantec Corporation)
R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1120032 2014-03-21] (Acronis International GmbH)
R0 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [198432 2014-03-21] (Acronis International GmbH)
U5 UnlockerDriver5; E:\Programme\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] () <===== ATTENTION Necurs Rootkit?
R0 vidsflt; C:\Windows\System32\DRIVERS\vidsflt.sys [117024 2014-03-21] (Acronis International GmbH)
R2 {09F57980-3432-4AFC-957D-27AC45FAE1F5}; C:\Program Files (x86)\CyberLink\PowerDVD13\Common\NavFilter\000.fcl [130320 2013-07-06] (CyberLink Corp.)
R3 ALSysIO; \??\C:\Users\DAUM\AppData\Local\Temp\ALSysIO64.sys [X]
S2 AODDriver4.2.0; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [X]
S3 cpuz137; \??\C:\Windows\TEMP\cpuz137\cpuz137_x64.sys [X]
S3 GPUZ; \??\C:\Windows\TEMP\GPUZ.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-04 12:29 - 2014-04-04 12:30 - 00000000 ____D () C:\FRST
2014-04-04 12:27 - 2014-04-04 12:30 - 00000000 ____D () C:\Users\DAUM\Desktop\PC retten
2014-04-03 21:48 - 2014-04-03 21:48 - 00602112 _____ (OldTimer Tools) C:\Users\DAUM\Desktop\OTL.exe
2014-04-03 21:30 - 2014-04-03 21:30 - 00014574 _____ () C:\Users\DAUM\Desktop\hijackthis.log
2014-04-03 21:27 - 2014-04-03 21:27 - 00009153 _____ () C:\Users\DAUM\Downloads\hijackthis.log
2014-04-03 21:26 - 2014-04-03 21:26 - 00388608 _____ (Trend Micro Inc.) C:\Users\DAUM\Desktop\hijackthis.exe
2014-04-03 21:22 - 2014-04-03 21:27 - 00000000 ____D () C:\Users\DAUM\Doctor Web
2014-04-03 21:20 - 2014-04-03 21:21 - 145673424 _____ () C:\Users\DAUM\Downloads\cureit.exe
2014-04-03 20:52 - 2014-03-21 17:46 - 00000861 _____ () C:\Windows\system32\Drivers\etc\hosts.20140403-205245.backup
2014-04-03 20:37 - 2014-04-04 12:24 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-03 20:37 - 2014-04-03 20:37 - 17523384 _____ (Malwarebytes Corporation ) C:\Users\DAUM\Downloads\mbam-setup-2.0.0.1000.exe
2014-04-03 20:37 - 2014-04-03 20:37 - 00001114 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-04-03 20:37 - 2014-04-03 20:37 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-03 20:37 - 2014-04-03 20:37 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-04-03 20:37 - 2014-03-05 09:26 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-03 20:37 - 2014-03-05 09:26 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-03 20:37 - 2014-03-05 09:26 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-03 20:22 - 2014-04-03 20:22 - 00000000 ____D () C:\Users\DAUM\Documents\ProcAlyzer Dumps
2014-04-03 20:01 - 2014-03-06 23:53 - 02925760 _____ (Sysinternals - www.sysinternals.com) C:\Users\DAUM\Desktop\procexp.exe
2014-04-03 20:01 - 2012-10-15 13:23 - 00072154 _____ () C:\Users\DAUM\Downloads\procexp.chm
2014-04-03 20:01 - 2006-07-28 08:32 - 00007005 _____ () C:\Users\DAUM\Downloads\Eula.txt
2014-04-03 20:00 - 2014-04-03 20:21 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-04-03 20:00 - 2014-04-03 20:00 - 00001391 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-04-03 20:00 - 2014-04-03 20:00 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2014-04-03 20:00 - 2014-04-03 20:00 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-04-03 20:00 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
2014-04-03 19:58 - 2014-04-03 19:59 - 40658208 _____ (Safer-Networking Ltd. ) C:\Users\DAUM\Downloads\spybot-2.2.exe
2014-04-03 19:53 - 2014-04-03 19:53 - 01243655 _____ () C:\Users\DAUM\Downloads\ProcessExplorer.zip
2014-04-03 19:34 - 2014-04-03 19:34 - 00003188 _____ () C:\Windows\System32\Tasks\GUpdater
2014-04-03 19:34 - 2009-07-14 03:39 - 00065656 _____ () C:\Windows\SysWOW64\setup.bin.comp
2014-04-02 20:52 - 2014-04-02 20:53 - 00000000 ____D () C:\Users\DAUM\Desktop\Rome2
2014-04-02 19:06 - 2014-04-02 19:06 - 00006577 _____ () C:\Users\DAUM\AppData\Local\recently-used.xbel
2014-03-31 06:36 - 2014-03-31 06:36 - 00000000 ____D () C:\Windows\System32\Tasks\Norton Internet Security
2014-03-27 08:18 - 2014-03-27 08:18 - 03822704 _____ () C:\Users\DAUM\Downloads\battlelog-web-plugins_2.3.2_133.exe
2014-03-26 23:33 - 2014-03-31 13:56 - 00000000 ____D () C:\Users\DAUM\AppData\Local\BC99FC14-6988-49FB-9596-0765364BB27A.aplzod
2014-03-26 23:25 - 2014-03-26 23:26 - 70638408 _____ (Apple Inc.) C:\Users\DAUM\Downloads\iCloudSetup.exe
2014-03-26 20:04 - 2014-03-26 20:04 - 00000000 ____D () C:\Users\DAUM\Documents\Norton Identity Safe-Backups
2014-03-25 19:12 - 2014-03-25 19:12 - 00048954 _____ () C:\Users\DAUM\Desktop\DxDiag.txt
2014-03-25 19:12 - 2014-03-25 19:12 - 00040089 _____ () C:\Users\DAUM\Desktop\rome2_10270_crash_2014_3_24T11_39_52C0.rar
2014-03-24 21:13 - 2014-03-24 21:13 - 00002671 _____ () C:\Users\DAUM\Unigine_Heaven_Benchmark_4.0_20140324_2013.html
2014-03-24 20:55 - 2014-03-24 21:01 - 00000000 ____D () C:\Users\DAUM\Heaven
2014-03-24 20:53 - 2014-03-24 21:02 - 01065984 _____ () C:\Users\DAUM\AppData\Local\file__0.localstorage
2014-03-24 20:47 - 2014-03-24 20:50 - 258728440 _____ (Unigine Corp. ) C:\Users\DAUM\Downloads\Unigine_Heaven-4.0.exe
2014-03-24 20:47 - 2014-03-24 20:47 - 00019913 _____ () C:\Users\DAUM\Downloads\Unigine_Heaven-4.0.exe.torrent
2014-03-24 15:55 - 2014-03-24 15:55 - 03821624 _____ () C:\Users\DAUM\Downloads\battlelog-web-plugins_2.3.2_131.exe
2014-03-24 12:34 - 2014-03-24 12:34 - 00000000 ____D () C:\Users\DAUM\Downloads\pixelvision
2014-03-24 12:28 - 2014-04-03 19:15 - 00000000 ____D () C:\Steam
2014-03-22 18:27 - 2014-03-22 18:27 - 11182376 _____ () C:\Users\DAUM\Downloads\redsn0w-0.9.6b6.zip
2014-03-22 13:57 - 2014-03-22 13:57 - 00000000 ____D () C:\Users\DAUM\AppData\Roaming\VOWSoft
2014-03-22 13:56 - 2014-03-22 13:56 - 05842096 _____ () C:\Users\DAUM\Downloads\ibackupbot_setup.exe
2014-03-22 11:21 - 2014-01-09 04:22 - 05694464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-03-22 11:21 - 2014-01-04 00:44 - 06574592 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-03-22 10:04 - 2013-10-02 03:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2014-03-22 10:03 - 2013-10-02 04:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2014-03-22 10:03 - 2013-10-02 04:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2014-03-22 10:03 - 2013-10-02 04:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2014-03-22 10:03 - 2013-10-02 03:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2014-03-22 10:03 - 2013-10-02 03:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2014-03-22 10:03 - 2013-10-02 03:29 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-03-22 10:03 - 2013-10-02 02:15 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2014-03-22 10:03 - 2013-10-02 02:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2014-03-22 10:03 - 2013-10-02 02:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2014-03-22 10:03 - 2013-10-02 02:08 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2014-03-22 10:03 - 2013-10-02 02:01 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2014-03-22 10:03 - 2013-10-02 01:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-03-22 10:03 - 2013-10-02 01:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-03-22 10:03 - 2013-10-02 01:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2014-03-22 10:03 - 2013-10-02 00:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-03-22 10:03 - 2013-09-25 04:23 - 01030144 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-03-22 10:03 - 2013-09-25 03:57 - 00792576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-03-21 17:46 - 2014-03-21 17:46 - 00000000 ____D () C:\Users\DAUM\AppData\Roaming\Acronis
2014-03-21 17:45 - 2014-03-21 20:50 - 00000000 ____D () C:\ProgramData\Acronis
2014-03-21 17:45 - 2014-03-21 17:45 - 01464096 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\tdrpman.sys
2014-03-21 17:45 - 2014-03-21 17:45 - 01120032 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\tib.sys
2014-03-21 17:45 - 2014-03-21 17:45 - 00367200 _____ (Acronis) C:\Windows\system32\Drivers\afcdp.sys
2014-03-21 17:45 - 2014-03-21 17:45 - 00269600 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\snapman.sys
2014-03-21 17:45 - 2014-03-21 17:45 - 00198432 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\tib_mounter.sys
2014-03-21 17:45 - 2014-03-21 17:45 - 00161568 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\vididr.sys
2014-03-21 17:45 - 2014-03-21 17:45 - 00117024 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\vidsflt.sys
2014-03-21 17:45 - 2014-03-21 17:45 - 00116000 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\fltsrv.sys
2014-03-21 17:45 - 2014-03-21 17:45 - 00001217 _____ () C:\Users\Public\Desktop\Acronis True Image 2014.lnk
2014-03-21 17:45 - 2014-03-21 17:45 - 00000000 ____D () C:\Program Files (x86)\Acronis
2014-03-21 00:24 - 2014-03-21 00:29 - 71259563 _____ () C:\Users\DAUM\Documents\dm_rilynn_rae.mp4
2014-03-20 00:05 - 2014-03-20 00:05 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2014-03-19 16:45 - 2014-03-19 16:45 - 00001795 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-03-19 16:45 - 2014-03-19 16:45 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-03-19 16:45 - 2014-03-19 16:45 - 00000000 ____D () C:\Program Files\iTunes
2014-03-19 16:45 - 2014-03-19 16:45 - 00000000 ____D () C:\Program Files\iPod
2014-03-19 16:45 - 2014-03-19 16:45 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-03-19 00:32 - 2014-03-19 00:34 - 00000000 ____D () C:\Users\DAUM\Downloads\Acronis True Image Home 2014 17.0 Build 6614
2014-03-18 18:04 - 2014-03-18 18:04 - 00316912 _____ () C:\Users\DAUM\Downloads\441280_intl_x64_zip.exe
2014-03-18 17:51 - 2011-11-24 09:17 - 00166912 _____ (Microsoft Corporation) C:\Windows\system32\powrprof.dll
2014-03-18 17:51 - 2011-11-24 08:22 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\powrprof.dll
2014-03-18 17:50 - 2014-03-18 17:50 - 04693832 _____ () C:\Users\DAUM\Downloads\441065_intl_x64_zip.exe
2014-03-18 15:03 - 2014-03-18 15:03 - 00613200 _____ (Chip Digital GmbH) C:\Users\DAUM\Downloads\HijackThis - CHIP-Downloader.exe
2014-03-17 14:48 - 2014-03-17 14:48 - 00000000 ____D () C:\Users\DAUM\AppData\Local\Razer_Inc
2014-03-17 14:47 - 2014-03-17 14:47 - 00000000 ____D () C:\Users\DAUM\Documents\Razer
2014-03-17 14:43 - 2014-03-17 14:44 - 41954352 _____ (Razer Inc. ) C:\Users\DAUM\Downloads\RazerGameBoosterSetup_4.2.45.0.exe
2014-03-12 22:49 - 2014-03-12 22:49 - 00000000 ____D () C:\Program Files (x86)\SplitMediaLabs
2014-03-12 22:35 - 2014-03-12 22:35 - 00000000 ____D () C:\Users\DAUM\AppData\Local\SplitMediaLabs
2014-03-12 22:34 - 2014-03-12 22:34 - 00000000 ____D () C:\ProgramData\SplitMediaLabs
2014-03-12 22:33 - 2014-03-12 22:33 - 00000000 ____D () C:\Users\DAUM\AppData\Roaming\SplitMediaLabs
2014-03-12 22:32 - 2014-03-12 22:45 - 00000000 ____D () C:\Users\DAUM\Desktop\XSplit
2014-03-12 20:31 - 2014-03-12 20:39 - 00000000 ____D () C:\Users\DAUM\AppData\Roaming\FFsplit
2014-03-12 20:27 - 2014-03-12 20:27 - 08463565 _____ (FFsplit Team ) C:\Users\DAUM\Downloads\FFsplit-07023-Full.exe
2014-03-12 07:48 - 2014-03-01 08:05 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-12 07:48 - 2014-03-01 07:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-12 07:48 - 2014-03-01 07:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-12 07:48 - 2014-03-01 06:58 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-12 07:48 - 2014-03-01 06:52 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-12 07:48 - 2014-03-01 06:51 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-12 07:48 - 2014-03-01 06:42 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-12 07:48 - 2014-03-01 06:40 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-12 07:48 - 2014-03-01 06:37 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-12 07:48 - 2014-03-01 06:33 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-12 07:48 - 2014-03-01 06:33 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-12 07:48 - 2014-03-01 06:32 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-12 07:48 - 2014-03-01 06:30 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-12 07:48 - 2014-03-01 06:23 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-12 07:48 - 2014-03-01 06:17 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-12 07:48 - 2014-03-01 06:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-12 07:48 - 2014-03-01 06:02 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-12 07:48 - 2014-03-01 05:54 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-12 07:48 - 2014-03-01 05:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-12 07:48 - 2014-03-01 05:51 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-03-12 07:48 - 2014-03-01 05:47 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-12 07:48 - 2014-03-01 05:43 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-12 07:48 - 2014-03-01 05:43 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-12 07:48 - 2014-03-01 05:42 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-12 07:48 - 2014-03-01 05:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-12 07:48 - 2014-03-01 05:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-03-12 07:48 - 2014-03-01 05:37 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-03-12 07:48 - 2014-03-01 05:35 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-12 07:48 - 2014-03-01 05:18 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-12 07:48 - 2014-03-01 05:16 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-12 07:48 - 2014-03-01 05:14 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-12 07:48 - 2014-03-01 05:10 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-12 07:48 - 2014-03-01 05:03 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-12 07:48 - 2014-03-01 05:00 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-03-12 07:48 - 2014-03-01 04:57 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-12 07:48 - 2014-03-01 04:38 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-12 07:48 - 2014-03-01 04:32 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-12 07:48 - 2014-03-01 04:27 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-12 07:48 - 2014-03-01 04:25 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-12 07:48 - 2014-03-01 04:25 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-03-12 07:39 - 2014-01-28 04:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-03-12 07:38 - 2014-02-07 03:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-12 07:37 - 2014-02-04 04:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-03-12 07:37 - 2014-02-04 04:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-12 07:37 - 2014-02-04 04:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-03-12 07:37 - 2014-02-04 04:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-03-12 07:37 - 2014-01-29 04:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-03-12 07:37 - 2014-01-29 04:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-03-11 19:04 - 2014-03-11 19:04 - 00081452 _____ () C:\Users\DAUM\Desktop\MAXIMILIAN-PC.txt
2014-03-11 14:50 - 2014-03-11 14:50 - 00000000 ____D () C:\Users\DAUM\AppData\Roaming\DivX
2014-03-11 09:08 - 2014-03-04 13:32 - 00599840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-03-11 08:50 - 2014-03-04 16:35 - 31474976 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-03-11 08:50 - 2014-03-04 16:35 - 25255256 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-03-11 08:50 - 2014-03-04 16:35 - 23716640 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-03-11 08:50 - 2014-03-04 16:35 - 17561544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-03-11 08:50 - 2014-03-04 16:35 - 15783992 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-03-11 08:50 - 2014-03-04 16:35 - 12708128 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-03-11 08:50 - 2014-03-04 16:35 - 11636176 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-03-11 08:50 - 2014-03-04 16:35 - 11589272 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-03-11 08:50 - 2014-03-04 16:35 - 09728064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-03-11 08:50 - 2014-03-04 16:35 - 09690424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-03-11 08:50 - 2014-03-04 16:35 - 03143456 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-03-11 08:50 - 2014-03-04 16:35 - 02958792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-03-11 08:50 - 2014-03-04 16:35 - 02783008 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-03-11 08:50 - 2014-03-04 16:35 - 02411976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-03-11 08:50 - 2014-03-04 16:35 - 01885472 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433523.dll
2014-03-11 08:50 - 2014-03-04 16:35 - 01516488 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433523.dll
2014-03-11 08:50 - 2014-03-04 16:35 - 00892704 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-03-11 08:50 - 2014-03-04 16:35 - 00877856 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-03-11 08:50 - 2014-03-04 16:35 - 00863064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-03-11 08:50 - 2014-03-04 16:35 - 00846168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-03-11 08:50 - 2014-03-04 16:35 - 00832936 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-03-11 08:50 - 2014-03-04 16:35 - 00484296 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2014-03-11 08:50 - 2014-03-04 16:35 - 00409544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2014-03-11 08:50 - 2014-03-04 16:35 - 00377688 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2014-03-11 08:50 - 2014-03-04 16:35 - 00353504 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-03-11 08:50 - 2014-03-04 16:35 - 00333600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2014-03-11 08:50 - 2014-03-04 16:35 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-03-11 08:50 - 2014-03-04 16:35 - 00174296 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-03-11 08:50 - 2014-03-04 16:35 - 00148016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-03-10 19:47 - 2014-03-16 11:28 - 00000000 _____ () C:\Windows\system32\Drivers\lvuvc.hs
2014-03-10 19:47 - 2014-03-10 19:47 - 00004098 _____ () C:\Windows\system32\lvcoinst.log
2014-03-10 19:47 - 2014-03-10 19:47 - 00000000 ____D () C:\Program Files\Common Files\logishrd
2014-03-10 17:12 - 2014-03-10 17:12 - 00000000 ____D () C:\Users\DAUM\AppData\Local\SMART_Technologies
2014-03-10 17:07 - 2014-03-10 17:07 - 00292328 _____ () C:\Windows\Minidump\031014-12807-01.dmp
2014-03-10 16:56 - 2014-03-10 16:56 - 00292632 _____ () C:\Windows\Minidump\031014-12916-01.dmp
2014-03-10 15:41 - 2014-03-10 15:41 - 00000838 _____ () C:\Users\Public\Desktop\SeaTools for Windows.lnk
2014-03-10 15:40 - 2014-03-10 15:40 - 26771088 _____ () C:\Users\DAUM\Downloads\SeaToolsforWindowsSetup.exe
2014-03-10 15:14 - 2014-03-10 15:14 - 00000000 ____D () C:\Users\DAUM\AppData\Roaming\JAM Software
2014-03-10 15:13 - 2014-03-10 15:13 - 00000000 ____D () C:\ProgramData\Licenses
2014-03-10 15:12 - 2014-03-10 15:13 - 00000000 ____D () C:\Users\DAUM\Downloads\JAM Software TreeSize Professional v6.0.2.937 (x86-x64) Retail Incl Keygen-BRD [TorDigger]
2014-03-09 20:45 - 2014-03-09 20:45 - 00000000 ____D () C:\Users\DAUM\AppData\Local\Skype
2014-03-09 18:16 - 2014-04-02 19:07 - 00001744 _____ () C:\Users\DAUM\Desktop\MaLDoHD_C2_Setup.exe - Verknüpfung.lnk

==================== One Month Modified Files and Folders =======

2014-04-04 12:30 - 2014-04-04 12:29 - 00000000 ____D () C:\FRST
2014-04-04 12:30 - 2014-04-04 12:27 - 00000000 ____D () C:\Users\DAUM\Desktop\PC retten
2014-04-04 12:29 - 2009-07-14 19:58 - 00702736 _____ () C:\Windows\system32\perfh007.dat
2014-04-04 12:29 - 2009-07-14 19:58 - 00150376 _____ () C:\Windows\system32\perfc007.dat
2014-04-04 12:29 - 2009-07-14 07:13 - 01628496 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-04 12:28 - 2013-08-24 14:38 - 00000000 _____ () C:\Windows\Path.idx
2014-04-04 12:27 - 2013-08-24 14:07 - 01625430 _____ () C:\Windows\WindowsUpdate.log
2014-04-04 12:24 - 2014-04-03 20:37 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-04 12:24 - 2013-12-22 18:47 - 00003018 _____ () C:\Windows\System32\Tasks\MSIAfterburner
2014-04-04 12:23 - 2013-11-30 15:36 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-04-04 12:23 - 2013-08-24 14:27 - 01048576 _____ () C:\Windows\PE_Rom.dll
2014-04-04 12:23 - 2013-08-24 14:12 - 00001102 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-04 12:23 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-04 12:23 - 2009-07-14 06:51 - 00139311 _____ () C:\Windows\setupact.log
2014-04-04 07:02 - 2009-07-14 06:45 - 00014928 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-04 07:02 - 2009-07-14 06:45 - 00014928 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-04 06:55 - 2013-08-24 19:15 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-03 23:58 - 2013-08-24 14:07 - 00000000 ____D () C:\Users\DAUM
2014-04-03 23:57 - 2014-01-17 21:47 - 00000000 ____D () C:\Users\DAUM\AppData\Local\Battle.net
2014-04-03 23:57 - 2013-08-24 20:35 - 00000000 ____D () C:\Users\DAUM\AppData\Roaming\TS3Client
2014-04-03 23:46 - 2013-08-24 14:12 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-03 21:48 - 2014-04-03 21:48 - 00602112 _____ (OldTimer Tools) C:\Users\DAUM\Desktop\OTL.exe
2014-04-03 21:33 - 2013-08-24 14:25 - 00621848 _____ () C:\Windows\PFRO.log
2014-04-03 21:30 - 2014-04-03 21:30 - 00014574 _____ () C:\Users\DAUM\Desktop\hijackthis.log
2014-04-03 21:27 - 2014-04-03 21:27 - 00009153 _____ () C:\Users\DAUM\Downloads\hijackthis.log
2014-04-03 21:27 - 2014-04-03 21:22 - 00000000 ____D () C:\Users\DAUM\Doctor Web
2014-04-03 21:26 - 2014-04-03 21:26 - 00388608 _____ (Trend Micro Inc.) C:\Users\DAUM\Desktop\hijackthis.exe
2014-04-03 21:21 - 2014-04-03 21:20 - 145673424 _____ () C:\Users\DAUM\Downloads\cureit.exe
2014-04-03 21:00 - 2013-08-30 22:44 - 00000000 ____D () C:\Windows\pss
2014-04-03 20:46 - 2009-07-14 07:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-04-03 20:46 - 2009-07-14 05:20 - 00000000 __RSD () C:\Windows\Media
2014-04-03 20:39 - 2014-01-23 22:58 - 00003922 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{1C88839B-7580-4AEF-946D-0B1949ED9E71}
2014-04-03 20:37 - 2014-04-03 20:37 - 17523384 _____ (Malwarebytes Corporation ) C:\Users\DAUM\Downloads\mbam-setup-2.0.0.1000.exe
2014-04-03 20:37 - 2014-04-03 20:37 - 00001114 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-04-03 20:37 - 2014-04-03 20:37 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-03 20:37 - 2014-04-03 20:37 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-04-03 20:22 - 2014-04-03 20:22 - 00000000 ____D () C:\Users\DAUM\Documents\ProcAlyzer Dumps
2014-04-03 20:21 - 2014-04-03 20:00 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-04-03 20:00 - 2014-04-03 20:00 - 00001391 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-04-03 20:00 - 2014-04-03 20:00 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2014-04-03 20:00 - 2014-04-03 20:00 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-04-03 19:59 - 2014-04-03 19:58 - 40658208 _____ (Safer-Networking Ltd. ) C:\Users\DAUM\Downloads\spybot-2.2.exe
2014-04-03 19:53 - 2014-04-03 19:53 - 01243655 _____ () C:\Users\DAUM\Downloads\ProcessExplorer.zip
2014-04-03 19:34 - 2014-04-03 19:34 - 00003188 _____ () C:\Windows\System32\Tasks\GUpdater
2014-04-03 19:32 - 2013-08-25 22:16 - 00000000 ____D () C:\Users\DAUM\AppData\Local\PMB Files
2014-04-03 19:32 - 2013-08-25 22:16 - 00000000 ____D () C:\ProgramData\PMB Files
2014-04-03 19:22 - 2013-08-24 19:53 - 00000000 ____D () C:\Users\DAUM\AppData\Roaming\Skype
2014-04-03 19:15 - 2014-03-24 12:28 - 00000000 ____D () C:\Steam
2014-04-03 00:23 - 2013-08-24 20:42 - 00000000 ____D () C:\ProgramData\Origin
2014-04-02 23:38 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-04-02 22:02 - 2013-09-20 20:10 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-04-02 20:53 - 2014-04-02 20:52 - 00000000 ____D () C:\Users\DAUM\Desktop\Rome2
2014-04-02 19:12 - 2013-11-02 17:52 - 00000000 ____D () C:\Users\DAUM\.gimp-2.8
2014-04-02 19:07 - 2014-03-09 18:16 - 00001744 _____ () C:\Users\DAUM\Desktop\MaLDoHD_C2_Setup.exe - Verknüpfung.lnk
2014-04-02 19:06 - 2014-04-02 19:06 - 00006577 _____ () C:\Users\DAUM\AppData\Local\recently-used.xbel
2014-04-02 19:06 - 2013-11-02 17:59 - 00000000 ____D () C:\Users\DAUM\AppData\Local\gtk-2.0
2014-04-01 17:03 - 2014-02-02 00:03 - 00000000 ____D () C:\Users\DAUM\AppData\Local\Apple
2014-04-01 13:45 - 2013-12-31 21:43 - 00214392 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-04-01 13:40 - 2013-11-01 20:26 - 00214392 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2014-03-31 17:47 - 2013-09-04 10:30 - 00000000 ____D () C:\Users\DAUM\AppData\Local\Deployment
2014-03-31 13:56 - 2014-03-26 23:33 - 00000000 ____D () C:\Users\DAUM\AppData\Local\BC99FC14-6988-49FB-9596-0765364BB27A.aplzod
2014-03-31 06:36 - 2014-03-31 06:36 - 00000000 ____D () C:\Windows\System32\Tasks\Norton Internet Security
2014-03-31 06:31 - 2014-03-03 03:05 - 00000000 ____D () C:\Windows\system32\Drivers\NISx64
2014-03-31 06:30 - 2014-03-03 03:05 - 00003234 _____ () C:\Windows\System32\Tasks\Norton WSC Integration
2014-03-30 19:43 - 2013-08-31 15:27 - 00000000 ____D () C:\Users\DAUM\AppData\Local\CrashDumps
2014-03-28 10:41 - 2013-08-24 14:12 - 00004102 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-03-28 10:41 - 2013-08-24 14:12 - 00003850 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-03-27 08:18 - 2014-03-27 08:18 - 03822704 _____ () C:\Users\DAUM\Downloads\battlelog-web-plugins_2.3.2_133.exe
2014-03-27 08:18 - 2013-08-25 19:50 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins
2014-03-27 08:16 - 2013-12-19 22:30 - 00000000 ____D () C:\Program Files (x86)\MSI Afterburner
2014-03-26 23:47 - 2014-02-02 00:07 - 00000000 ____D () C:\Users\DAUM\AppData\Roaming\Apple Computer
2014-03-26 23:47 - 2014-02-02 00:07 - 00000000 ____D () C:\Users\DAUM\AppData\Local\Apple Computer
2014-03-26 23:27 - 2014-02-02 00:03 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-03-26 23:26 - 2014-03-26 23:25 - 70638408 _____ (Apple Inc.) C:\Users\DAUM\Downloads\iCloudSetup.exe
2014-03-26 20:04 - 2014-03-26 20:04 - 00000000 ____D () C:\Users\DAUM\Documents\Norton Identity Safe-Backups
2014-03-25 19:12 - 2014-03-25 19:12 - 00048954 _____ () C:\Users\DAUM\Desktop\DxDiag.txt
2014-03-25 19:12 - 2014-03-25 19:12 - 00040089 _____ () C:\Users\DAUM\Desktop\rome2_10270_crash_2014_3_24T11_39_52C0.rar
2014-03-24 21:34 - 2013-11-19 17:04 - 00000000 ____D () C:\Users\DAUM\AppData\Local\Futuremark
2014-03-24 21:13 - 2014-03-24 21:13 - 00002671 _____ () C:\Users\DAUM\Unigine_Heaven_Benchmark_4.0_20140324_2013.html
2014-03-24 21:02 - 2014-03-24 20:53 - 01065984 _____ () C:\Users\DAUM\AppData\Local\file__0.localstorage
2014-03-24 21:01 - 2014-03-24 20:55 - 00000000 ____D () C:\Users\DAUM\Heaven
2014-03-24 20:51 - 2013-09-01 01:00 - 00000000 ____D () C:\Users\DAUM\AppData\Roaming\BitTorrent
2014-03-24 20:50 - 2014-03-24 20:47 - 258728440 _____ (Unigine Corp. ) C:\Users\DAUM\Downloads\Unigine_Heaven-4.0.exe
2014-03-24 20:47 - 2014-03-24 20:47 - 00019913 _____ () C:\Users\DAUM\Downloads\Unigine_Heaven-4.0.exe.torrent
2014-03-24 15:55 - 2014-03-24 15:55 - 03821624 _____ () C:\Users\DAUM\Downloads\battlelog-web-plugins_2.3.2_131.exe
2014-03-24 12:34 - 2014-03-24 12:34 - 00000000 ____D () C:\Users\DAUM\Downloads\pixelvision
2014-03-24 12:28 - 2013-08-24 19:29 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-03-23 23:37 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-03-23 02:03 - 2014-03-04 19:38 - 00023681 _____ () C:\Users\DAUM\Desktop\Mein Computer.xlsx
2014-03-23 00:29 - 2014-01-25 19:21 - 00012091 _____ () C:\Users\DAUM\Documents\TombRaider.log
2014-03-23 00:08 - 2014-01-04 16:08 - 00000000 ____D () C:\Users\DAUM\AppData\Local\Arma 3
2014-03-22 18:27 - 2014-03-22 18:27 - 11182376 _____ () C:\Users\DAUM\Downloads\redsn0w-0.9.6b6.zip
2014-03-22 13:57 - 2014-03-22 13:57 - 00000000 ____D () C:\Users\DAUM\AppData\Roaming\VOWSoft
2014-03-22 13:56 - 2014-03-22 13:56 - 05842096 _____ () C:\Users\DAUM\Downloads\ibackupbot_setup.exe
2014-03-22 01:17 - 2014-01-17 21:47 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-03-21 20:50 - 2014-03-21 17:45 - 00000000 ____D () C:\ProgramData\Acronis
2014-03-21 18:44 - 2014-03-03 06:55 - 00000000 ____D () C:\Windows\System32\Tasks\Norton Identity Safe
2014-03-21 17:46 - 2014-04-03 20:52 - 00000861 _____ () C:\Windows\system32\Drivers\etc\hosts.20140403-205245.backup
2014-03-21 17:46 - 2014-03-21 17:46 - 00000000 ____D () C:\Users\DAUM\AppData\Roaming\Acronis
2014-03-21 17:45 - 2014-03-21 17:45 - 01464096 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\tdrpman.sys
2014-03-21 17:45 - 2014-03-21 17:45 - 01120032 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\tib.sys
2014-03-21 17:45 - 2014-03-21 17:45 - 00367200 _____ (Acronis) C:\Windows\system32\Drivers\afcdp.sys
2014-03-21 17:45 - 2014-03-21 17:45 - 00269600 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\snapman.sys
2014-03-21 17:45 - 2014-03-21 17:45 - 00198432 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\tib_mounter.sys
2014-03-21 17:45 - 2014-03-21 17:45 - 00161568 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\vididr.sys
2014-03-21 17:45 - 2014-03-21 17:45 - 00117024 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\vidsflt.sys
2014-03-21 17:45 - 2014-03-21 17:45 - 00116000 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\fltsrv.sys
2014-03-21 17:45 - 2014-03-21 17:45 - 00001217 _____ () C:\Users\Public\Desktop\Acronis True Image 2014.lnk
2014-03-21 17:45 - 2014-03-21 17:45 - 00000000 ____D () C:\Program Files (x86)\Acronis
2014-03-21 00:29 - 2014-03-21 00:24 - 71259563 _____ () C:\Users\DAUM\Documents\dm_rilynn_rae.mp4
2014-03-20 20:31 - 2014-03-03 02:55 - 00000000 ____D () C:\Windows\system32\Drivers\NSTx64
2014-03-20 17:58 - 2013-08-25 20:29 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-03-20 00:05 - 2014-03-20 00:05 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2014-03-19 16:45 - 2014-03-19 16:45 - 00001795 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-03-19 16:45 - 2014-03-19 16:45 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-03-19 16:45 - 2014-03-19 16:45 - 00000000 ____D () C:\Program Files\iTunes
2014-03-19 16:45 - 2014-03-19 16:45 - 00000000 ____D () C:\Program Files\iPod
2014-03-19 16:45 - 2014-03-19 16:45 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-03-19 00:34 - 2014-03-19 00:32 - 00000000 ____D () C:\Users\DAUM\Downloads\Acronis True Image Home 2014 17.0 Build 6614
2014-03-18 18:04 - 2014-03-18 18:04 - 00316912 _____ () C:\Users\DAUM\Downloads\441280_intl_x64_zip.exe
2014-03-18 17:50 - 2014-03-18 17:50 - 04693832 _____ () C:\Users\DAUM\Downloads\441065_intl_x64_zip.exe
2014-03-18 15:03 - 2014-03-18 15:03 - 00613200 _____ (Chip Digital GmbH) C:\Users\DAUM\Downloads\HijackThis - CHIP-Downloader.exe
2014-03-18 00:31 - 2013-11-12 16:51 - 00000000 ____D () C:\Users\DAUM\Documents\Calibre-Bibliothek
2014-03-17 14:48 - 2014-03-17 14:48 - 00000000 ____D () C:\Users\DAUM\AppData\Local\Razer_Inc
2014-03-17 14:47 - 2014-03-17 14:47 - 00000000 ____D () C:\Users\DAUM\Documents\Razer
2014-03-17 14:47 - 2013-08-24 18:55 - 00000000 ____D () C:\Users\DAUM\AppData\Local\Razer
2014-03-17 14:45 - 2013-08-24 18:55 - 00000000 ____D () C:\ProgramData\Razer
2014-03-17 14:44 - 2014-03-17 14:43 - 41954352 _____ (Razer Inc. ) C:\Users\DAUM\Downloads\RazerGameBoosterSetup_4.2.45.0.exe
2014-03-16 11:28 - 2014-03-10 19:47 - 00000000 _____ () C:\Windows\system32\Drivers\lvuvc.hs
2014-03-13 01:02 - 2014-02-14 18:20 - 00000000 ____D () C:\Users\DAUM\Documents\Respawn
2014-03-12 22:49 - 2014-03-12 22:49 - 00000000 ____D () C:\Program Files (x86)\SplitMediaLabs
2014-03-12 22:45 - 2014-03-12 22:32 - 00000000 ____D () C:\Users\DAUM\Desktop\XSplit
2014-03-12 22:43 - 2013-08-25 22:17 - 00000000 __SHD () C:\Windows\SysWOW64\AI_RecycleBin
2014-03-12 22:38 - 2013-09-08 19:36 - 00000000 ____D () C:\Users\DAUM\AppData\Local\Microsoft Help
2014-03-12 22:35 - 2014-03-12 22:35 - 00000000 ____D () C:\Users\DAUM\AppData\Local\SplitMediaLabs
2014-03-12 22:34 - 2014-03-12 22:34 - 00000000 ____D () C:\ProgramData\SplitMediaLabs
2014-03-12 22:33 - 2014-03-12 22:33 - 00000000 ____D () C:\Users\DAUM\AppData\Roaming\SplitMediaLabs
2014-03-12 20:39 - 2014-03-12 20:31 - 00000000 ____D () C:\Users\DAUM\AppData\Roaming\FFsplit
2014-03-12 20:29 - 2013-09-08 19:46 - 00000000 ____D () C:\ProgramData\Package Cache
2014-03-12 20:29 - 2013-08-24 15:00 - 00000000 ____D () C:\Windows\SysWOW64\directx
2014-03-12 20:27 - 2014-03-12 20:27 - 08463565 _____ (FFsplit Team ) C:\Users\DAUM\Downloads\FFsplit-07023-Full.exe
2014-03-12 18:41 - 2013-10-14 17:42 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-12 18:41 - 2013-10-14 17:42 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-03-12 18:41 - 2009-07-14 06:45 - 00499368 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-12 07:53 - 2013-09-08 19:36 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-03-12 07:53 - 2013-08-24 16:30 - 00000000 ____D () C:\Windows\system32\MRT
2014-03-12 07:50 - 2013-08-24 16:30 - 90015360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-03-12 07:40 - 2013-08-24 15:03 - 01013448 _____ () C:\Windows\DirectX.log
2014-03-11 22:00 - 2013-08-24 19:15 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-11 22:00 - 2013-08-24 19:15 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-11 22:00 - 2013-08-24 19:15 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-03-11 20:12 - 2013-09-09 19:42 - 00000000 ____D () C:\Users\DAUM\AppData\Local\Skyrim
2014-03-11 19:04 - 2014-03-11 19:04 - 00081452 _____ () C:\Users\DAUM\Desktop\MAXIMILIAN-PC.txt
2014-03-11 14:50 - 2014-03-11 14:50 - 00000000 ____D () C:\Users\DAUM\AppData\Roaming\DivX
2014-03-11 09:08 - 2013-09-21 14:29 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-03-10 19:47 - 2014-03-10 19:47 - 00004098 _____ () C:\Windows\system32\lvcoinst.log
2014-03-10 19:47 - 2014-03-10 19:47 - 00000000 ____D () C:\Program Files\Common Files\logishrd
2014-03-10 17:12 - 2014-03-10 17:12 - 00000000 ____D () C:\Users\DAUM\AppData\Local\SMART_Technologies
2014-03-10 17:07 - 2014-03-10 17:07 - 00292328 _____ () C:\Windows\Minidump\031014-12807-01.dmp
2014-03-10 17:07 - 2013-10-08 17:20 - 808329160 _____ () C:\Windows\MEMORY.DMP
2014-03-10 17:07 - 2013-10-08 17:20 - 00000000 ____D () C:\Windows\Minidump
2014-03-10 16:58 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-03-10 16:56 - 2014-03-10 16:56 - 00292632 _____ () C:\Windows\Minidump\031014-12916-01.dmp
2014-03-10 15:41 - 2014-03-10 15:41 - 00000838 _____ () C:\Users\Public\Desktop\SeaTools for Windows.lnk
2014-03-10 15:40 - 2014-03-10 15:40 - 26771088 _____ () C:\Users\DAUM\Downloads\SeaToolsforWindowsSetup.exe
2014-03-10 15:14 - 2014-03-10 15:14 - 00000000 ____D () C:\Users\DAUM\AppData\Roaming\JAM Software
2014-03-10 15:13 - 2014-03-10 15:13 - 00000000 ____D () C:\ProgramData\Licenses
2014-03-10 15:13 - 2014-03-10 15:12 - 00000000 ____D () C:\Users\DAUM\Downloads\JAM Software TreeSize Professional v6.0.2.937 (x86-x64) Retail Incl Keygen-BRD [TorDigger]
2014-03-09 20:45 - 2014-03-09 20:45 - 00000000 ____D () C:\Users\DAUM\AppData\Local\Skype
2014-03-09 20:45 - 2013-08-24 19:53 - 00000000 ____D () C:\ProgramData\Skype
2014-03-09 16:49 - 2013-12-06 22:38 - 00000000 ____D () C:\Program Files\Nexus Mod Manager
2014-03-08 01:17 - 2013-11-19 17:04 - 00000000 ____D () C:\Users\DAUM\Documents\3DMark
2014-03-08 01:14 - 2013-12-26 18:39 - 00000022 _____ () C:\Windows\GPU-Z.INI
2014-03-08 00:53 - 2013-11-19 18:25 - 00000000 ____D () C:\Program Files (x86)\Futuremark
2014-03-06 23:53 - 2014-04-03 20:01 - 02925760 _____ (Sysinternals - www.sysinternals.com) C:\Users\DAUM\Desktop\procexp.exe
2014-03-05 09:26 - 2014-04-03 20:37 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-03-05 09:26 - 2014-04-03 20:37 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-03-05 09:26 - 2014-04-03 20:37 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys

Files to move or delete:
====================
C:\ProgramData\C__Users_DAUM_Downloads_Platinum Hide IP_Crack_PlatinumHideIP.exe


Some content of TEMP:
====================
C:\Users\DAUM\AppData\Local\Temp\MSND5D4.exe
C:\Users\DAUM\AppData\Local\Temp\sfamcc00001.dll
C:\Users\DAUM\AppData\Local\Temp\_is9443.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-03-31 15:49

==================== End Of Log ============================
         
--- --- ---

--- --- ---




Anmerkung: Da ich mit der vollkommenen Prozessauslastung nicht arbeiten kann, habe ich einen befreundeten Informatiker heute morgen um Rat gebeten. Er hat mir empfohlen, die einzelnen Prozesse innerhalb der svchost.exe, die so unglaublich viel Leistung verbrauchen mit dem als Admin gestarteten Process Explorer zu killen (ings. 8 an der Zahl). Gesagt, getan. Zwar ist die Auslastung dann wieder normal, doch die Anwendung ist weiterhin vorhanden und nach einem Systemneustart ist alles wieder bei 100%.
__________________

Alt 04.04.2014, 12:19   #4
Morgrain
 
Windows 7 - svchost.exe 100% CPU-Auslastung - Standard

Windows 7 - svchost.exe 100% CPU-Auslastung



Da der eine Post die maximale Länge der Zeichen überschritten hat:

Addition.txt
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-03-2014
Ran by DAUM at 2014-04-04 12:32:20
Running from C:\Users\DAUM\Desktop\PC retten
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Norton Internet Security (Enabled - Up to date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
AS: Norton Internet Security (Enabled - Up to date) {631E4324-D31C-783F-EC5C-35AD42B18466}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
FW: Norton Internet Security (Enabled) {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}

==================== Installed Programs ======================

3DMark (HKLM-x32\...\Steam App 223850) (Version:  - Futuremark)
Acronis True Image 2014 (HKLM-x32\...\{4A79A394-835A-49D7-8662-60643872DFF6}Visible) (Version: 17.0.6614 - Acronis)
Acronis True Image 2014 (x32 Version: 17.0.6614 - Acronis) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.8.0.870 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.8.0.870 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Reader X (10.1.8) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.8 - Adobe Systems Incorporated)
AI Suite II (HKLM-x32\...\{34D3688E-A737-44C5-9E2A-FF73618728E1}) (Version: 2.03.01 - ASUSTeK Computer Inc.)
AIDA64 Extreme v4.00 (HKLM-x32\...\AIDA64 Extreme_is1) (Version: 4.00 - FinalWire Ltd.)
Alan Wake (HKLM-x32\...\Steam App 108710) (Version:  - Remedy Entertainment)
Anno 2070 (HKLM-x32\...\Steam App 48240) (Version:  - BlueByte)
Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Application Profiles (HKLM-x32\...\{63059735-CA97-FDFB-0E7A-3B8D81572EFD}) (Version: 2.0.4888.34279 - Advanced Micro Devices, Inc.)
Arma 3 (HKLM-x32\...\Steam App 107410) (Version:  - Bohemia Interactive)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.14.3.0 - Asmedia Technology)
Asmedia ASM106x SATA Host Controller Driver (HKLM-x32\...\{61942EF5-2CD8-47D4-869C-2E9A8BB085F1}) (Version: 1.3.4.000 - Asmedia Technology)
Assassins Creed IV Black Flag (HKLM-x32\...\Uplay Install 273) (Version:  - Ubisoft)
ASUS Boot Setting (HKLM-x32\...\{7AAE9187-C24F-4073-A951-36C370E7A3A5}) (Version: 1.00.09 - ASUSTeK Computer Inc.)
ASUS Product Register Program (HKLM-x32\...\{C0B16F2E-3980-44F8-8CF4-F84696541FF7}) (Version: 1.0.018 - ASUSTek Computer Inc.)
ASUS WebStorage Sync Agent (HKLM-x32\...\ASUS WebStorage) (Version: 1.1.11.125 - ASUS Cloud Corporation)
ASUS Xonar D1 Audio Driver (HKLM\...\C-Media Oxygen HD Audio Driver) (Version:  - )
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.2.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.2 - EA Digital Illusions CE AB)
BitTorrent (HKCU\...\BitTorrent) (Version: 7.8.2.30332 - BitTorrent Inc.)
Blitzkrieg Mod (HKLM-x32\...\Blitzkrieg) (Version: 4.7.0.0 - Blitzkrieg Mod Team)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version:  - Gearbox Software)
calibre 64bit (HKLM\...\{52E45FA3-B1CE-4852-8E93-774BB3F4D468}) (Version: 1.25.0 - Kovid Goyal)
Call of Duty: Modern Warfare 2 - Multiplayer (HKLM-x32\...\Steam App 10190) (Version:  - Infinity Ward)
CINEMA 4D 14.042 (HKLM\...\MAXONF9512EDA) (Version: 14.042 - MAXON Computer GmbH)
Company of Heroes (New Steam Version) (HKLM-x32\...\Steam App 228200) (Version:  - Relic)
Company of Heroes 2 (HKLM-x32\...\Steam App 231430) (Version:  - Relic Entertainment)
CPUID CPU-Z 1.67.1 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
Crysis 2 Maximum Edition (HKLM-x32\...\Steam App 108800) (Version:  - Crytek Studios)
Crysis®3 (HKLM-x32\...\{4198AE83-A3C6-4C41-85C8-EC63E990696E}) (Version: 1.0.0.0 - Electronic Arts)
CyberLink PowerDVD 13 (HKLM-x32\...\InstallShield_{3CFDF154-7E60-4E98-A8DF-C693A4F8E6B6}) (Version: 13.0.3105.58 - CyberLink Corp.)
CyberLink PowerDVD 13 (x32 Version: 13.0.3105.58 - CyberLink Corp.) Hidden
DAEMON Tools Pro (HKLM-x32\...\DAEMON Tools Pro) (Version: 5.2.0.0348 - DT Soft Ltd)
Dark Souls: Prepare to Die Edition (HKLM-x32\...\Steam App 211420) (Version:  - FromSoftware)
DarthMod Napoleon (HKLM-x32\...\DarthMod Napoleon) (Version:  - )
Dawn of Fantasy: Kingdom Wars (HKLM-x32\...\Steam App 227180) (Version:  - Reverie World Studios)
DayZ (HKLM-x32\...\Steam App 221100) (Version:  - Bohemia Interactive)
Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{DC4BC0CC-A928-4C48-BA40-AC24784F46E5}) (Version:  - Microsoft)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
DisplayFusion (HKLM-x32\...\Steam App 227260) (Version:  - Binary Fortress Software)
DisplayFusion 5.1.1 (HKLM-x32\...\B076073A-5527-4f4f-B46B-B10692277DA2_is1) (Version: 5.1.1.0 - Binary Fortress Software)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.87 - DivX, LLC)
Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
Dungeon Defenders (HKLM-x32\...\Steam App 65800) (Version:  - Trendy Entertainment)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
EXPERTool v8.9 (HKLM-x32\...\{551D9481-9487-4D0C-9A1D-6BC3E7B6D991}_is1) (Version: 8.9.6.3 - Gainward Co. Ltd.)
Flixster (HKCU\...\404b9336c7552828) (Version: 2.0.0.233 - Flixster)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Futuremark SystemInfo (HKLM-x32\...\{EF7EA37B-C009-4D53-AE2A-FF7C6AEC35CE}) (Version: 4.26.386 - Futuremark)
Geeks3D FurMark 1.11.0 (HKLM-x32\...\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1) (Version:  - Geeks3D)
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
Ghost Recon Online (EU) (HKCU\...\d8be6c3f847d7d92) (Version: 1.34.1166.2 - Ubisoft)
GIMP 2.8.6 (HKLM\...\GIMP-2_is1) (Version: 2.8.6 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 33.0.1750.154 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.23.9 - Google Inc.) Hidden
Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version:  - NCsoft Corporation, Ltd.)
Heaven Benchmark version 4.0 (HKLM-x32\...\Unigine Heaven Benchmark (Basic Edition)_is1) (Version: 4.0 - Unigine Corp.)
Hide IP Easy (HKLM-x32\...\HideIPEasy) (Version: 5.1.6.6 - )
HP Deskjet 3050 J610 series - Grundlegende Software für das Gerät (HKLM\...\{3DF2B8CD-072D-49F5-BCF8-1DB86B0DF632}) (Version: 22.0.334.0 - Hewlett-Packard Co.)
HP Deskjet 3050 J610 series Hilfe (HKLM-x32\...\{F7632A9B-661E-4FD9-B1A4-3B86BC99847F}) (Version: 140.0.63.63 - Hewlett Packard)
HP Officejet Pro 8600 - Grundlegende Software für das Gerät (HKLM\...\{1241CE77-0B65-40A0-B893-02EA49E35332}) (Version: 25.0.619.0 - Hewlett-Packard Co.)
HP Update (HKLM-x32\...\{85DF2EED-08BC-46FB-90DA-28B0D0A8E8A8}) (Version: 5.003.000.004 - Hewlett-Packard)
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
iBackupBot 5.1.5 (HKLM-x32\...\iBackupBot) (Version: 5.1.5 - VOWSoft, Ltd.)
iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)
Imperial Civil War 2.0 (HKCU\...\Imperial Civil War 2.0) (Version:  - )
iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
LG ODD Auto Firmware Update (HKLM-x32\...\{6179550A-3E7C-499E-BCC9-9E8113E0A285}) (Version: 10.01.0712.01 - )
MagicTunePremium (HKLM-x32\...\{79E9C7C5-4FCC-4DFF-B79E-17319E9522F3}) (Version: 4.0.09 - Samsung Electronics Ltd.)
Malwarebytes Anti-Malware Version 2.00.0.1000 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.00.0.1000 - Malwarebytes Corporation)
MegaTrainer eXperience V1.2.1.6 (HKLM-x32\...\MegaTrainer eXperience_is1) (Version:  - )
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.30730.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office Access MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 32-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Outlook Hotmail Connector 64-Bit (HKLM\...\{95140000-0081-0407-1000-0000000FF1CE}) (Version: 14.0.6123.5001 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.40303 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.40308 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU (Version: 10.0.40303 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.40303 - Microsoft Corporation)
Might & Magic: Heroes VI (HKLM-x32\...\Steam App 48220) (Version:  - Blackhole)
MotioninJoy Gamepad tool 0.7.1001 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.7.1001 - www.motioninjoy.com)
MSI Afterburner 2.3.1 (HKLM-x32\...\Afterburner) (Version: 2.3.1 - MSI Co., LTD)
MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden
Natural Selection 2 (HKLM-x32\...\Steam App 4920) (Version:  - Unknown Worlds Entertainment)
NetLimiter 3 (HKLM-x32\...\NetLimiter 3 3.0.0.11) (Version: 3.0.0.11 - Locktime Software)
NetLimiter 3 (Version: 3.0.0.11 - Locktime Software) Hidden
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.48.2 - Black Tree Gaming)
Norton Identity Safe (HKLM-x32\...\NST) (Version: 2014.7.0.43 - Symantec Corporation)
Norton Internet Security (HKLM-x32\...\NIS) (Version: 21.2.0.38 - Symantec Corporation)
NVIDIA 3D Vision Controller-Treiber 335.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 335.21 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 335.23 - NVIDIA Corporation)
NVIDIA GeForce Experience 1.8.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.2 - NVIDIA Corporation)
NVIDIA Grafiktreiber 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 335.23 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.147.1067 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 11.10.11 (Version: 11.10.11 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3523 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 335.23 (Version: 335.23 - NVIDIA Corporation) Hidden
NVIDIA Update 11.10.11 (Version: 11.10.11 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 11.10.11 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.20 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
Opera Stable 20.0.1387.82 (HKLM-x32\...\Opera 20.0.1387.82) (Version: 20.0.1387.82 - Opera Software ASA)
Opera Stable 20.0.1387.91 (HKLM-x32\...\Opera 20.0.1387.91) (Version: 20.0.1387.91 - Opera Software ASA)
Orcs Must Die! 2 (HKLM-x32\...\Steam App 201790) (Version:  - Robot Entertainment)
Origin (HKLM-x32\...\Origin) (Version: 9.3.6.4643 - Electronic Arts, Inc.)
ORION: Dino Horde (HKLM-x32\...\Steam App 104900) (Version:  - Spiral Game Studios)
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.7 - Pando Networks Inc.)
PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version:  - OVERKILL - a Starbreeze Studio.)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Rainmeter (HKLM-x32\...\Rainmeter) (Version: 3.0 r2116 - )
Razer Game Booster (HKLM-x32\...\Razer Game Booster_is1) (Version: 4.2.45.0 - Razer Inc.)
Razer Synapse 2.0 (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.17.22 - Razer Inc.)
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM-x32\...\RealPlayer 15.0) (Version: 15.0.5 - RealNetworks)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.61.612.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6699 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Republic at War 1.1.5 (HKLM-x32\...\{1F3630F5-C636-49FF-9BF0-F9E2A221E60B}) (Version: 1.1.5 - Republic at War Modding Team)
ROCCAT Ryos Keyboard Driver (HKLM-x32\...\{70F3EF93-44F4-446A-90B8-33DAB2799AF1}) (Version: 1.27.0000 - Roccat GmbH)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 4.3.0 - Samsung Electronics)
Sanctum (HKLM-x32\...\Steam App 91600) (Version:  - Coffee Stain Studios)
Sanctum 2 (HKLM-x32\...\Steam App 210770) (Version:  - Coffee Stain Studios)
SeaTools for Windows (HKLM-x32\...\SeaTools for Windows) (Version:  - Seagate Technology)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version:  - Microsoft) Hidden
SHIELD Streaming (Version: 1.7.306 - NVIDIA Corporation) Hidden
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
SMART Common Files (HKLM-x32\...\{26A95DBF-A866-4838-A8C9-FA219FCBD22E}) (Version: 11.5.159.0 - SMART Technologies ULC)
SMART German Language Pack (HKLM-x32\...\{8F98EED9-2AB7-4B92-B37F-70C6877C1783}) (Version: 11.4.27.0 - SMART Technologies ULC)
SMART Ink (HKLM-x32\...\{5ABC49B5-D0DC-428D-A082-4AEFF6490F04}) (Version: 2.0.721.0 - SMART Technologies ULC)
SMART Notebook (HKLM-x32\...\{79660EE7-9C0B-4962-B566-2693FE34719D}) (Version: 11.4.564.0 - SMART Technologies ULC)
SMART Produkttreiber (HKLM-x32\...\{53330A17-78DE-458E-9997-292A2D6D3ADD}) (Version: 11.4.479.0 - SMART Technologies ULC)
Smart Technology Programming Software 7.0.27.13 (HKLM\...\{C9193CBB-C31A-412A-A074-AD08F0F2CF3D}) (Version: 7.0.27.13 - Mad Catz)
Smart Technology Volume Tracker 7.0.23.0 (HKLM\...\{7C2F1B90-E6E6-4ECF-B626-4545CF6EEB2D}) (Version: 7.0.23.0 - Mad Catz)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.2.25 - Safer-Networking Ltd.)
SSDlife Free (HKLM-x32\...\{F371CE3B-8994-44E3-9518-92B22EE4A7FF}) (Version: 2.3.56 - BinarySense Inc.)
Star Wars Empire at War (HKLM-x32\...\{99AE7207-8612-4DBA-A8F8-BAE5C633390D}) (Version: 1.0 - LucasArts)
Star Wars Empire at War Forces of Corruption (HKLM-x32\...\{6592FDEC-2C1A-413A-9985-25FEC2F0848D}) (Version: 1.0 - LucasArts)
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.11 - TeamSpeak Systems GmbH)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version:  - TechPowerUp)
teXXas (HKLM-x32\...\{F3DCD04C-BE9C-408C-BC8C-B77AF972DBC2}) (Version: 1 - metaspinner net GmbH)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
The Walking Dead (HKLM-x32\...\Steam App 207610) (Version:  - )
Thief (HKLM-x32\...\Steam App 239160) (Version:  - Eidos-Montréal)
Titanfall™ (HKLM-x32\...\{347EE0C3-0690-48F6-A231-53853C2A80D6}) (Version: 1.0.0.3 - Electronic Arts)
Tom Clancy's Splinter Cell® Blacklist™ (HKLM-x32\...\{A6356F2F-D3E1-4D83-9AA2-72871DD0C298}) (Version: 1.00.1000 - Ubisoft)
Tomb Raider (HKLM-x32\...\Steam App 203160) (Version:  - Crystal Dynamics)
Total War: ROME II (HKLM-x32\...\Steam App 214950) (Version:  - Creative Assembly)
TreeSize Professional V6.0.2 (64 bit) (HKLM\...\TreeSize Professional_is1) (Version: 6.0.2 - JAM Software)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
Update for Microsoft Access 2010 (KB2553446) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{FEF4C57D-0975-4D3C-ACC7-DCD038C3788F}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2837594) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{99A0DB9A-71FC-4F98-BC1F-78A18195C677}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{DB0B0CDF-77EC-47B0-94E2-4738573A1E58}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817396) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{1AA82E2E-7DB7-4C70-910C-BBB657A6B3A5}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{79C725A1-3964-421C-A528-78C1C083C7C7}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{95BE5D45-A3DD-4CB1-8C35-D75DD7B4D862}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{95BE5D45-A3DD-4CB1-8C35-D75DD7B4D862}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{EBD18DE5-BC84-4B57-9A30-097044871F9A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{4AD36582-256B-433D-8593-F31773A15CA4}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{4AD36582-256B-433D-8593-F31773A15CA4}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F216169C-2B40-429B-8370-B5BA06EC5423}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F216169C-2B40-429B-8370-B5BA06EC5423}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{B6AD7E27-012A-4B63-82BA-AF62893E5435}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{07DC9C6C-E916-4F42-8677-716930ED0393}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{43F59F4D-7179-497E-BE99-BC6F7D1DDCBA}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 64-Bit Edition (HKLM\...\{90140000-0044-0407-1000-0000000FF1CE}_Office14.PROPLUS_{43F59F4D-7179-497E-BE99-BC6F7D1DDCBA}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 64-Bit Edition (HKLM\...\{90140000-001F-0407-1000-0000000FF1CE}_Office14.PROPLUS_{64D96F30-CF4C-4CCE-AAF2-F8909348BF35}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 64-Bit Edition (HKLM\...\{90140000-001F-040C-1000-0000000FF1CE}_Office14.PROPLUS_{9F6507AC-7D8F-46C1-B90F-59C7828E0E0D}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2863818) 64-Bit Edition (HKLM\...\{90140000-001F-0409-1000-0000000FF1CE}_Office14.PROPLUS_{A9C4BE58-07E0-473D-AE68-ECBA13FBF77E}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878225) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{8A6BDA63-4D23-4485-A466-8979E10BCF49}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878225) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{8A6BDA63-4D23-4485-A466-8979E10BCF49}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{3029C408-1DD1-4273-8E58-87CB1B638FC8}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{3029C408-1DD1-4273-8E58-87CB1B638FC8}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{DDDC32A5-9528-4771-B91A-97A8E1D7957B}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 64-Bit Edition (HKLM\...\{90140000-001A-0407-1000-0000000FF1CE}_Office14.PROPLUS_{6164E0E5-C903-488C-93AF-1B7AF7EBC331}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2553145) 64-Bit Edition (HKLM\...\{90140000-0018-0407-1000-0000000FF1CE}_Office14.PROPLUS_{BEA3259E-14B5-4D89-87FF-ED9F1D0D81C8}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2775360) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{BE1D254A-E5CD-4E76-9BE8-7B2E5FDBA6AF}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{77374F16-2DC6-4EEF-AFAD-C59FDA2E010D}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{77374F16-2DC6-4EEF-AFAD-C59FDA2E010D}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2878227) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{04DED3FB-DDB2-4C1E-A057-2A1FB97BE42D}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2810066) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{DF33B92A-5381-4F03-AB54-2D67086B357E}) (Version:  - Microsoft)
Update for Microsoft Word 2010 (KB2837593) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{A82E26EF-680E-427D-B7D0-FD7997DDC217}) (Version:  - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 4.0 - Ubisoft)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Vegas Pro 12.0 (64-bit) (HKLM\...\{A7500970-FE98-11E1-B560-F04DA23A5C58}) (Version: 12.0.367 - Sony)
VLC media player 2.1.1 (HKLM\...\VLC media player) (Version: 2.1.1 - VideoLAN)
WhoreCraft (HKLM-x32\...\WhoreCraft1.6.1r) (Version: 1.6.1r - DaemiaCo)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
XSplit (HKLM-x32\...\{AEDFE02E-FDDB-40A5-B5A9-5F955A75693F}) (Version: 1.2.1301.1501 - SplitMediaLabs)

==================== Restore Points  =========================


==================== Hosts content: ==========================

2009-07-14 04:34 - 2014-04-03 21:27 - 00001048 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {003D4CAA-CE23-49FF-8692-BAD5BFA91270} - System32\Tasks\{5234D442-AAD1-41E6-822D-A82B97E9D40F} => C:\Program Files (x86)\Origin Games\Mass Effect\Binaries\MassEffectConfig.exe
Task: {021649D7-F09B-4E92-8EA3-62A20B9DE198} - System32\Tasks\GUpdater => C:\Windows\SysWOW64\MSUPDA~1.EXE [2009-07-14] ()
Task: {16EDD2EB-94DD-4383-A6A8-FF87249EE933} - System32\Tasks\{C1EE04AF-810D-40F6-95F3-BBD7711E5F74} => C:\Program Files (x86)\Origin Games\Mass Effect\Binaries\MassEffect.exe
Task: {2063CD5D-2468-49F9-8F30-971EA1FC0668} - System32\Tasks\ASUS\ASUS WiFi GO! Server Execute => C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\WiFi GO! Server.exe [2012-07-12] (ASUSTeK Computer Inc.)
Task: {27830D8B-7375-4EDA-94BE-B01405328708} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-11] (Adobe Systems Incorporated)
Task: {29B8C5B1-3862-47DA-B218-1A013FD7B228} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDImmunize.exe
Task: {3160DF95-D349-4FF8-8072-1D51C5CF1AED} - System32\Tasks\ASUS\ASUS Network iControl Help Execute => C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\NetSvcHelpEntry.exe [2012-05-02] (ASUSTeK Computer Inc.)
Task: {3D59E6D2-FEF3-4546-9E70-5213082822F6} - System32\Tasks\Norton Identity Safe\Norton Error Analyzer => C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.0.43\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {41A17B70-BDFC-48B8-8767-6017FD5C87F8} - System32\Tasks\{D724B38D-1629-4150-B2F7-D2D7E762831F} => C:\Program Files (x86)\Origin Games\Mass Effect\Binaries\MassEffect.exe
Task: {43857CD2-7F81-41DE-8826-A695D5F8E0A8} - System32\Tasks\{B19A9C4B-AC1E-46A8-863E-0B83AD6DCC4C} => C:\Program Files (x86)\Origin Games\Mass Effect\Binaries\MassEffect.exe
Task: {458C0055-E1B6-41FB-953F-BB8A4E48BBB6} - System32\Tasks\{D99F17A8-2A4B-4C5C-80E0-66EAE590FF19} => C:\Program Files (x86)\Origin Games\Mass Effect\Binaries\MassEffect.exe
Task: {5109AF0B-ADEF-49A3-9CBF-8D1A5C2E4018} - System32\Tasks\{E8507327-F68D-4338-BE01-3CE17868565B} => C:\Program Files (x86)\Origin Games\Mass Effect\Binaries\MassEffect.exe
Task: {591EA938-0451-4853-A1C3-3E62938E2B75} - System32\Tasks\Norton Identity Safe\Norton Error Processor => C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.0.43\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {5A77FF45-FDEF-4A0D-AFA1-A2DBF1B1F491} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\21.2.0.38\WSCStub.exe [2014-03-12] (Symantec Corporation)
Task: {5AD62440-1543-4015-B750-E4E24D18E8A6} - System32\Tasks\{84B4610C-0745-4E3E-92EF-4AEC4E66DD01} => C:\Program Files (x86)\Origin Games\Mass Effect\Binaries\MassEffect.exe
Task: {5C7475D2-E929-444A-9393-7DE49E120C5E} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDScan.exe
Task: {746D8B85-4A87-4B82-9805-A8D4AF6D92ED} - System32\Tasks\{9ADD0CF3-090E-4951-B978-ADCAEEE26D2E} => C:\Program Files (x86)\Origin Games\Mass Effect\Binaries\MassEffect.exe
Task: {82B68951-5E7A-44C9-89DD-48923AAAFA76} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {8433152A-7CB6-4754-B607-D1CB42E790B3} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-2263915838-1270488654-868256476-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2012-06-21] (RealNetworks, Inc.)
Task: {894F7E8D-E3BE-4B98-ACA8-2D20861D61ED} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-24] (Google Inc.)
Task: {898B598E-445D-4D6F-B757-FB7292A044F3} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\21.2.0.38\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {8EFE9100-76B9-492C-9445-8FA34F8A0B1E} - System32\Tasks\ASUS\USB 3.0 Boost Service => C:\Program Files (x86)\ASUS\AI Suite II\USB 3.0 Boost\U3BoostSvr.exe [2011-09-09] ()
Task: {90CE624F-75A8-415F-978B-74BBF0D94069} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDUpdate.exe
Task: {9CB121E1-FDCE-4F55-9BE2-15EC653BAF9D} - System32\Tasks\{0E109B44-C0BD-434F-A013-511D907734C3} => C:\Program Files (x86)\Origin Games\Mass Effect\Binaries\MassEffect.exe
Task: {9DE923FC-1339-48E6-B15D-D1D0DCF19839} - System32\Tasks\{CD6D408F-1DB4-4C0E-A825-7BB6B0BAA5DA} => C:\Program Files (x86)\Origin Games\Mass Effect\Binaries\MassEffect.exe
Task: {A197B463-3275-4B57-8348-896C7A2BFB10} - System32\Tasks\{1D5EAB56-EE1A-4CB0-8C5A-AAAB80A2BFF2} => C:\Program Files (x86)\Origin Games\Mass Effect\Binaries\MassEffect.exe
Task: {AE222505-A05A-44D5-A443-547E1AEFBBC0} - System32\Tasks\{DC824A3F-E8FD-4F31-AD46-EA11A5BD2DD4} => C:\Program Files (x86)\Origin Games\Mass Effect\Binaries\MassEffect.exe
Task: {B2B0A66D-466E-4B50-BFDF-2EFD3C3C5FE5} - System32\Tasks\{DAF06AD9-E83B-4369-8BC5-B7289006E0B1} => C:\Program Files (x86)\Origin Games\Mass Effect\Binaries\MassEffect.exe
Task: {B38D5AD0-38BA-4915-9973-821D22D7F490} - System32\Tasks\ASUS\ASUS DigiPowerControl Help => C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ Power Control\PowerControlHelp.exe [2012-08-14] (ASUSTeK Computer Inc.)
Task: {B66548E9-C347-48BE-AF11-40FF72B6C9F4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-24] (Google Inc.)
Task: {BF409C56-7808-481A-9F61-4D21AF7A69FB} - System32\Tasks\{98618293-B474-4B12-A0C4-394898C833C7} => C:\Program Files (x86)\Origin Games\Mass Effect\Binaries\MassEffect.exe
Task: {C2C99F0E-F1E1-4676-A29F-260462727F9A} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\21.2.0.38\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {C5A21349-5C6B-4DF9-B703-C2F9A27E44FF} - System32\Tasks\{7899D426-3F89-47AA-9D71-5A0AB5DF7706} => C:\Program Files (x86)\Origin Games\Mass Effect\Binaries\MassEffect.exe
Task: {DE711DBC-F209-4B85-84B4-CCBFF294F359} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-2263915838-1270488654-868256476-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2012-06-21] (RealNetworks, Inc.)
Task: {EC430E55-CEB0-4D8E-8DEE-A22889FCB161} - System32\Tasks\{B29076AD-F042-458D-9136-CC3F9DD43B04} => C:\Program Files (x86)\Origin Games\Mass Effect\Binaries\MassEffect.exe
Task: {F52B51EC-5BD8-4A8F-9D07-EBD9B3CEFB5C} - System32\Tasks\{DDA793E7-1032-4AC9-B271-C957E01AB7B0} => C:\Program Files (x86)\Origin Games\Mass Effect\Binaries\MassEffect.exe
Task: {F7633DFC-196E-4CE2-B85A-9428F79FFE10} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [2013-01-23] ()
Task: {F93E598F-7527-47E2-B75E-A2B8CC40581D} - System32\Tasks\{A59B471F-BBF4-4A75-863F-6A3AF0AF6895} => C:\Program Files (x86)\Origin Games\Mass Effect\Binaries\MassEffect.exe
Task: {FB2C543B-FF8C-482C-9010-2866530DEA08} - System32\Tasks\ASUS\ASUS AI Suite II Execute => C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe [2012-03-13] (ASUSTeK Computer Inc.)
Task: {FD0FAEAE-4A20-46AF-ABED-52EE9E78C58C} - System32\Tasks\{388555CC-F48D-42B0-A4B6-18B51E95160E} => C:\Program Files (x86)\Origin Games\Mass Effect\Binaries\MassEffect.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-11-30 15:35 - 2014-03-04 15:05 - 00116056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-10-01 11:26 - 2013-10-01 11:26 - 02810968 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll
2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2012-06-01 11:42 - 2012-06-01 11:42 - 00920736 ____N () C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
2013-08-24 16:02 - 2008-07-11 16:03 - 00282112 ____N () C:\Windows\system\HsMgr64.exe
2013-08-24 16:02 - 2008-07-11 16:04 - 00200704 ____N () C:\Windows\SysWOW64\HsMgr.exe
2013-12-31 21:43 - 2013-12-31 21:43 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2013-12-20 00:20 - 2014-01-21 04:56 - 00093472 _____ () C:\Program Files\NVIDIA Corporation\ShadowPlay\gamecaster64.dll
2013-12-20 00:20 - 2014-01-21 04:56 - 00874784 _____ () C:\Program Files\NVIDIA Corporation\ShadowPlay\twitchsdk64.dll
2013-08-24 18:45 - 2013-03-01 17:44 - 00763856 _____ () I:\Core Temp.exe
2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-01-20 14:16 - 2014-01-20 14:16 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-08-24 14:22 - 2014-04-04 12:23 - 00035840 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\PEbiosinterface32.dll
2013-08-24 14:21 - 2010-06-29 04:58 - 00104448 ____N () C:\Program Files (x86)\ASUS\AXSP\1.00.19\ATKEX.dll
2013-08-24 14:24 - 2012-05-02 18:04 - 00233472 ____N () C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\AudioProjection.dll
2013-08-24 14:24 - 2010-12-14 17:46 - 00067584 ____N () C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\CoreAudioCap.dll
2013-08-24 14:24 - 2012-06-22 13:32 - 00184320 ____N () C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\DLCapPP.dll
2013-08-24 14:24 - 2011-08-09 14:52 - 00425984 ____N () C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\awiscale.DLL
2013-08-24 14:24 - 2012-01-12 16:44 - 00475136 ____N () C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\WiFiGO_HookKey.dll
2013-08-24 14:24 - 2012-04-20 16:24 - 00716800 ____N () C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\WiMoveHelp.dll
2013-08-24 14:24 - 2012-04-25 14:47 - 00659456 ____N () C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\PhoneCtrlAPI.dll
2013-08-24 14:24 - 2012-08-03 10:41 - 00043520 ____N () C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\HookKey32.dll
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2014-04-03 20:00 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2014-04-03 20:00 - 2013-05-16 10:55 - 00113496 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2014-04-03 20:00 - 2013-05-16 10:55 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2014-04-03 20:00 - 2013-05-16 10:55 - 00161112 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2014-04-03 20:00 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2013-08-24 14:24 - 2012-08-03 16:40 - 00253952 ____N () C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\pngio.dll
2009-07-14 01:27 - 2009-07-14 03:39 - 00212480 _____ () C:\Windows\SysWOW64\libcurl-4.dll
2009-07-14 01:27 - 2009-07-14 03:39 - 00112640 _____ () C:\Windows\SysWOW64\zlib1.dll
2013-08-24 14:22 - 2011-07-12 19:14 - 00147456 _____ () C:\Program Files (x86)\ASUS\AI Suite II\AssistFunc.dll
2013-08-24 14:22 - 2010-10-05 08:22 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite II\pngio.dll
2013-08-24 14:23 - 2011-09-26 19:36 - 00869376 ____N () C:\Program Files (x86)\ASUS\AI Suite II\AI Charger+\AIChargerPlus.dll
2013-08-24 14:22 - 2012-10-08 17:07 - 00972288 _____ () C:\Program Files (x86)\ASUS\AI Suite II\BarGadget\BarGadget.dll
2013-08-24 14:22 - 2013-05-08 16:22 - 01040896 _____ () C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\EasyUpdt.dll
2013-08-24 14:23 - 2012-06-19 12:56 - 01305600 ____N () C:\Program Files (x86)\ASUS\AI Suite II\MyLogo\MyLogo.dll
2013-08-24 14:23 - 2012-08-14 11:14 - 01123840 ____N () C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\Network iControl.dll
2013-08-24 14:24 - 2012-07-20 09:39 - 01047040 ____N () C:\Program Files (x86)\ASUS\AI Suite II\Probe_II\ProbeII.dll
2013-08-24 14:24 - 2012-07-10 17:55 - 01625600 ____N () C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\WiFiGO.dll
2013-08-24 14:22 - 2013-04-15 14:19 - 00883712 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Sensor\Sensor.dll
2013-08-24 14:22 - 2012-05-28 21:27 - 01622528 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Sensor Graph\SensorGraph.dll
2013-08-24 14:22 - 2011-09-19 20:18 - 01243136 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Settings\Settings.dll
2013-08-24 14:22 - 2011-07-21 09:06 - 00846848 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Splitter\Splitter.dll
2013-08-24 14:22 - 2012-08-29 18:09 - 00875520 _____ () C:\Program Files (x86)\ASUS\AI Suite II\TabGadget\TabGadget.dll
2013-08-24 14:22 - 2010-08-23 04:17 - 00662016 ____R () C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMLib.dll
2013-08-24 14:22 - 2010-10-05 08:22 - 00208896 _____ () C:\Program Files (x86)\ASUS\AI Suite II\ImageHelper.dll
2013-08-24 14:25 - 2012-01-19 09:39 - 00028672 ____N () C:\Program Files (x86)\ASUS\AI Suite II\USB BIOS Flashback\PEInfo.dll
2013-08-24 14:25 - 2010-09-23 11:51 - 00114688 ____N () C:\Program Files (x86)\ASUS\AI Suite II\USB BIOS Flashback\AsIdxParser.dll
2013-08-24 14:25 - 2010-02-25 14:01 - 00139264 ____N () C:\Program Files (x86)\ASUS\AI Suite II\USB BIOS Flashback\Aszip.dll
2013-08-24 14:22 - 2009-08-12 20:15 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\pngio.dll
2014-03-15 21:50 - 2014-03-15 02:50 - 00051016 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\chrome_elf.dll
2014-03-15 21:50 - 2014-03-15 02:50 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\libglesv2.dll
2014-03-15 21:50 - 2014-03-15 02:50 - 00100168 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\libegl.dll
2014-03-15 21:50 - 2014-03-15 02:50 - 04061000 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\pdf.dll
2014-03-15 21:50 - 2014-03-15 02:50 - 00394568 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\ppGoogleNaClPluginChrome.dll
2014-03-15 21:50 - 2014-03-15 02:50 - 01647432 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\ffmpegsumo.dll
2013-09-14 02:51 - 2013-09-14 02:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\zlib1.dll
2013-09-14 02:50 - 2013-09-14 02:50 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\libxml2.dll
2013-10-24 18:06 - 2013-10-24 18:06 - 00028992 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\thread_pool.dll
2013-10-24 18:09 - 2013-10-24 18:09 - 00420160 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\ulxmlrpcpp.dll
2013-10-01 12:00 - 2013-10-01 12:00 - 00022336 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\ti_managers_proxy_stub.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\Temp:6DAA43DB

==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============

MSCONFIG\Services: AcrSch2Svc => 2
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^GammaTray.exe.lnk => C:\Windows\pss\GammaTray.exe.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^DAUM^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Samsung Magician.lnk => C:\Windows\pss\Samsung Magician.lnk.Startup
MSCONFIG\startupreg: Acronis Scheduler2 Service => "C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe"
MSCONFIG\startupreg: AcronisTibMounterMonitor => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
MSCONFIG\startupreg: Akamai NetSession Interface => "C:\Users\DAUM\AppData\Local\Akamai\netsession_win.exe"
MSCONFIG\startupreg: amd_dc_opt => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
MSCONFIG\startupreg: ApplePhotoStreams => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
MSCONFIG\startupreg: ASUS AiChargerPlus Execute => C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe
MSCONFIG\startupreg: ASUSWebStorage => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.11.125\AsusWSPanel.exe /S
MSCONFIG\startupreg: BDRegion => C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
MSCONFIG\startupreg: Bing Bar => "C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\mswinext.exe"
MSCONFIG\startupreg: BitTorrent => "C:\Users\DAUM\AppData\Roaming\BitTorrent\BitTorrent.exe"  /MINIMIZED
MSCONFIG\startupreg: CLMLServer => "E:\Power2Go\CLMLSvc.exe"
MSCONFIG\startupreg: Cmaudio8788 => C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\cmicnfgp.dll,CMICtrlWnd
MSCONFIG\startupreg: DAEMON Tools Pro Agent => "E:\Programme\DAEMON Tools Pro\DTAgent.exe" -autorun
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: HP Officejet Pro 8600 (NET) => "C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe" -deviceID "CN2ABBXGX905KC:NW" -scfn "HP Officejet Pro 8600 (NET)" -AutoStart 1
MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: iCloudServices => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: LGODDFU => E:\PowerDVD\lgfw.exe blrun
MSCONFIG\startupreg: MagicTuneEngine => C:\Program Files\MagicTune Premium\MagicTuneLauncher.exe
MSCONFIG\startupreg: NetLimiter => C:\Program Files\NetLimiter 3\NLClientApp.exe /tray
MSCONFIG\startupreg: Platinum Hide IP => C:\Program Files (x86)\PlatinumHideIP\PlatinumHideIP.exe
MSCONFIG\startupreg: PowerDVD13Agent => "C:\Program Files (x86)\CyberLink\PowerDVD13\PowerDVD13Agent.exe"
MSCONFIG\startupreg: ProfilerU => C:\Program Files\SmartTechnology\Software\ProfilerU.exe
MSCONFIG\startupreg: RTHDVCPL => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
MSCONFIG\startupreg: SaiMfd => C:\Program Files\SmartTechnology\Software\SaiMfd.exe
MSCONFIG\startupreg: SaiVolume => C:\Program Files\Saitek\VolumeTracker\SaiVolume.exe
MSCONFIG\startupreg: sbsdk-server => "E:\Programme\SMART Technologies\Education Software\sbsdk-server\NodeLauncher.exe"
MSCONFIG\startupreg: SDTray => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
MSCONFIG\startupreg: SMART Board Service => "E:\Programme\SMART Technologies\Education Software\SMARTBoardService.exe" -d
MSCONFIG\startupreg: SMART Ink => "E:\Programme\SMART Technologies\Education Software\SMARTInk.exe" -a
MSCONFIG\startupreg: SMARTNotification => "E:\Programme\SMART Technologies\Education Software\SMARTNotification.exe"
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\Steam.exe" -silent
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: TkBellExe => "C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot
MSCONFIG\startupreg: TrueImageMonitor.exe => "C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe"
MSCONFIG\startupreg: UpdatePPShortCut => "E:\PowerProducer\MUITransfer\MUIStartMenu.exe" "E:\PowerProducer" update "Software\CyberLink\PowerProducer\5.0"

==================== Faulty Device Manager Devices =============

Name: SMART Virtual TabletPC
Description: SMART Virtual TabletPC
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: SMART Technologies ULC
Service: SMARTVTabletPCx64
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: AODDriver4.2.0
Description: AODDriver4.2.0
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: AODDriver4.2.0
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: SMART Virtual TabletPC
Description: SMART Virtual TabletPC
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: SMART Technologies ULC
Service: SMARTVTabletPCx64
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (04/03/2014 07:08:29 PM) (Source: Steam Client Service) (User: )
Description: Error: Failed to poke open firewall

Error: (04/03/2014 05:05:41 PM) (Source: Steam Client Service) (User: )
Description: Error: Failed to poke open firewall

Error: (04/03/2014 00:36:21 PM) (Source: Bonjour Service) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 24

Error: (04/03/2014 00:36:21 PM) (Source: Bonjour Service) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 23

Error: (04/03/2014 00:36:21 PM) (Source: Bonjour Service) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 22

Error: (04/03/2014 00:36:21 PM) (Source: Bonjour Service) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 21

Error: (04/03/2014 00:36:21 PM) (Source: Bonjour Service) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 20

Error: (04/03/2014 00:36:21 PM) (Source: Bonjour Service) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 19

Error: (04/03/2014 00:36:21 PM) (Source: Bonjour Service) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 18

Error: (04/03/2014 00:36:21 PM) (Source: Bonjour Service) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 17


System errors:
=============
Error: (04/04/2014 00:24:57 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler beendet: 
%%-2140993535

Error: (04/04/2014 00:24:57 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%-2140993535

Error: (04/04/2014 00:24:57 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler beendet: 
%%-2140993535

Error: (04/04/2014 00:24:57 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%-2140993535

Error: (04/04/2014 00:24:57 PM) (Source: PNRPSvc) (User: )
Description: 0x80630801

Error: (04/04/2014 00:24:57 PM) (Source: PNRPSvc) (User: )
Description: 0x80630801

Error: (04/04/2014 00:24:46 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%-2140993535

Error: (04/04/2014 00:24:46 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler beendet: 
%%-2140993535

Error: (04/04/2014 00:24:46 PM) (Source: PNRPSvc) (User: )
Description: 0x80630801

Error: (04/04/2014 00:24:36 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "AsusFanControlService" wurde nicht richtig gestartet.


Microsoft Office Sessions:
=========================
Error: (04/03/2014 07:08:29 PM) (Source: Steam Client Service)(User: )
Description: Failed to poke open firewall

Error: (04/03/2014 05:05:41 PM) (Source: Steam Client Service)(User: )
Description: Failed to poke open firewall

Error: (04/03/2014 00:36:21 PM) (Source: Bonjour Service)(User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 24

Error: (04/03/2014 00:36:21 PM) (Source: Bonjour Service)(User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 23

Error: (04/03/2014 00:36:21 PM) (Source: Bonjour Service)(User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 22

Error: (04/03/2014 00:36:21 PM) (Source: Bonjour Service)(User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 21

Error: (04/03/2014 00:36:21 PM) (Source: Bonjour Service)(User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 20

Error: (04/03/2014 00:36:21 PM) (Source: Bonjour Service)(User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 19

Error: (04/03/2014 00:36:21 PM) (Source: Bonjour Service)(User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 18

Error: (04/03/2014 00:36:21 PM) (Source: Bonjour Service)(User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 17


CodeIntegrity Errors:
===================================
  Date: 2014-02-01 11:19:57.629
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-02-01 11:12:33.098
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-02-01 09:25:11.007
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-02-01 09:16:43.142
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-01-31 23:12:30.341
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-01-31 23:04:44.954
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-01-31 18:28:30.489
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-01-31 13:40:38.118
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-01-31 13:26:49.923
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-01-31 06:46:16.001
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Percentage of memory in use: 35%
Total physical RAM: 8108.34 MB
Available physical RAM: 5268.5 MB
Total Pagefile: 16214.87 MB
Available Pagefile: 12999.95 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: (SSD mit Win7) (Fixed) (Total:232.79 GB) (Free:31.93 GB) NTFS
Drive e: (1 TB) (Fixed) (Total:931.51 GB) (Free:545.4 GB) NTFS
Drive h: (Bilder und Videos) (Fixed) (Total:269.41 GB) (Free:8.99 GB) NTFS
Drive i: (Persönliche Dokumente) (Fixed) (Total:28.68 GB) (Free:13.45 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 233 GB) (Disk ID: E5039E8E)

Partition: GPT Partition Type.

========================================================
Disk: 1 (Size: 298 GB) (Disk ID: CC00E707)

Partition: GPT Partition Type.

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: F1E51BF1)

Partition: GPT Partition Type.

==================== End Of Log ============================
         
Hallo,

ComboFix gibt mir die Fehlermeldung, dass die Real-Time-Scanner "Norton Internet Security" und "Spybot : Search and Destroy" noch immer aktiv seien. Bei Norton habe ich aber (Rechtsklick auf das Norton Symbol) die intelligente Firewall deaktiviert und Spybot habe ich beendet. Norton lässt sich aber nicht vollkommen schließen, da es als Prozess im Hintergrund weiter aktiv ist und ich (auch als Admin) nicht die Berechtigung habe, diesen Prozess zu beenden.

Edit: Ich sehe grade, dass Du Deinen (Schrauber?) Post bezüglich der Anweisung zu ComboFix gelöscht hast, hat das einen bestimmten Grund?

Geändert von Morgrain (04.04.2014 um 12:18 Uhr)

Alt 05.04.2014, 10:37   #5
schrauber
/// the machine
/// TB-Ausbilder
 

Windows 7 - svchost.exe 100% CPU-Auslastung - Standard

Windows 7 - svchost.exe 100% CPU-Auslastung



ehm, ich habe hier nix bezüglich Combofix gepostet. Ich schaue gerade zum ersten Mal in das Thema seit der Anweisung FRST laufen zu lassen.

Wie kommst du darauf?


Bitte mal mit dem Process Explorer vor die svchost, die so viel braucht, auf das Pluszeichen klicken, damit man die Unterprozesse sieht, dann davon bitte einen Screenshot.

__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 05.04.2014, 12:48   #6
Morgrain
 
Windows 7 - svchost.exe 100% CPU-Auslastung - Standard

Windows 7 - svchost.exe 100% CPU-Auslastung



Merkwürdig, ich hätte schwören können dass so ein Post hier gestern stand. Mh.

Hier auf jeden Fall der Screenshot, es gibt aber kein Pluszeichen, sondern mit einem Doppelklick auf die Exe öffnet sich ein weiteres Fenster mit den Unterprozessen.



Hallo,

mit Verweis auf diesen Thread (hxxp://www.hijackthis-forum.de/hijackthis-logfiles/75172-svchost-exe-100-cpu-auslastung-2.html) hat sich nach der Hilfe durch und von Petra mein Problem gelöst. Offensichtlich handelte es sich um einen versteckten Schädling im Windows Ordner, den ich mit einem von Petra erstellten CFScript.txt eingefügt in die ComboFix.exe erfolgreich bekämpfen konnte. Dementsprechend brauchst Du mir hier nicht weiter helfen. Trotzdem vielen Dank für die Mühe.

Alt 06.04.2014, 12:08   #7
schrauber
/// the machine
/// TB-Ausbilder
 

Windows 7 - svchost.exe 100% CPU-Auslastung - Standard

Windows 7 - svchost.exe 100% CPU-Auslastung



Jetzt weiß ich auch wo du Combofix gesehen haben willst.

Für Dich war es das eh hier, denn Crossposting is sowas von geil....
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Windows 7 - svchost.exe 100% CPU-Auslastung
100%, 100% cpu-auslastung, anti, anwendung, anwendungen, auslastung, automatisch, cpu, cpu auslastung, cpu-auslastung, gen, internet, lan-kabel, malwarebytes, nicht mehr, norton, problem, programme, schädling, spybot, startet, svchost.exe, system, tan, virus, windows



Ähnliche Themen: Windows 7 - svchost.exe 100% CPU-Auslastung


  1. Windows Vista: svchost.exe verursacht sehr hohe CPU-Auslastung
    Log-Analyse und Auswertung - 22.09.2015 (15)
  2. Windows 7: svchost netsvcs verursacht hohe CPU auslastung
    Log-Analyse und Auswertung - 10.09.2015 (21)
  3. svchost.exe (netsvcs) verursacht hohe CPU-Auslastung (windows 7)
    Plagegeister aller Art und deren Bekämpfung - 02.09.2015 (21)
  4. svchost CPU AUSLASTUNG
    Plagegeister aller Art und deren Bekämpfung - 10.10.2014 (9)
  5. Windows XP - Die Ausnahme "Unbekannter Softwarefehler" von Avira-Scan, Windowas Firewall geht und svchost.exe verursacht hohe CPU Auslastung
    Log-Analyse und Auswertung - 20.12.2013 (9)
  6. Svchost.exe 100% auslastung!
    Log-Analyse und Auswertung - 20.07.2011 (1)
  7. svchost.bat - CPU Auslastung 100%
    Log-Analyse und Auswertung - 13.07.2011 (5)
  8. svchost.exe bis zu 100% CPU Auslastung
    Plagegeister aller Art und deren Bekämpfung - 25.05.2011 (1)
  9. 100% CPU-Auslastung (svchost.exe)
    Plagegeister aller Art und deren Bekämpfung - 08.07.2010 (7)
  10. svchost.exe mit 50% Auslastung!
    Plagegeister aller Art und deren Bekämpfung - 21.04.2010 (1)
  11. svchost.exe 100% Auslastung !
    Plagegeister aller Art und deren Bekämpfung - 18.10.2009 (35)
  12. svchost.exe mit 99% CPU Auslastung
    Log-Analyse und Auswertung - 07.07.2008 (5)
  13. svchost 100% CPU Auslastung
    Alles rund um Windows - 28.02.2007 (1)
  14. svchost.exe 100% Auslastung
    Alles rund um Windows - 25.02.2007 (2)
  15. svchost.exe Auslastung bei 99%
    Alles rund um Windows - 29.01.2007 (4)
  16. svchost.exe 99% auslastung??
    Plagegeister aller Art und deren Bekämpfung - 16.12.2004 (5)

Zum Thema Windows 7 - svchost.exe 100% CPU-Auslastung - Hallo Leute, ich bin momentan ziemlich am Verzweifeln und weiß nicht mehr weiter. Jedes mal wenn ich den PC starte (seit gestern Abend) schraubt sich die CPU Auslastung automatisch auf - Windows 7 - svchost.exe 100% CPU-Auslastung...
Archiv
Du betrachtest: Windows 7 - svchost.exe 100% CPU-Auslastung auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.