Steam - download- Cpu Überlastet.

50eurovirus · 12.05.2014, 16:08

Hallo wie mein Titel schon sagt wenn ich ein steam spiel downloade überlastet meine Cpu sekundenartig Nach oben und in der anderen sekunde wieder auf 10% also von 10 auf 90% in er sekunde und wieder runter und das die ganze zeit irgendwann bricht der download ganz ein und wennd as passiert steht festplatte ausgelastet und nach einer zeit läd er wieder und dan wieder nicht.. und dan geht das ganze spiel woeder von vorne mit der cpu, festplatte hoffe ich finde hier hilfe habe schon scans getan getan mit avg und superantispyware

schrauber · 12.05.2014, 16:52

Was soll das mit Malware zu tun haben?

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

50eurovirus · 12.05.2014, 19:13

Erstmal möchte ich mich bei dir bedanken für die schnelle antwort!! ich werde mir jetzt das tool runterladen und ausführen, jo malware keine ahnung was ich mir da gedacht habe wollte sicher gehen

nur os nebenbei habe spyware neben avg auch laufen die kriegen sich nicht in die haare oder=?

50eurovirus · 12.05.2014, 19:20

hier sind die logs hoffentlich kannst du damit was anfangen und mir weiter helfen danke =)

50eurovirus · 12.05.2014, 21:02

FRST.

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-05-2014 01
Ran by PBell (administrator) on PATRYKOO on 12-05-2014 19:14:55
Running from C:\Users\PBell\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgfws.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(PixArt Imaging Incorporation) C:\Windows\PixArt\Pac207\Monitor.exe
(Valve Corporation) C:\Users\PBell\Desktop\Steam\Steam.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(cFos Software GmbH) C:\Program Files\ASRock\XFast LAN\spd.exe
(Spotify Ltd) C:\Users\PBell\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Spotify Ltd) C:\Users\PBell\AppData\Roaming\Spotify\spotify.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
() C:\Program Files (x86)\puush\puush.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Nero AG) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
(Akamai Technologies, Inc.) C:\Users\PBell\AppData\Local\Akamai\netsession_win.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Akamai Technologies, Inc.) C:\Users\PBell\AppData\Local\Akamai\netsession_win.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
() C:\Program Files (x86)\DeviceVM\SmartView\SmartViewAgent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(DeviceVM, Inc.) C:\Program Files (x86)\DeviceVM\SmartView\SmartViewService.exe
() C:\Program Files (x86)\DSL Soforthilfe\DSL_Soforthilfe.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(DeviceVM, Inc.) C:\Program Files (x86)\DeviceVM\SmartView Software Updater\WCUService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe
(CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
() C:\Users\PBell\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\PBell\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\PBell\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\PBell\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\PBell\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(uWebb Software) C:\Users\PBell\Desktop\ThrottleStop_600\ThrottleStop.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM\...\Run: [THXCfg64] => C:\Windows\system32\THXCfg64.dll [26624 2011-05-13] (Creative Technology Ltd.)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1225920 2014-04-30] (NVIDIA Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13307496 2011-10-17] (Realtek Semiconductor)
HKLM\...\Run: [Nvtmru] => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2199840 2014-04-30] (NVIDIA Corporation)
HKLM\...\Run: [Monitor] => C:\Windows\PixArt\PAC207\Monitor.exe [319488 2006-11-03] (PixArt Imaging Incorporation)
HKLM\...\Run: [Kernel and Hardware Abstraction Layer] => KHALMNPR.EXE
HKLM-x32\...\Run: [SmartviewAgent] => C:\Program Files (x86)\DeviceVM\SmartView\SmartViewAgent.exe [948504 2010-09-02] ()
HKLM-x32\...\Run: [XFastUSB] => C:\Program Files (x86)\XFastUSB\XFastUsb.exe [5019360 2013-03-03] (FNet Co., Ltd.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-26] (Intel Corporation)
HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [THX TruStudio NB Settings] => C:\Program Files (x86)\Creative\THX TruStudio\THXNBSet\THXAudNB.exe [909824 2011-05-19] (Creative Technology Ltd)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2010-11-29] (Apple Inc.)
HKLM-x32\...\Run: [Packard Bell Photo Frame] => C:\Program Files (x86)\Packard Bell Photo Frame\ButtonMonitor.exe -A
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284480 2012-05-30] (Intel Corporation)
HKLM-x32\...\Run: [GamingKeyboard] => C:\Program Files (x86)\SHARKOON Skiller\GameMon.exe [1803264 2012-06-07] (Game Inc.)
HKLM-x32\...\Run: [DSL Soforthilfe] => C:\Program Files (x86)\DSL Soforthilfe\DSL_Soforthilfe.exe [20585888 2013-11-21] ()
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1263952 2013-02-13] ()
HKLM-x32\...\Run: [ClickPotatoLiteSA] => "C:\Program Files (x86)\ClickPotatoLite\bin\10.0.622.0\ClickPotatoLiteSA.exe"
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [Aeria Ignite] => C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe [1925656 2013-06-06] (Aeria Games & Entertainment)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [34672 2008-06-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3814736 2014-04-15] (LogMeIn Inc.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2014\avgui.exe [5180432 2014-04-06] (AVG Technologies CZ, s.r.o.)
HKU\.DEFAULT\...\Run: [MCNservice] => "C:\Users\PBell\AppData\Roaming\MCNMiner.exe"
HKU\S-1-5-21-3396300932-3457207744-2361604580-1000\...\Run: [ASRockXTU] => [X]
HKU\S-1-5-21-3396300932-3457207744-2361604580-1000\...\Run: [zASRockInstantBoot] => [X]
HKU\S-1-5-21-3396300932-3457207744-2361604580-1000\...\Run: [Steam] => C:\Users\PBell\Desktop\Steam\steam.exe [1825984 2014-04-24] (Valve Corporation)
HKU\S-1-5-21-3396300932-3457207744-2361604580-1000\...\Run: [Spotify Web Helper] => C:\Users\PBell\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1176632 2014-05-09] (Spotify Ltd)
HKU\S-1-5-21-3396300932-3457207744-2361604580-1000\...\Run: [Spotify] => C:\Users\PBell\AppData\Roaming\Spotify\Spotify.exe [6188600 2014-05-09] (Spotify Ltd)
HKU\S-1-5-21-3396300932-3457207744-2361604580-1000\...\Run: [RGSC] => D:\SteamLibrary\SteamApps\common\Grand Theft Auto IV\GTAIV\RGSCLauncher.exe [306088 2008-12-13] (Take-Two Interactive Software, Inc.)
HKU\S-1-5-21-3396300932-3457207744-2361604580-1000\...\Run: [puush] => C:\Program Files (x86)\puush\puush.exe [567880 2013-07-17] ()
HKU\S-1-5-21-3396300932-3457207744-2361604580-1000\...\Run: [msnmsgr] => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [4283256 2011-05-13] (Microsoft Corporation)
HKU\S-1-5-21-3396300932-3457207744-2361604580-1000\...\Run: [Facebook Update] => C:\Users\PBell\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-07-12] (Facebook Inc.)
HKU\S-1-5-21-3396300932-3457207744-2361604580-1000\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3598680 2014-03-02] (Electronic Arts)
HKU\S-1-5-21-3396300932-3457207744-2361604580-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672640 2013-03-14] (Disc Soft Ltd)
HKU\S-1-5-21-3396300932-3457207744-2361604580-1000\...\Run: [Cerberus] => C:\Windows\system32\Cerberus\server.exe
HKU\S-1-5-21-3396300932-3457207744-2361604580-1000\...\Run: [Akamai NetSession Interface] => C:\Users\PBell\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)
HKU\S-1-5-21-3396300932-3457207744-2361604580-1000\...\Run: [icq] => C:\Users\PBell\AppData\Roaming\ICQM\icq.exe [33664344 2014-03-03] (ICQ)
HKU\S-1-5-21-3396300932-3457207744-2361604580-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20922016 2014-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-3396300932-3457207744-2361604580-1000\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [6563608 2014-01-06] (SUPERAntiSpyware)
AppInit_DLLs:  =>  File Not Found
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SetPointII.lnk
ShortcutTarget: SetPointII.lnk -> C:\Program Files\Logitech\SetPoint II\SetPointII.exe (Logitech Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.search.ask.com/?l=dis&o=102875&gct=hp
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
URLSearchHook: HKCU - SearchHook Class - {0F3DC9E0-C459-4a40-BCF8-747BD9322E10} - C:\Program Files (x86)\DeviceVM\SmartView\AddressBarSearch.dll (DeviceVM, Inc.)
SearchScopes: HKLM-x32 - DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACPW
SearchScopes: HKLM-x32 - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACPW
SearchScopes: HKCU - {5249300A-ED5D-4396-90EB-4E1A7F242007} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=HIP&o=102875&src=kw&q={searchTerms}&locale=&apn_ptnrs=^6F&apn_dtid=^YYYYYY^YY^DE&apn_uid=c798b9fb-28ae-4ff9-aa02-fd74f028c7f4&apn_sauid=A18F5832-B1DB-4F84-A88F-0CD34D75E6AD
SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=ASRK
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
SearchScopes: HKCU - {DA348414-74D7-4ed1-B7AC-0AF3BA0BDCFA} URL = hxxp://www.google.com/custom?client=pub-3794288947762788&forid=1&channel=5480255188&ie=UTF-8&oe=UTF-8&safe=active&cof=GALT%3A%23008000%3BGL%3A1%3BDIV%3A%23336699%3BVLC%3A663399%3BAH%3Acenter%3BBGC%3AFFFFFF%3BLBGC%3A336699%3BALC%3A0000FF%3BLC%3A0000FF%3BT%3A000000%3BGFNT%3A0000FF%3BGIMP%3A0000FF%3BFORID%3A1&hl=de&q={searchTerms}
BHO: MintCastNetworks - {4F5806BB-DF64-4AC5-9485-572625569CE0} - C:\Program Files (x86)\MintCastNetworks\MintCastNetworks_x64.dll No File
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: SmartView VisualBookmark - {0E5680D1-BF44-4929-94AF-FD30D784AD1D} - C:\Program Files (x86)\DeviceVM\SmartView\SmartView.dll (DeviceVM, Inc.)
BHO-x32: QuickStores-Toolbar - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - mscoree.dll No File
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: ArcPluginIEBHO Class - {84BFE29A-8139-402a-B2A4-C23AE9E1A75F} - D:\Games\Neverwinters\Plugins\ArcPluginIE.dll (Perfect World Entertainment Inc)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
Toolbar: HKLM-x32 - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
Toolbar: HKLM-x32 - QuickStores-Toolbar - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - mscoree.dll No File
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  No File
DPF: HKLM-x32 {924B4927-D3BA-41EA-9F7E-8A89194AB3AC} hxxp://panda-plugin.disney.go.com/plugin/win32/p3dactivex.cab
DPF: HKLM-x32 {C345E174-3E87-4F41-A01C-B066A90A49B4} hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework//microsoft/wrc32.ocx
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
Filter-x32: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
Filter-x32: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
Filter-x32: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File

Hosts: Hosts file not detected in the default directory
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\PBell\AppData\Roaming\Mozilla\Firefox\Profiles\fprgzeol.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_206.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.7.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.7.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.3 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX Plus Web Player Plug-In,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @ngm.nexoneu.com/NxGame - C:\ProgramData\NexonEU\NGM\npNxGameeu.dll (Nexon)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @perfectworld.com/npArcPlayNowPlugin - D:\Games\Neverwinters\Plugins\npArcPluginFF.dll (Perfect World Entertainment Inc)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\PBell\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\PBell\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: DSL Soforthilfe - C:\Users\PBell\AppData\Roaming\Mozilla\Firefox\Profiles\fprgzeol.default\Extensions\{95E05177-EA09-4386-8B79-FEB1EAC063E6} [2014-02-25]
FF Extension: MEGA - C:\Users\PBell\AppData\Roaming\Mozilla\Firefox\Profiles\fprgzeol.default\Extensions\firefox@mega.co.nz.xpi [2014-05-09]
FF Extension: Adblock Plus - C:\Users\PBell\AppData\Roaming\Mozilla\Firefox\Profiles\fprgzeol.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-03-01]
FF Extension: No Name - C:\Users\PBell\AppData\Roaming\Mozilla\Firefox\profiles\extensions\extensions [2013-06-27]
FF Extension: Movie2kDownloader - C:\Users\PBell\AppData\Roaming\Mozilla\Firefox\profiles\extensions\movie2kdownloader@movie2kdownloader.com.xpi [2012-12-13]
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013-05-26]
FF HKLM-x32\...\Firefox\Extensions: [fiddlerhook@fiddler2.com] - C:\Program Files (x86)\Fiddler2\FiddlerHook
FF Extension: FiddlerHook - C:\Program Files (x86)\Fiddler2\FiddlerHook [2013-07-04]

==================== Services (Whitelisted) =================

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [144152 2013-10-11] (SUPERAntiSpyware.com)
S3 ArcService; D:\Games\Neverwinters\ArcService.exe [88424 2013-08-28] (Perfect World Entertainment Inc)
R2 avgfws; C:\Program Files (x86)\AVG\AVG2014\avgfws.exe [1473280 2014-04-03] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3645456 2014-04-18] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [291912 2014-03-27] (AVG Technologies CZ, s.r.o.)
R2 cFosSpeedS; C:\Program Files\ASRock\XFast LAN\spd.exe [395136 2011-10-19] (cFos Software GmbH)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128280 2012-02-21] ()
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [133632 2012-02-09] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-21] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377616 2014-04-08] (LogMeIn, Inc.)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [4565936 2013-01-02] (INCA Internet Co., Ltd.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1618888 2014-04-30] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21009352 2014-04-30] (NVIDIA Corporation)
S3 OpenVPNService; C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe [14848 2011-12-15] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-01-29] ()
R2 SmartViewService; C:\Program Files (x86)\DeviceVM\SmartView\SmartViewService.exe [125216 2010-09-02] (DeviceVM, Inc.)
S3 TunngleService; D:\Tunngle\TnglCtrl.exe [758224 2013-11-06] (Tunngle.net GmbH)
R2 WCUService; C:\Program Files (x86)\DeviceVM\SmartView Software Updater\WCUService.exe [456976 2010-09-02] (DeviceVM, Inc.)
S3 WinHttpAutoProxySvc; winhttp.dll [X]

==================== Drivers (Whitelisted) ====================

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R0 AsrRamDisk; C:\Windows\System32\DRIVERS\AsrRamDisk.sys [31016 2012-01-13] (ASRock Inc.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [153368 2014-03-27] (AVG Technologies CZ, s.r.o.)
R1 Avgfwfd; C:\Windows\System32\DRIVERS\avgfwd6a.sys [57144 2013-09-26] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [237336 2014-04-18] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [192792 2014-03-27] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [236824 2014-03-27] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [324376 2014-03-27] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [130840 2014-03-31] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [32536 2014-03-27] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [274200 2014-03-31] (AVG Technologies CZ, s.r.o.)
R2 DRHARD64; C:\Windows\system32\drivers\DRHARD64.sys [21984 2011-11-03] (Licensed for Gebhard Software)
R2 DRHARD64; C:\Windows\SysWOW64\drivers\DRHARD64.sys [21984 2011-11-03] (Licensed for Gebhard Software)
R2 DRHMSR64; C:\Windows\system32\drivers\DRHMSR64.sys [14760 2011-12-06] ()
R2 DRHMSR64; C:\Windows\SysWOW64\drivers\DRHMSR64.sys [14760 2011-12-06] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-04-23] (DT Soft Ltd)
S3 FNETTBOH_305; C:\Windows\System32\drivers\FNETTBOH_305.SYS [32320 2014-01-29] (FNet Co., Ltd.)
R1 FNETURPX; C:\Windows\System32\drivers\FNETURPX.SYS [15936 2013-03-03] (FNet Co., Ltd.)
R3 GameKB; C:\Windows\System32\drivers\GameKB.sys [27648 2012-05-11] ()
R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [25536 2012-02-09] ()
R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [25536 2012-02-09] ()
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [44992 2012-02-09] ()
S3 NPPTNT2; C:\Windows\SysWOW64\npptNT2.sys [4682 2004-12-30] (INCA Internet Co., Ltd.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19744 2014-04-30] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
S3 PAC207; C:\Windows\System32\DRIVERS\PFC027.SYS [572416 2006-12-05] (PixArt Imaging Inc.)
S3 SaiU04E5; C:\Windows\System32\DRIVERS\SaiU04E5.sys [34432 2007-08-13] (Saitek)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()
R3 WinRing0_1_2_0; C:\Users\PBell\Desktop\ThrottleStop_600\WinRing0x64.sys [14544 2008-07-26] (OpenLibSys.org)
R3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2014-05-12] ()
S3 catchme; \??\C:\cofi\catchme.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 MSICDSetup; \??\E:\CDriver64.sys [X]
S3 pccsmcfd; system32\DRIVERS\pccsmcfdx64.sys [X]
S3 wolf; \??\D:\Games\WolfTeam\WolfTeam-DE\avital\wolf64.sys [X]
S3 X6va002; \??\C:\Users\PBell\AppData\Local\Temp\002D55A.tmp [X]
S3 X6va005; \??\C:\Users\PBell\AppData\Local\Temp\005BDCB.tmp [X]
S3 X6va008; \??\C:\Windows\SysWOW64\Drivers\X6va008 [X]
S3 X6va009; \??\C:\Windows\SysWOW64\Drivers\X6va009 [X]
S3 X6va011; \??\C:\Windows\SysWOW64\Drivers\X6va011 [X]
S3 X6va012; \??\C:\Windows\SysWOW64\Drivers\X6va012 [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-12 19:14 - 2014-05-12 19:15 - 00030791 _____ () C:\Users\PBell\Downloads\FRST.txt
2014-05-12 19:14 - 2014-05-12 19:14 - 02066944 _____ (Farbar) C:\Users\PBell\Downloads\FRST64.exe
2014-05-12 19:14 - 2014-05-12 19:14 - 00000000 ____D () C:\FRST
2014-05-12 15:10 - 2014-05-12 15:10 - 00094656 _____ (CACE Technologies) C:\Windows\system32\WPRO_41_2001woem.tmp
2014-05-12 12:39 - 2014-05-12 12:39 - 00000000 ____D () C:\SUPERDelete
2014-05-12 12:14 - 2014-05-12 12:20 - 00000510 _____ () C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 29a223a8-2568-45ad-b993-d578487cd2d4.job
2014-05-12 12:14 - 2014-05-12 12:20 - 00000510 _____ () C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 1d53a26a-add7-4e27-aa09-3c87e6e52917.job
2014-05-12 12:14 - 2014-05-12 12:14 - 00003584 _____ () C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task 29a223a8-2568-45ad-b993-d578487cd2d4
2014-05-12 12:14 - 2014-05-12 12:14 - 00003510 _____ () C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task 1d53a26a-add7-4e27-aa09-3c87e6e52917
2014-05-12 12:14 - 2014-05-12 12:14 - 00001820 _____ () C:\Users\Public\Desktop\SUPERAntiSpyware Professional.lnk
2014-05-12 12:14 - 2014-05-12 12:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2014-05-12 12:14 - 2014-05-12 12:14 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-05-12 12:12 - 2014-05-12 12:12 - 18999848 _____ (SUPERAntiSpyware) C:\Users\PBell\Downloads\SUPERAntiSpywarePro.exe
2014-05-12 12:10 - 2014-05-12 12:10 - 00000000 ____D () C:\Users\PBell\AppData\Roaming\AVG2014
2014-05-12 12:09 - 2014-05-12 12:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-05-12 12:08 - 2014-05-12 12:10 - 00000000 ____D () C:\ProgramData\AVG2014
2014-05-12 12:08 - 2014-05-12 12:08 - 00000000 ___HD () C:\$AVG
2014-05-12 12:07 - 2014-05-12 12:07 - 00000000 ____D () C:\Program Files (x86)\AVG
2014-05-12 12:00 - 2014-05-12 12:00 - 04424240 _____ (AVG Technologies) C:\Users\PBell\Downloads\avg_avct_stb_all_2014_4116_comppg_23.exe
2014-05-12 12:00 - 2014-05-12 12:00 - 00000000 ____D () C:\Users\PBell\AppData\Local\Avg2014
2014-05-12 11:04 - 2014-03-31 18:42 - 00040392 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-05-12 11:04 - 2014-03-31 18:42 - 00034760 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-05-12 10:52 - 2014-05-12 10:52 - 00000000 ____D () C:\Users\PBell\AppData\Local\{B3A39E65-1D4F-47D5-BFED-652DA928A42C}
2014-05-11 09:39 - 2014-05-11 22:50 - 00000000 ____D () C:\Users\PBell\AppData\Local\{EF36C5D4-8B2A-4A59-A4C2-13D0E852F077}
2014-05-10 11:41 - 2014-05-10 11:41 - 00000000 ____D () C:\Users\PBell\AppData\Local\{CE8B398D-BD86-4940-A227-0BB63B367E54}
2014-05-09 23:57 - 2014-05-09 23:57 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-09 22:03 - 2014-05-09 22:03 - 00000000 ____D () C:\Users\PBell\AppData\Local\{B84DB302-F190-4E6E-874A-7BACAAB13371}
2014-05-09 09:59 - 2014-05-09 10:17 - 00000000 ____D () C:\Users\PBell\Desktop\Metin
2014-05-09 08:42 - 2014-05-09 08:43 - 00000000 ____D () C:\Users\PBell\AppData\Local\{ABBB2EA9-903C-41E6-BC67-A5C3E8489BD1}
2014-05-08 22:01 - 2014-05-08 22:01 - 01467128 _____ () C:\Users\PBell\Downloads\SystemCheck_deDE.exe
2014-05-08 11:29 - 2014-05-08 11:29 - 01009664 _____ () C:\Users\PBell\Desktop\Xpadder.exe
2014-05-08 08:16 - 2014-05-08 08:17 - 00000000 ____D () C:\Users\PBell\AppData\Local\{EE35698E-CAFE-450F-B48E-E4F2B47BAA79}
2014-05-07 10:48 - 2014-05-07 10:48 - 00000000 ____D () C:\Users\PBell\AppData\Local\{3EE3249C-4F17-4F0A-93F1-1AD2ECC74C88}
2014-05-07 01:18 - 2014-05-07 01:18 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-06 19:40 - 2014-05-12 12:09 - 00000953 _____ () C:\Users\Public\Desktop\AVG 2014.lnk
2014-05-06 19:33 - 2014-05-06 19:35 - 157674920 _____ (AVG Technologies) C:\Users\PBell\Downloads\avg_ipw_x64_all_2014_4259a6848.exe
2014-05-06 17:42 - 2014-05-06 17:42 - 00000000 ____D () C:\Users\PBell\AppData\Local\{ABF5E92D-5CDD-4417-9058-C77123AA07AE}
2014-05-06 17:13 - 2014-04-14 04:24 - 00465408 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-06 17:13 - 2014-04-14 04:19 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-06 10:33 - 2014-05-06 10:33 - 00000000 ____D () C:\Users\PBell\AppData\Local\{1BDDD2C0-AAEF-4AF7-AC16-9F2BB211D826}
2014-05-05 10:19 - 2014-05-05 10:19 - 00000000 ____D () C:\Users\PBell\AppData\Local\{8A181DE6-5F4C-45FE-B92A-D6FC5E7A9921}
2014-05-04 10:47 - 2014-05-04 10:47 - 00000000 ____D () C:\Users\PBell\AppData\Local\{92757B19-6564-4B35-B1C4-0E6DC56EE2FD}
2014-05-04 01:10 - 2014-04-29 16:01 - 23547904 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-04 01:10 - 2014-04-29 15:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-04 01:10 - 2014-04-29 14:48 - 17384448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-04 01:10 - 2014-04-29 14:34 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-03 14:58 - 2014-05-03 14:58 - 00000000 ____D () C:\Users\PBell\AppData\Local\Criterion Games
2014-05-03 11:23 - 2014-05-03 11:23 - 00000000 ____D () C:\Users\PBell\AppData\Local\{16C99BA9-DDBC-4184-B5BC-EF2C19075429}
2014-05-02 10:02 - 2014-05-12 15:11 - 00001406 _____ () C:\Users\PBell\Desktop\Games.lnk
2014-05-02 10:02 - 2014-05-12 15:11 - 00001406 _____ () C:\Users\PBell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Social Games.lnk
2014-05-02 10:02 - 2014-05-02 10:02 - 00000000 ____D () C:\Users\PBell\AppData\Local\{1229B209-3029-44A2-8C4E-266DF823D39C}
2014-05-01 20:42 - 2014-05-01 20:42 - 00002170 _____ () C:\Users\PBell\Desktop\MegaTrainer eXperience.lnk
2014-05-01 20:42 - 2014-05-01 20:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MegaDev
2014-05-01 20:42 - 2014-05-01 20:42 - 00000000 ____D () C:\Program Files (x86)\MegaDev
2014-05-01 20:40 - 2014-05-01 20:40 - 49448512 _____ ( ) C:\Users\PBell\Downloads\mt-x_1234_setup.exe
2014-05-01 20:34 - 2014-05-01 22:17 - 00000007 _____ () C:\Users\PBell\Documents\mt-e_hook.txt
2014-05-01 20:34 - 2014-05-01 22:11 - 00000047 _____ () C:\Users\PBell\Documents\mt-x_hook.txt
2014-05-01 13:21 - 2014-05-01 13:30 - 720320111 _____ () C:\Users\PBell\Downloads\Zerania2.rar
2014-05-01 13:14 - 2014-05-01 13:14 - 00000000 ____D () C:\Users\PBell\AppData\Local\{D8240BAB-3BE3-4969-9A1C-5FBC400F528B}
2014-04-30 12:41 - 2014-05-01 00:42 - 00000000 ____D () C:\Users\PBell\AppData\Local\{90FF72D7-3403-4249-B218-AAA307AB2755}
2014-04-29 12:39 - 2014-04-30 00:40 - 00000000 ____D () C:\Users\PBell\AppData\Local\{B521C6CD-9946-4BC5-A91A-F434A2B132E4}
2014-04-28 21:54 - 2014-04-28 21:54 - 00000000 ____D () C:\Users\PBell\Documents\Bus Simulator 2012
2014-04-28 21:54 - 2014-04-28 21:54 - 00000000 ____D () C:\Users\PBell\AppData\Local\Bus Simulator 2012
2014-04-28 11:54 - 2014-04-28 12:40 - 00000000 ____D () C:\Users\PBell\Desktop\S4 DATEN
2014-04-28 11:03 - 2014-04-28 11:03 - 00000000 ____D () C:\Users\PBell\AppData\Local\{73786A1A-76F1-4960-9F83-3BFA72766F62}
2014-04-27 10:19 - 2014-04-27 10:19 - 00000000 ____D () C:\Users\PBell\AppData\Local\{CB4FE304-1CA2-46A4-9A7F-458A53D797EB}
2014-04-26 09:56 - 2014-04-26 21:57 - 00000000 ____D () C:\Users\PBell\AppData\Local\{0073BEF0-E389-4B2A-9FBE-67108D180282}
2014-04-25 09:22 - 2014-04-25 09:22 - 00000000 ____D () C:\Users\PBell\AppData\Local\{699E4A19-19A2-49C3-98AE-060E6F3114F9}
2014-04-24 10:11 - 2014-04-24 10:11 - 00000000 ____D () C:\Users\PBell\AppData\Local\{647ED837-CD97-4C3D-BC01-FCCDAAB9809D}
2014-04-23 12:01 - 2014-04-23 12:01 - 00000000 __SHD () C:\Users\PBell\AppData\Local\EmieUserList
2014-04-23 12:01 - 2014-04-23 12:01 - 00000000 __SHD () C:\Users\PBell\AppData\Local\EmieSiteList
2014-04-23 11:49 - 2014-04-23 11:49 - 00000000 ____D () C:\Users\PBell\AppData\Local\{15E32CDE-010F-4ECA-A02B-A74BF7816D77}
2014-04-22 22:41 - 2014-03-06 11:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-04-22 22:41 - 2014-03-06 10:59 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-04-22 22:41 - 2014-03-06 10:57 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-04-22 22:41 - 2014-03-06 10:57 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-04-22 22:41 - 2014-03-06 10:53 - 02767360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-22 22:41 - 2014-03-06 10:40 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-22 22:41 - 2014-03-06 10:39 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-04-22 22:41 - 2014-03-06 10:32 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-04-22 22:41 - 2014-03-06 10:29 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-04-22 22:41 - 2014-03-06 10:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-04-22 22:41 - 2014-03-06 10:28 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-04-22 22:41 - 2014-03-06 10:15 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-04-22 22:41 - 2014-03-06 10:11 - 05784064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-22 22:41 - 2014-03-06 10:09 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-04-22 22:41 - 2014-03-06 10:03 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-04-22 22:41 - 2014-03-06 10:02 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-04-22 22:41 - 2014-03-06 10:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-04-22 22:41 - 2014-03-06 10:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-04-22 22:41 - 2014-03-06 09:56 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-04-22 22:41 - 2014-03-06 09:48 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-04-22 22:41 - 2014-03-06 09:47 - 02178048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-04-22 22:41 - 2014-03-06 09:46 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-04-22 22:41 - 2014-03-06 09:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-04-22 22:41 - 2014-03-06 09:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-04-22 22:41 - 2014-03-06 09:42 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-04-22 22:41 - 2014-03-06 09:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-04-22 22:41 - 2014-03-06 09:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-04-22 22:41 - 2014-03-06 09:36 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-04-22 22:41 - 2014-03-06 09:22 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-04-22 22:41 - 2014-03-06 09:21 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-22 22:41 - 2014-03-06 09:13 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-04-22 22:41 - 2014-03-06 09:11 - 02043904 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-04-22 22:41 - 2014-03-06 09:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-04-22 22:41 - 2014-03-06 09:01 - 00244224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-04-22 22:41 - 2014-03-06 08:53 - 13551104 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-22 22:41 - 2014-03-06 08:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-04-22 22:41 - 2014-03-06 08:40 - 01967104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-04-22 22:41 - 2014-03-06 08:36 - 11745792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-04-22 22:41 - 2014-03-06 08:22 - 02260480 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-22 22:41 - 2014-03-06 07:58 - 01400832 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-22 22:41 - 2014-03-06 07:50 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-04-22 22:41 - 2014-03-06 07:43 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-04-22 22:41 - 2014-03-06 07:41 - 01789440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-04-22 22:41 - 2014-03-06 07:36 - 01143808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-04-22 11:42 - 2014-04-22 11:42 - 00000000 ____D () C:\Users\PBell\AppData\Local\{BDDC1357-9C0C-45B9-8517-F0ADB83350CA}
2014-04-21 23:18 - 2014-04-21 23:18 - 07888419 _____ () C:\Users\PBell\Downloads\OBS_0_613b_Installer.exe
2014-04-21 23:18 - 2014-04-21 23:18 - 00000911 _____ () C:\Users\PBell\Desktop\Open Broadcaster Software.lnk
2014-04-21 23:18 - 2014-04-21 23:18 - 00000000 ____D () C:\Users\PBell\AppData\Roaming\OBS
2014-04-21 23:18 - 2014-04-21 23:18 - 00000000 ____D () C:\Users\PBell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Open Broadcaster Software
2014-04-21 23:18 - 2014-04-21 23:18 - 00000000 ____D () C:\Program Files\OBS
2014-04-21 23:18 - 2014-04-21 23:18 - 00000000 ____D () C:\Program Files (x86)\OBS
2014-04-21 14:07 - 2014-04-21 14:07 - 00019992 _____ () C:\Users\PBell\Downloads\Deckblatt Times.dotx
2014-04-21 12:44 - 2014-04-21 12:44 - 00002713 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Word Viewer 2003.lnk
2014-04-21 12:44 - 2014-04-21 12:44 - 00000000 ____D () C:\Program Files (x86)\MSECache
2014-04-21 12:43 - 2014-04-21 12:43 - 25755856 _____ (Microsoft Corporation) C:\Users\PBell\Downloads\wordview_de-de.exe
2014-04-21 12:22 - 2014-04-21 12:22 - 00004087 _____ () C:\Users\PBell\Downloads\lebenslauf.zip
2014-04-21 12:22 - 2013-02-11 10:42 - 00023040 _____ () C:\Users\PBell\Desktop\lebenslauf.dot
2014-04-21 10:16 - 2014-04-21 10:16 - 00000000 ____D () C:\Users\PBell\AppData\Local\{1FD80C02-E29B-4547-ADF5-2BAF59E48E66}
2014-04-21 00:14 - 2014-04-21 00:15 - 00000000 ____D () C:\Users\PBell\Desktop\ThrottleStop_600
2014-04-21 00:13 - 2014-04-21 00:14 - 00631050 _____ () C:\Users\PBell\Downloads\ThrottleStop_600.zip
2014-04-20 11:33 - 2014-04-20 11:33 - 00000000 ____D () C:\Users\PBell\AppData\Local\{5C190B5B-F814-4713-A675-99EF90A32F42}
2014-04-19 10:38 - 2014-04-19 10:38 - 00000000 ____D () C:\Users\PBell\AppData\Local\{175E7D68-A792-4B82-ADE2-C34DFAC8FBDE}
2014-04-18 15:01 - 2014-04-18 15:01 - 00237336 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsdrivera.sys
2014-04-18 10:15 - 2014-04-18 10:16 - 00000000 ____D () C:\Users\PBell\AppData\Local\{F5F70EA7-2E01-4FCD-B79E-2DA37E6FD0DE}
2014-04-17 13:19 - 2014-04-17 13:19 - 00000000 ____D () C:\Users\PBell\AppData\Local\{AF4E0D7C-8071-49D2-AA04-491B99603EBF}
2014-04-17 13:19 - 2014-04-17 13:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-04-17 13:19 - 2014-04-17 13:19 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-04-16 12:28 - 2014-04-17 00:29 - 00000000 ____D () C:\Users\PBell\AppData\Local\{12539B3A-25E0-4264-91D0-B608B3AE0E30}
2014-04-15 09:57 - 2014-04-15 21:58 - 00000000 ____D () C:\Users\PBell\AppData\Local\{B23A80D1-11C1-4371-8AEE-BBAAC3105953}
2014-04-14 08:23 - 2014-04-14 08:23 - 00000000 ____D () C:\Users\PBell\AppData\Local\{8B2B85F7-3524-4C6A-B77B-C585EF2E26EF}
2014-04-13 19:10 - 2014-04-13 19:10 - 00000000 _____ () C:\Users\PBell\AppData\Roaming\wklnhst.dat
2014-04-13 18:40 - 2014-04-13 18:40 - 00000000 ____D () C:\Users\PBell\Documents\Remedy
2014-04-13 12:36 - 2014-04-13 12:36 - 00000000 ____D () C:\Users\PBell\AppData\Local\{3B15AD5A-7816-4ACD-BA10-1CA35985D90B}
2014-04-12 12:23 - 2014-04-13 00:24 - 00000000 ____D () C:\Users\PBell\AppData\Local\{A9713AC5-AACA-4D85-9E76-8D93ADC377B3}

==================== One Month Modified Files and Folders =======

2014-05-12 19:15 - 2014-05-12 19:14 - 00030791 _____ () C:\Users\PBell\Downloads\FRST.txt
2014-05-12 19:15 - 2012-11-03 13:22 - 00000000 ____D () C:\ProgramData\MFAData
2014-05-12 19:14 - 2014-05-12 19:14 - 02066944 _____ (Farbar) C:\Users\PBell\Downloads\FRST64.exe
2014-05-12 19:14 - 2014-05-12 19:14 - 00000000 ____D () C:\FRST
2014-05-12 19:11 - 2010-02-16 02:04 - 00000000 ____D () C:\Users\PBell\AppData\Roaming\Skype
2014-05-12 19:10 - 2011-02-18 20:17 - 00000000 ____D () C:\Users\PBell\Desktop\Steam
2014-05-12 19:09 - 2013-07-12 22:27 - 00000928 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3396300932-3457207744-2361604580-1000UA.job
2014-05-12 19:09 - 2012-12-28 21:46 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-12 19:09 - 2012-06-20 20:23 - 00000000 ____D () C:\Users\PBell\AppData\Roaming\Spotify
2014-05-12 19:09 - 2009-01-01 09:07 - 02027760 _____ () C:\Windows\WindowsUpdate.log
2014-05-12 15:57 - 2012-10-27 03:07 - 00000000 ____D () C:\Users\PBell\Desktop\Programme
2014-05-12 15:44 - 2013-07-24 20:08 - 00000000 ____D () C:\Users\PBell\AppData\Local\LogMeIn Hamachi
2014-05-12 15:21 - 2009-07-14 06:45 - 00019056 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-12 15:21 - 2009-07-14 06:45 - 00019056 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-12 15:11 - 2014-05-02 10:02 - 00001406 _____ () C:\Users\PBell\Desktop\Games.lnk
2014-05-12 15:11 - 2014-05-02 10:02 - 00001406 _____ () C:\Users\PBell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Social Games.lnk
2014-05-12 15:11 - 2014-02-25 08:47 - 00030328 _____ () C:\Windows\setupact.log
2014-05-12 15:10 - 2014-05-12 15:10 - 00094656 _____ (CACE Technologies) C:\Windows\system32\WPRO_41_2001woem.tmp
2014-05-12 15:10 - 2013-03-03 01:54 - 00034752 _____ () C:\Windows\system32\Drivers\WPRO_41_2001.sys
2014-05-12 15:10 - 2013-03-03 01:47 - 00000828 _____ () C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
2014-05-12 15:10 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-12 15:10 - 2009-01-01 09:13 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-05-12 15:09 - 2014-02-25 08:47 - 00076876 _____ () C:\Windows\PFRO.log
2014-05-12 13:25 - 2013-03-16 02:05 - 00000000 ____D () C:\Users\PBell\Documents\Euro Truck Simulator 2
2014-05-12 12:39 - 2014-05-12 12:39 - 00000000 ____D () C:\SUPERDelete
2014-05-12 12:20 - 2014-05-12 12:14 - 00000510 _____ () C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 29a223a8-2568-45ad-b993-d578487cd2d4.job
2014-05-12 12:20 - 2014-05-12 12:14 - 00000510 _____ () C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 1d53a26a-add7-4e27-aa09-3c87e6e52917.job
2014-05-12 12:14 - 2014-05-12 12:14 - 00003584 _____ () C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task 29a223a8-2568-45ad-b993-d578487cd2d4
2014-05-12 12:14 - 2014-05-12 12:14 - 00003510 _____ () C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task 1d53a26a-add7-4e27-aa09-3c87e6e52917
2014-05-12 12:14 - 2014-05-12 12:14 - 00001820 _____ () C:\Users\Public\Desktop\SUPERAntiSpyware Professional.lnk
2014-05-12 12:14 - 2014-05-12 12:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2014-05-12 12:14 - 2014-05-12 12:14 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-05-12 12:12 - 2014-05-12 12:12 - 18999848 _____ (SUPERAntiSpyware) C:\Users\PBell\Downloads\SUPERAntiSpywarePro.exe
2014-05-12 12:10 - 2014-05-12 12:10 - 00000000 ____D () C:\Users\PBell\AppData\Roaming\AVG2014
2014-05-12 12:10 - 2014-05-12 12:08 - 00000000 ____D () C:\ProgramData\AVG2014
2014-05-12 12:09 - 2014-05-12 12:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-05-12 12:09 - 2014-05-06 19:40 - 00000953 _____ () C:\Users\Public\Desktop\AVG 2014.lnk
2014-05-12 12:08 - 2014-05-12 12:08 - 00000000 ___HD () C:\$AVG
2014-05-12 12:07 - 2014-05-12 12:07 - 00000000 ____D () C:\Program Files (x86)\AVG
2014-05-12 12:00 - 2014-05-12 12:00 - 04424240 _____ (AVG Technologies) C:\Users\PBell\Downloads\avg_avct_stb_all_2014_4116_comppg_23.exe
2014-05-12 12:00 - 2014-05-12 12:00 - 00000000 ____D () C:\Users\PBell\AppData\Local\Avg2014
2014-05-12 11:41 - 2013-03-03 01:47 - 00000830 _____ () C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
2014-05-12 11:08 - 2011-02-17 14:07 - 00000000 ____D () C:\ProgramData\SecTaskMan
2014-05-12 11:05 - 2013-11-19 01:27 - 00000000 ____D () C:\Users\PBell\AppData\Local\NVIDIA Corporation
2014-05-12 11:05 - 2010-11-25 16:42 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-05-12 11:04 - 2011-04-24 11:29 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-05-12 10:52 - 2014-05-12 10:52 - 00000000 ____D () C:\Users\PBell\AppData\Local\{B3A39E65-1D4F-47D5-BFED-652DA928A42C}
2014-05-12 00:08 - 2014-03-01 12:56 - 00000000 ____D () C:\Users\PBell\AppData\Local\Battle.net
2014-05-11 22:50 - 2014-05-11 09:39 - 00000000 ____D () C:\Users\PBell\AppData\Local\{EF36C5D4-8B2A-4A59-A4C2-13D0E852F077}
2014-05-11 22:50 - 2013-07-12 22:27 - 00000906 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3396300932-3457207744-2361604580-1000Core.job
2014-05-11 09:36 - 2014-02-24 21:47 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-11 01:25 - 2010-11-24 22:59 - 00000000 ____D () C:\Users\PBell\AppData\Roaming\TS3Client
2014-05-10 16:01 - 2013-07-28 13:39 - 00007602 _____ () C:\Users\PBell\AppData\Local\Resmon.ResmonCfg
2014-05-10 11:41 - 2014-05-10 11:41 - 00000000 ____D () C:\Users\PBell\AppData\Local\{CE8B398D-BD86-4940-A227-0BB63B367E54}
2014-05-09 23:57 - 2014-05-09 23:57 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-09 22:03 - 2014-05-09 22:03 - 00000000 ____D () C:\Users\PBell\AppData\Local\{B84DB302-F190-4E6E-874A-7BACAAB13371}
2014-05-09 10:17 - 2014-05-09 09:59 - 00000000 ____D () C:\Users\PBell\Desktop\Metin
2014-05-09 08:43 - 2014-05-09 08:42 - 00000000 ____D () C:\Users\PBell\AppData\Local\{ABBB2EA9-903C-41E6-BC67-A5C3E8489BD1}
2014-05-08 22:01 - 2014-05-08 22:01 - 01467128 _____ () C:\Users\PBell\Downloads\SystemCheck_deDE.exe
2014-05-08 20:28 - 2014-03-13 00:37 - 00000505 _____ () C:\Users\PBell\Desktop\Neues Textdokument.txt
2014-05-08 11:29 - 2014-05-08 11:29 - 01009664 _____ () C:\Users\PBell\Desktop\Xpadder.exe
2014-05-08 08:17 - 2014-05-08 08:16 - 00000000 ____D () C:\Users\PBell\AppData\Local\{EE35698E-CAFE-450F-B48E-E4F2B47BAA79}
2014-05-07 10:48 - 2014-05-07 10:48 - 00000000 ____D () C:\Users\PBell\AppData\Local\{3EE3249C-4F17-4F0A-93F1-1AD2ECC74C88}
2014-05-07 01:18 - 2014-05-07 01:18 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-06 19:35 - 2014-05-06 19:33 - 157674920 _____ (AVG Technologies) C:\Users\PBell\Downloads\avg_ipw_x64_all_2014_4259a6848.exe
2014-05-06 17:42 - 2014-05-06 17:42 - 00000000 ____D () C:\Users\PBell\AppData\Local\{ABF5E92D-5CDD-4417-9058-C77123AA07AE}
2014-05-06 10:34 - 2012-06-20 20:24 - 00000000 ____D () C:\Users\PBell\AppData\Local\Spotify
2014-05-06 10:33 - 2014-05-06 10:33 - 00000000 ____D () C:\Users\PBell\AppData\Local\{1BDDD2C0-AAEF-4AF7-AC16-9F2BB211D826}
2014-05-05 10:19 - 2014-05-05 10:19 - 00000000 ____D () C:\Users\PBell\AppData\Local\{8A181DE6-5F4C-45FE-B92A-D6FC5E7A9921}
2014-05-04 10:47 - 2014-05-04 10:47 - 00000000 ____D () C:\Users\PBell\AppData\Local\{92757B19-6564-4B35-B1C4-0E6DC56EE2FD}
2014-05-03 15:18 - 2013-03-02 19:38 - 00000000 ____D () C:\Users\PBell\AppData\Local\CrashDumps
2014-05-03 14:58 - 2014-05-03 14:58 - 00000000 ____D () C:\Users\PBell\AppData\Local\Criterion Games
2014-05-03 14:57 - 2014-03-01 12:56 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-05-03 11:23 - 2014-05-03 11:23 - 00000000 ____D () C:\Users\PBell\AppData\Local\{16C99BA9-DDBC-4184-B5BC-EF2C19075429}
2014-05-02 10:02 - 2014-05-02 10:02 - 00000000 ____D () C:\Users\PBell\AppData\Local\{1229B209-3029-44A2-8C4E-266DF823D39C}
2014-05-01 22:17 - 2014-05-01 20:34 - 00000007 _____ () C:\Users\PBell\Documents\mt-e_hook.txt
2014-05-01 22:11 - 2014-05-01 20:34 - 00000047 _____ () C:\Users\PBell\Documents\mt-x_hook.txt
2014-05-01 20:42 - 2014-05-01 20:42 - 00002170 _____ () C:\Users\PBell\Desktop\MegaTrainer eXperience.lnk
2014-05-01 20:42 - 2014-05-01 20:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MegaDev
2014-05-01 20:42 - 2014-05-01 20:42 - 00000000 ____D () C:\Program Files (x86)\MegaDev
2014-05-01 20:40 - 2014-05-01 20:40 - 49448512 _____ ( ) C:\Users\PBell\Downloads\mt-x_1234_setup.exe
2014-05-01 13:30 - 2014-05-01 13:21 - 720320111 _____ () C:\Users\PBell\Downloads\Zerania2.rar
2014-05-01 13:14 - 2014-05-01 13:14 - 00000000 ____D () C:\Users\PBell\AppData\Local\{D8240BAB-3BE3-4969-9A1C-5FBC400F528B}
2014-05-01 01:29 - 2014-02-27 14:42 - 00053499 _____ () C:\Windows\DirectX.log
2014-05-01 00:42 - 2014-04-30 12:41 - 00000000 ____D () C:\Users\PBell\AppData\Local\{90FF72D7-3403-4249-B218-AAA307AB2755}
2014-04-30 20:29 - 2013-11-05 18:18 - 01225920 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2014-04-30 20:29 - 2013-11-05 18:18 - 01081112 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2014-04-30 00:40 - 2014-04-29 12:39 - 00000000 ____D () C:\Users\PBell\AppData\Local\{B521C6CD-9946-4BC5-A91A-F434A2B132E4}
2014-04-29 16:01 - 2014-05-04 01:10 - 23547904 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-29 15:40 - 2014-05-04 01:10 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-29 14:48 - 2014-05-04 01:10 - 17384448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-29 14:34 - 2014-05-04 01:10 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-29 13:42 - 2012-12-28 21:46 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-04-29 13:42 - 2012-04-09 23:06 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-04-29 13:42 - 2011-05-25 07:12 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-28 21:54 - 2014-04-28 21:54 - 00000000 ____D () C:\Users\PBell\Documents\Bus Simulator 2012
2014-04-28 21:54 - 2014-04-28 21:54 - 00000000 ____D () C:\Users\PBell\AppData\Local\Bus Simulator 2012
2014-04-28 12:40 - 2014-04-28 11:54 - 00000000 ____D () C:\Users\PBell\Desktop\S4 DATEN
2014-04-28 11:59 - 2014-02-24 21:28 - 00000000 ____D () C:\Users\PBell\AppData\Roaming\vlc
2014-04-28 11:03 - 2014-04-28 11:03 - 00000000 ____D () C:\Users\PBell\AppData\Local\{73786A1A-76F1-4960-9F83-3BFA72766F62}
2014-04-27 10:19 - 2014-04-27 10:19 - 00000000 ____D () C:\Users\PBell\AppData\Local\{CB4FE304-1CA2-46A4-9A7F-458A53D797EB}
2014-04-26 21:57 - 2014-04-26 09:56 - 00000000 ____D () C:\Users\PBell\AppData\Local\{0073BEF0-E389-4B2A-9FBE-67108D180282}
2014-04-26 12:35 - 2012-06-28 18:21 - 00000000 ____D () C:\Users\PBell\Downloads\Megaline II
2014-04-25 09:22 - 2014-04-25 09:22 - 00000000 ____D () C:\Users\PBell\AppData\Local\{699E4A19-19A2-49C3-98AE-060E6F3114F9}
2014-04-24 14:16 - 2013-09-15 14:45 - 00000000 ____D () C:\Users\PBell\AppData\Local\Akamai
2014-04-24 10:11 - 2014-04-24 10:11 - 00000000 ____D () C:\Users\PBell\AppData\Local\{647ED837-CD97-4C3D-BC01-FCCDAAB9809D}
2014-04-23 14:46 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-04-23 12:01 - 2014-04-23 12:01 - 00000000 __SHD () C:\Users\PBell\AppData\Local\EmieUserList
2014-04-23 12:01 - 2014-04-23 12:01 - 00000000 __SHD () C:\Users\PBell\AppData\Local\EmieSiteList
2014-04-23 11:49 - 2014-04-23 11:49 - 00000000 ____D () C:\Users\PBell\AppData\Local\{15E32CDE-010F-4ECA-A02B-A74BF7816D77}
2014-04-23 11:46 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-04-22 11:42 - 2014-04-22 11:42 - 00000000 ____D () C:\Users\PBell\AppData\Local\{BDDC1357-9C0C-45B9-8517-F0ADB83350CA}
2014-04-21 23:18 - 2014-04-21 23:18 - 07888419 _____ () C:\Users\PBell\Downloads\OBS_0_613b_Installer.exe
2014-04-21 23:18 - 2014-04-21 23:18 - 00000911 _____ () C:\Users\PBell\Desktop\Open Broadcaster Software.lnk
2014-04-21 23:18 - 2014-04-21 23:18 - 00000000 ____D () C:\Users\PBell\AppData\Roaming\OBS
2014-04-21 23:18 - 2014-04-21 23:18 - 00000000 ____D () C:\Users\PBell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Open Broadcaster Software
2014-04-21 23:18 - 2014-04-21 23:18 - 00000000 ____D () C:\Program Files\OBS
2014-04-21 23:18 - 2014-04-21 23:18 - 00000000 ____D () C:\Program Files (x86)\OBS
2014-04-21 14:08 - 2009-07-14 07:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-04-21 14:07 - 2014-04-21 14:07 - 00019992 _____ () C:\Users\PBell\Downloads\Deckblatt Times.dotx
2014-04-21 12:44 - 2014-04-21 12:44 - 00002713 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Word Viewer 2003.lnk
2014-04-21 12:44 - 2014-04-21 12:44 - 00000000 ____D () C:\Program Files (x86)\MSECache
2014-04-21 12:44 - 2009-09-04 03:46 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-04-21 12:43 - 2014-04-21 12:43 - 25755856 _____ (Microsoft Corporation) C:\Users\PBell\Downloads\wordview_de-de.exe
2014-04-21 12:22 - 2014-04-21 12:22 - 00004087 _____ () C:\Users\PBell\Downloads\lebenslauf.zip
2014-04-21 10:16 - 2014-04-21 10:16 - 00000000 ____D () C:\Users\PBell\AppData\Local\{1FD80C02-E29B-4547-ADF5-2BAF59E48E66}
2014-04-21 00:15 - 2014-04-21 00:14 - 00000000 ____D () C:\Users\PBell\Desktop\ThrottleStop_600
2014-04-21 00:14 - 2014-04-21 00:13 - 00631050 _____ () C:\Users\PBell\Downloads\ThrottleStop_600.zip
2014-04-20 11:33 - 2014-04-20 11:33 - 00000000 ____D () C:\Users\PBell\AppData\Local\{5C190B5B-F814-4713-A675-99EF90A32F42}
2014-04-20 01:18 - 2010-01-19 01:38 - 00000000 ____D () C:\Users\PBell
2014-04-19 10:38 - 2014-04-19 10:38 - 00000000 ____D () C:\Users\PBell\AppData\Local\{175E7D68-A792-4B82-ADE2-C34DFAC8FBDE}
2014-04-18 15:01 - 2014-04-18 15:01 - 00237336 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsdrivera.sys
2014-04-18 10:16 - 2014-04-18 10:15 - 00000000 ____D () C:\Users\PBell\AppData\Local\{F5F70EA7-2E01-4FCD-B79E-2DA37E6FD0DE}
2014-04-17 13:19 - 2014-04-17 13:19 - 00000000 ____D () C:\Users\PBell\AppData\Local\{AF4E0D7C-8071-49D2-AA04-491B99603EBF}
2014-04-17 13:19 - 2014-04-17 13:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-04-17 13:19 - 2014-04-17 13:19 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-04-17 13:19 - 2014-03-01 18:01 - 00000898 _____ () C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2014-04-17 00:29 - 2014-04-16 12:28 - 00000000 ____D () C:\Users\PBell\AppData\Local\{12539B3A-25E0-4264-91D0-B608B3AE0E30}
2014-04-15 21:58 - 2014-04-15 09:57 - 00000000 ____D () C:\Users\PBell\AppData\Local\{B23A80D1-11C1-4371-8AEE-BBAAC3105953}
2014-04-14 08:23 - 2014-04-14 08:23 - 00000000 ____D () C:\Users\PBell\AppData\Local\{8B2B85F7-3524-4C6A-B77B-C585EF2E26EF}
2014-04-14 04:24 - 2014-05-06 17:13 - 00465408 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-04-14 04:19 - 2014-05-06 17:13 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-04-13 19:10 - 2014-04-13 19:10 - 00000000 _____ () C:\Users\PBell\AppData\Roaming\wklnhst.dat
2014-04-13 18:40 - 2014-04-13 18:40 - 00000000 ____D () C:\Users\PBell\Documents\Remedy
2014-04-13 12:36 - 2014-04-13 12:36 - 00000000 ____D () C:\Users\PBell\AppData\Local\{3B15AD5A-7816-4ACD-BA10-1CA35985D90B}
2014-04-13 00:24 - 2014-04-12 12:23 - 00000000 ____D () C:\Users\PBell\AppData\Local\{A9713AC5-AACA-4D85-9E76-8D93ADC377B3}

Files to move or delete:
====================
C:\Users\PBell\cache.dat
C:\Users\PBell\jagex_cl_loginapplet_LIVE.dat
C:\Users\PBell\jagex_cl_oldschool_LIVE.dat
C:\Users\PBell\jagex_cl_runescape_LIVE.dat
C:\Users\PBell\jagex_cl_runescape_LIVE1.dat
C:\Users\PBell\jagex_cl_runescape_LIVE2.dat
C:\Users\PBell\jagex_cl_runescape_LIVE_BETA.dat
C:\Users\PBell\jagex_runescape_preferences.dat
C:\Users\PBell\jagex_runescape_preferences2.dat
C:\Users\PBell\jagex__preferences3.dat
C:\Users\PBell\random.dat


Some content of TEMP:
====================
C:\Users\PBell\AppData\Local\Temp\cabex.dll
C:\Users\PBell\AppData\Local\Temp\CH.dll
C:\Users\PBell\AppData\Local\Temp\NGM.exe
C:\Users\PBell\AppData\Local\Temp\NGMDll.dll
C:\Users\PBell\AppData\Local\Temp\NGMResource.dll
C:\Users\PBell\AppData\Local\Temp\RSPUpgradeInstaller.exe
C:\Users\PBell\AppData\Local\Temp\unelevate.exe
C:\Users\PBell\AppData\Local\Temp\UNINSTALL.EXE
C:\Users\PBell\AppData\Local\Temp\VARemove.exe
C:\Users\PBell\AppData\Local\Temp\VAUninstall.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-05-09 09:14

==================== End Of Log ============================

--- --- ---

--- --- ---

Addition:

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-05-2014 01
Ran by PBell at 2014-05-12 19:16:26
Running from C:\Users\PBell\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: AVG Internet Security 2014 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG Internet Security 2014 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}
FW: AVG Internet Security 2014 (Enabled) {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}

==================== Installed Programs ======================

.NET Reflector Desktop (HKLM-x32\...\{60EDFDF5-224E-4CB3-8BE8-55A6D852C0A8}) (Version: 8.3.3.115 - Red Gate Software Ltd)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
ActivePerl 5.16.3 Build 1603 (64-bit) (HKLM\...\{8C327061-E39D-4696-84A8-E84533ADDD7D}) (Version: 5.16.1603 - ActiveState)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 1.5.0.7220 - Adobe Systems Inc.) Hidden
Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.206 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.206 - Adobe Systems Incorporated)
Adobe Photoshop Elements 7.0 (HKLM-x32\...\Adobe Photoshop Elements 7) (Version: 7.0.1 - Adobe Systems Incorporated)
Adobe Photoshop Elements 7.0 (x32 Version: 7.0.1 - Adobe Systems Incorporated) Hidden
Adobe Photoshop Elements 7.0 (x32 Version: 7.0.1.3 - Adobe Systems Incorporated) Hidden
Adobe Reader 9 (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-A90000000001}) (Version: 9.0.0 - Adobe Systems Incorporated)
Advertising Center (x32 Version: 0.0.0.1 - Nero AG) Hidden
Aeria Ignite (HKLM-x32\...\Aeria Ignite 1.13.3296) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (HKLM-x32\...\Aeria Ignite) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (x32 Version: 1.13.3296 - Aeria Games & Entertainment) Hidden
Akamai NetSession Interface (HKCU\...\Akamai) (Version:  - Akamai Technologies, Inc)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Arc (HKLM-x32\...\{CED8E25B-122A-4E80-B612-7F99B93284B3}) (Version: 1.0.0.5510 - Perfect World Entertainment)
ASRock App Charger v1.0.5 (HKLM\...\ASRock App Charger_is1) (Version:  - ASRock Inc.)
ASRock eXtreme Tuner v0.1.263 (HKLM-x32\...\ASRock eXtreme Tuner_is1) (Version:  - )
ASRock InstantBoot v1.29 (HKLM-x32\...\ASRock InstantBoot_is1) (Version:  - )
ASRock SmartConnect v1.0.6 (HKLM\...\ASRock SmartConnect_is1) (Version:  - ASRock Inc.)
ASRock XFast RAM v2.0.9 (HKLM\...\ASRock XFast RAM_is1) (Version:  - ASRock Inc.)
Assassins Creed IV Black Flag version 1.0.0.0 (HKLM-x32\...\Assassins Creed IV Black Flag_is1) (Version: 1.0.0.0 - RePack by SEYTER)
AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4577 - AVG Technologies)
AVG 2014 (Version: 14.0.3931 - AVG Technologies) Hidden
AVG 2014 (Version: 14.0.4577 - AVG Technologies) Hidden
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version:  - )
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.1.0.1 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.2 - EA Digital Illusions CE AB)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Borderlands 2 (HKLM-x32\...\Borderlands 2_is1) (Version:  - )
Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version:  - Gearbox Software)
Call of Duty Black Ops 2 (HKLM-x32\...\{47D6F3E4-D158-4E47-84C4-0D6452DB2488}_is1) (Version: 1.0 - Treyarch)
Call of Duty: Black Ops II - Multiplayer (HKLM-x32\...\Steam App 202990) (Version:  - )
Call of Duty: Black Ops II - Zombies (HKLM-x32\...\Steam App 212910) (Version:  - )
Call of Duty: Black Ops II (HKLM-x32\...\Steam App 202970) (Version:  - Treyarch)
Camtasia Studio 7 (HKLM-x32\...\{DE042823-C359-4B87-B66B-308057E8B6AF}) (Version: 7.0.1 - TechSmith Corporation)
Castlevania: Lords of Shadow - Ultimate Edition (HKLM-x32\...\Steam App 234080) (Version:  - MercurySteam - Climax Studios)
CCleaner (HKLM\...\CCleaner) (Version: 3.05 - Piriform)
Cheat Engine 6.2 (HKLM-x32\...\Cheat Engine 6.2_is1) (Version:  - Dark Byte)
Chicken Invaders 2 (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110209593}) (Version:  - Oberon Media)
Core Temp 1.0 RC5 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.0 - Alcpu)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version:  - Valve)
Crysis®3 (HKLM-x32\...\{4198AE83-A3C6-4C41-85C8-EC63E990696E}) (Version: 1.0.0.0 - Electronic Arts)
CrystalDiskMark 3.0.3a (HKLM\...\CrystalDiskMark_is1) (Version: 3.0.3a - Crystal Dew World)
CyberLink MediaEspresso (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 6.5.1611_37043 - CyberLink Corp.)
CyberLink MediaEspresso (x32 Version: 6.5.1611_37043 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.47.1.0333 - Disc Soft Ltd)
Dairy Dash (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115053100}) (Version:  - Oberon Media)
DayZ Commander (HKLM-x32\...\{D35C30C0-0A42-44C2-BBC9-23431832C89E}) (Version: 0.9.120 - Dotjosh Studios)
Dead Island Riptide version 5.1 (HKLM-x32\...\{554894C6-A12C-4CE6-8FDC-F1BBEABB69B4}_is1) (Version: 5.1 - Black_Box)
Dead Space™ 3 (HKLM-x32\...\{D4329609-4102-4F8C-B83F-7FE024EEA314}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.41 - DivX, LLC)
DmC Devil May Cry (HKLM-x32\...\Steam App 220440) (Version:  - )
DMUninstaller (HKLM-x32\...\DMUninstaller) (Version:  - ) <==== ATTENTION
Dr. Hardware 2013 13.0d (HKLM-x32\...\Dr. Hardware 2013_is1) (Version:  - Peter A. Gebhard)
Dream Day First Home (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}) (Version:  - Oberon Media)
DSL Soforthilfe (HKLM-x32\...\DSL Soforthilfe) (Version: 1.1.0.51 - Telefónica Germany GmbH & Co. OHG)
Dxtory version 2.0.123 (HKLM-x32\...\Dxtory2.0_is1) (Version: 2.0.123 - ExKode Co. Ltd.)
erLT (x32 Version: 1.20.0137 - Logitech, Inc.) Hidden
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
Euro Truck Simulator 2 (HKLM-x32\...\Steam App 227300) (Version:  - )
Fable III (HKLM-x32\...\GFWL_{4D53090A-9B45-437B-A66A-831000008300}) (Version: 1.0.0000.131 - Microsoft Game Studios)
Fable III (x32 Version: 1.0.0000.131 - Microsoft Game Studios) Hidden
Facebook Video Calling 2.0.0.447 (HKLM-x32\...\{8DF41A9F-FE13-43E8-A003-5F9B55A011EE}) (Version: 2.0.447 - Skype Limited)
Far Cry 3 (HKLM-x32\...\{E3B9C5A9-BD7A-4B56-B754-FAEA7DD6FA88}) (Version: 1.05 - Ubisoft)
Fiddler (HKLM-x32\...\Fiddler2) (Version: 2.4.4.5 - Telerik)
Fraps (HKLM-x32\...\Fraps) (Version:  - )
Free Hide IP (HKLM-x32\...\FreeHideIP) (Version: 3.8.6.8 - )
Free Mp3 Wma Converter V 2.2 (HKLM-x32\...\Free Mp3 Wma Converter_is1) (Version: 2.2.0.0 - Koyote Soft)
Free YouTube to MP3 Converter version 3.12.4.622 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.4.622 - DVDVideoSoft Ltd.)
FreeArc 0.666 (HKLM-x32\...\FreeArc) (Version: 0.666 - Bulat Ziganshin)
Game Booster (HKLM-x32\...\Game Booster_is1) (Version: 2.3.0.0 - IObit)
Gameforge Live 1.9.0 "Legend" (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 1.9.0 - Gameforge)
Global Martial Heroes Final (HKLM-x32\...\Global Martial Heroes Final) (Version:  - )
Global Martial Heroes OBT Client + Launcher (HKLM-x32\...\Global Martial Heroes OBT Client + Launcher) (Version:  - )
Grand Theft Auto IV (HKLM-x32\...\Steam App 12210) (Version:  - Rockstar North)
Grand Theft Auto IV (x32 Version: 1.0.0013.131 - Rockstar Games Inc.) Hidden
GRID 2 (HKLM-x32\...\Steam App 44350) (Version:  - Codemasters Racing)
GTA IV Vehicle Mod Installer v1.3 (HKLM-x32\...\GTA IV Vehicle Mod Installer v1.3_is1) (Version:  - MobileD2)
ICQ 8.2 (build 6901) (HKCU\...\ICQ) (Version: 8.2.6901.0 - ICQ)
ImagXpress (x32 Version: 7.0.74.0 - Nero AG) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{A6C48A9F-694A-4234-B3AA-62590B668927}) (Version: 1.0.0.35342 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.3.1427 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.2.0.1006 - Intel Corporation)
Intel(R) Smart Connect Technology 2.0 x64 (HKLM\...\{54F8B6C7-9B25-4E85-A1E0-26CFB80DE787}) (Version: 2.0.1083.0 - Intel)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.4.220 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation)
iTunes (HKLM\...\{D601CEAD-2E4F-4BBB-85CC-C29A4CE6A3C0}) (Version: 11.1.3.8 - Apple Inc.)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.510 - Oracle)
Java 7 Update 7 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417007FF}) (Version: 7.0.70 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java SE Development Kit 7 Update 7 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170070}) (Version: 1.7.0.70 - Oracle)
Java(TM) 6 Update 22 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416022FF}) (Version: 6.0.220 - Oracle)
Java(TM) SE Development Kit 6 Update 22 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0160220}) (Version: 1.6.0.220 - Oracle)
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
join.me (HKCU\...\JoinMe) (Version: 1.9.2.216 - LogMeIn, Inc.)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
League of Legends (HKLM-x32\...\{92606477-9366-4D3B-8AE3-6BE4B29727AB}) (Version: 1.3 - Riot Games)
Logitech SetPoint 5.20 (HKLM\...\{D3120436-1358-4253-9EB2-257FFE8CE1D9}) (Version: 5.20 - Logitech)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.188 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.188 - LogMeIn, Inc.) Hidden
Macro Recorder 5.6.5 (HKLM-x32\...\Macro Recorder_is1) (Version: 5.6.5 - Jitbit Software)
MegaTrainer eXperience V1.2.3.4 (HKLM-x32\...\MegaTrainer eXperience_is1) (Version:  - )
Metin2 (HKLM-x32\...\Metin2_is1) (Version:  - Gameforge 4D GmbH)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft DirectX SDK (June 2010) (HKLM-x32\...\Microsoft DirectX SDK (June 2010)) (Version: 9.29.1962.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0100-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Language Pack 2007 - German/Deutsch (HKLM-x32\...\OMUI.de-de) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office O MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint Viewer 2007 (German) (HKLM-x32\...\{95120000-00AF-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office SharePoint Designer MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Suite Activation Assistant (HKLM-x32\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word Viewer 2003 (HKLM-x32\...\{90850407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office X MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{09298F26-A95C-31E2-9D95-2C60F586F075}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{887868A2-D6DE-3255-AA92-AA0B5A59B874}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{90ffcee5-8608-4e94-8c18-a4feb4f83fb8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Works (HKLM-x32\...\{62F7DA7E-CCCB-439C-A760-00C3926E761F}) (Version: 9.7.0621 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}) (Version: 1.20.146.0 - Microsoft)
Mortal Kombat Komplete Edition (HKLM-x32\...\{9F012408-04EC-4989-932F-4C096117D2DD}_is1) (Version:  - Warner Bros)
Mozilla Firefox 29.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 29.0.1 (x86 de)) (Version: 29.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSI Afterburner 2.3.0 (HKLM-x32\...\Afterburner) (Version: 2.3.0 - MSI Co., LTD)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NARUTO SHIPPUDEN: Ultimate Ninja STORM 3 Full Burst (HKLM-x32\...\TkFSVVRPU0hJUFBVREVOVWx0aW1hdGVOaW5qYVNUT1JNM0Z1~D4302771_is1) (Version: 1 - )
Nero 9 Essentials (HKLM-x32\...\{3f6c76b9-ad6f-4674-82f6-46e491b21791}) (Version:  - Nero AG)
Nero ControlCenter (x32 Version: 9.0.0.1 - Nero AG) Hidden
Nero DiscSpeed (x32 Version: 5.4.7.201 - Nero AG) Hidden
Nero DiscSpeed Help (x32 Version: 5.4.4.100 - Nero AG) Hidden
Nero DriveSpeed (x32 Version: 4.4.7.201 - Nero AG) Hidden
Nero DriveSpeed Help (x32 Version: 4.4.4.100 - Nero AG) Hidden
Nero Express Help (x32 Version: 9.4.9.100 - Nero AG) Hidden
Nero InfoTool (x32 Version: 6.4.7.201 - Nero AG) Hidden
Nero InfoTool Help (x32 Version: 6.4.4.100 - Nero AG) Hidden
Nero Installer (x32 Version: 4.4.8.1 - Nero AG) Hidden
Nero Move it (x32 Version: 1.2.0.0 - Nero AG) Hidden
Nero Move it Essentials (HKLM-x32\...\{6e345bf7-2af5-4adc-901c-72941b68258b}) (Version:  - Nero AG)
Nero Move it Help (x32 Version: 1.0.0.0 - Nero AG) Hidden
Nero Online Upgrade (x32 Version: 1.3.0.0 - Nero AG) Hidden
Nero StartSmart (x32 Version: 9.4.11.201 - Nero AG) Hidden
Nero StartSmart Help (x32 Version: 9.4.11.100 - Nero AG) Hidden
Nero StartSmart OEM (x32 Version: 9.4.10.100 - Nero AG) Hidden
NeroExpress (x32 Version: 9.4.9.201 - Nero AG) Hidden
neroxml (x32 Version: 1.0.0 - Nero AG) Hidden
Nexon Game Manager (HKLM-x32\...\{289AC7E0-0AEE-4a7b-913C-709D9803D23E}) (Version:  - )
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.2.3 - )
NVIDIA 3D Vision Controller-Treiber 332.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 332.21 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 332.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 332.21 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.0.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.0.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 332.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 332.21 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.151.1095 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.0725 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.0725 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0725 - NVIDIA Corporation)
NVIDIA ShadowPlay 12.4.67 (Version: 12.4.67 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3221 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 332.21 (Version: 332.21 - NVIDIA Corporation) Hidden
NVIDIA Update 12.4.67 (Version: 12.4.67 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 12.4.67 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.23 (Version: 1.2.23 - NVIDIA Corporation) Hidden
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
OpenSSL 1.0.0e (32-bit) (HKLM-x32\...\OpenSSL (32-bit)_is1) (Version:  - OpenSSL Win32 Installer Team)
OpenVPN 2.2.2 (HKLM-x32\...\OpenVPN) (Version: 2.2.2 - )
Origin (HKLM-x32\...\Origin) (Version: 9.3.10.4710 - Electronic Arts, Inc.)
PerformanceTest v7.0 (64-bit) (HKLM\...\PerformanceTest 7_is1) (Version: 7.0 - Passmark Software)
PhotoScape (HKLM-x32\...\PhotoScape) (Version:  - )
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Project Blackout (HKLM-x32\...\Project Blackout) (Version:  - SG INTERACTIVE)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
puush (HKLM-x32\...\{C3592426-531E-4110-911D-BFECE2CE284B}) (Version: 1.0.0.0 - Dean Herbert)
PVSonyDll (Version: 1.00.0001 - NVIDIA Corporation) Hidden
QuickStores-Toolbar 1.1.0 (HKLM-x32\...\QuickStores-Toolbar_is1) (Version: 1.1.0 - AB-Tools.com) <==== ATTENTION
QuickTime (HKLM-x32\...\{57752979-A1C9-4C02-856B-FBB27AC4E02C}) (Version: 7.69.80.9 - Apple Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.78.1218.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6482 - Realtek Semiconductor Corp.)
Resident Evil 6 / Biohazard 6 (HKLM-x32\...\Steam App 221040) (Version:  - Capcom)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.0.1 - Rockstar Games)
RuneScape Launcher 1.2.2 (HKLM-x32\...\{A85FCCBE-31AB-4312-A5A9-165FF3B0BF90}) (Version: 1.2.2 - Jagex Ltd)
S.K.I.L.L. - Special Force 2 (HKLM-x32\...\Special Force 2 Beta_is1) (Version:  - )
Saints Row IV (HKLM-x32\...\U2FpbnRzUm93SVY=_is1) (Version: 1 - )
SAMSUNG Mobile Composite Device Software (HKLM\...\SAMSUNG Mobile Composite Device) (Version:  - )
Samsung Mobile Modem Device Software (HKLM\...\Samsung Mobile Modem Device) (Version:  - )
SAMSUNG Mobile Modem Driver Set (HKLM\...\SAMSUNG Mobile Modem) (Version:  - )
Samsung Mobile phone USB driver Drive Software (HKLM\...\Samsung Mobile phone USB driver Drive) (Version:  - )
SAMSUNG Mobile USB Modem 1.0 Software (HKLM\...\SAMSUNG Mobile USB Modem 1.0) (Version:  - )
SAMSUNG Mobile USB Modem Software (HKLM\...\SAMSUNG Mobile USB Modem) (Version:  - )
SAMSUNG USB Mobile Device Software (HKLM\...\SAMSUNG USB Mobile Device) (Version:  - )
Security Task Manager 1.8d (HKLM-x32\...\Security Task Manager) (Version: 1.8d - Neuber Software)
SHARKOON Skiller (HKLM-x32\...\{91C25547-9534-41A5-823A-1E54BA16EA3F}) (Version: 1.00.0000 - )
SHIELD Streaming (Version: 2.1.108 - NVIDIA Corporation) Hidden
SilkroadR (HKLM-x32\...\SilkroadR) (Version:  - )
SIW 2013 Home Edition (HKLM-x32\...\{AB67580-257C-45FF-B8F4-C8C30682091A}_is1) (Version: 2013.05.14 - Topala Software Solutions)
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
SmartView for IE (HKLM-x32\...\{C448EA30-BB7F-4D42-83BC-385EBA140AF2}) (Version: 1.0.4.1 - DeviceVM, Inc.)
SmartView Software Updater (HKLM-x32\...\{5B0CE14A-B9B6-4E25-A1BE-3EEC1998AC2C}) (Version: 1.0.4.1 - DeviceVM, Inc.)
Spotify (HKCU\...\Spotify) (Version: 0.9.10.12.ga9ab7425 - Spotify AB)
Star Defender 4 (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-114803710}) (Version:  - Oberon Media)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.7.1018 - SUPERAntiSpyware.com)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.13.1 - TeamSpeak Systems GmbH)
TeamViewer 7 (HKLM-x32\...\TeamViewer 7) (Version: 7.0.12979 - TeamViewer)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version:  - TechPowerUp)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
THX TruStudio (HKLM-x32\...\{AFB907F5-C0E6-4753-8284-DE955EF86AC2}) (Version: 1.00.01 - Creative Technology Limited)
Tombraider (HKLM-x32\...\Tombraider_is1) (Version:  - )
TrackMania 2 (HKLM-x32\...\TrackMania 2_is1) (Version: RePack - Ultra)
Trials Evolution Gold Edition (HKLM-x32\...\InstallShield_{07D857B8-C956-401D-BC8F-EDA8459AF037}) (Version: 1.0.0.1 - Ubisoft)
Trials Evolution Gold Edition (x32 Version: 1.0.0.1 - Ubisoft) Hidden
Tunngle beta (HKLM-x32\...\Tunngle beta_is1) (Version:  - Tunngle.net GmbH)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Unlocker 1.9.1-x64 (HKLM\...\Unlocker) (Version: 1.9.1 - Cedrick Collomb)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{90120000-0100-0407-0000-0000000FF1CE}_OMUI.de-de_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_OMUI.de-de_{EA54F104-79D2-48CC-9ABC-91A63C43D353}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_OMUI.de-de_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_OMUI.de-de_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_OMUI.de-de_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_OMUI.de-de_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 4.0 - Ubisoft)
User's Guides (HKLM\...\{B48E1FFD-A85D-45DB-9070-C06CDF6BD427}) (Version: 1.20.0000 - Logitech)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 2.1.3 (HKLM\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666  - Nullsoft, Inc)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live OneCare safety scanner (HKLM-x32\...\Windows Live OneCare safety scanner) (Version:  - Microsoft Corporation)
Windows Live OneCare safety scanner (x32 Version: 1.0.0.0 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM-x32\...\{586509F0-350D-48B5-B763-9CC2F8D96C4C}) (Version: 14.0.8117.416 - Microsoft Corporation)
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Mobile-Gerätecenter (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation)
Windows Mobile-Gerätecenter: Treiberupdate (HKLM\...\{92DBCA36-9B41-4DD1-941A-AED149DD37F0}) (Version: 6.1.6965.0 - Microsoft Corporation)
WinRAR (HKLM-x32\...\WinRAR archiver) (Version:  - )
WolfTeam-DE (HKLM-x32\...\WolfTeam-DE) (Version:  - )
XFastUSB (HKLM-x32\...\XFastUSB) (Version: 3.02.30 - ASRock Inc.)
XSplit Broadcaster (HKLM-x32\...\{781B7F3D-8107-4049-80C0-16FF46420184}) (Version: 1.3.1306.2101 - SplitMediaLabs)

==================== Restore Points  =========================

12-05-2014 10:06:51 Installed AVG 2014
12-05-2014 10:07:44 Installed AVG 2014

==================== Scheduled Tasks (whitelisted) =============

Task: {219A89B5-4AE0-4653-B86B-5DA0AFFD3990} - System32\Tasks\SUPERAntiSpyware Scheduled Task 1d53a26a-add7-4e27-aa09-3c87e6e52917 => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2013-11-07] (SUPERAdBlocker.com)
Task: {37984331-C2B6-4AC4-AA7B-30FEEDDAB1E0} - System32\Tasks\DeviceDetector => C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe [2011-04-11] (CyberLink)
Task: {3922A2C5-7F92-4FA1-B3AF-0F871E4EB4DC} - System32\Tasks\{F7428BCD-D7AF-4713-AFA2-62B53D884313} => D:\Games\DBZ\DBOLauncher.exe
Task: {4E699F46-2F95-4B58-812F-5BA090B66ECA} - System32\Tasks\{8EB7F942-3C93-4AAA-B442-0AEAD6EE0BE3} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2014-02-10] (Skype Technologies S.A.)
Task: {648B4B2A-2959-409C-86A0-094D13EE5319} - System32\Tasks\{6E505A0F-8A83-43D8-A249-347E27896C2F} => D:\Games\DBZ\DBOLauncher.exe
Task: {651AA250-1CE5-448B-8E98-CD0A5639F628} - System32\Tasks\SUPERAntiSpyware Scheduled Task 29a223a8-2568-45ad-b993-d578487cd2d4 => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2013-11-07] (SUPERAdBlocker.com)
Task: {7430CA1D-1E35-45A1-A99F-0A8A3BEC77E7} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25] (Intel Corporation)
Task: {779F3144-8567-4537-AB7F-FE8511240A8E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-29] (Adobe Systems Incorporated)
Task: {900B4970-AC12-4FB7-B88B-FF27CC537DDC} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {93624FEC-2B2E-4866-BA65-E0896D0D67DD} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25] (Intel Corporation)
Task: {AC4E5ACF-89F7-4220-BA21-81EE183975E2} - System32\Tasks\Microsoft\Windows\Application Experience\AitAgent => aitagent.exe
Task: {CE2AF0AF-FC7F-450C-80E1-13CACAB4273F} - System32\Tasks\{A6C2177A-C848-4BAF-BC23-5173A8DCB049} => C:\Program Files (x86)\Z8Games\CrossFire\CF_G4box.exe
Task: {DC545110-BDEA-4005-B2C8-C70EE28740F1} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3396300932-3457207744-2361604580-1000UA => C:\Users\PBell\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-07-12] (Facebook Inc.)
Task: {E3163C33-301D-4730-A266-5518C5ED3967} - System32\Tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask => BthUdTask.exe
Task: {E9C7962C-9F5B-4788-8051-18ADCDA5600A} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3396300932-3457207744-2361604580-1000Core => C:\Users\PBell\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-07-12] (Facebook Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3396300932-3457207744-2361604580-1000Core.job => C:\Users\PBell\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3396300932-3457207744-2361604580-1000UA.job => C:\Users\PBell\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe
Task: C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe
Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 1d53a26a-add7-4e27-aa09-3c87e6e52917.job => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 29a223a8-2568-45ad-b993-d578487cd2d4.job => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

==================== Loaded Modules (whitelisted) =============

2012-02-25 14:09 - 2013-12-19 20:53 - 00117536 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2011-09-19 09:07 - 2011-09-19 09:07 - 00062976 _____ () C:\Windows\system32\bdmpega64.acm
2010-11-20 04:08 - 2010-03-15 12:28 - 00052224 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll
2010-07-15 06:44 - 2010-07-15 06:44 - 00020032 _____ () C:\Program Files\Unlocker\UnlockerCOM.dll
2013-03-03 02:00 - 2011-05-19 10:58 - 00246784 _____ () C:\Windows\SYSTEM32\APOMgr64.DLL
2013-03-03 01:47 - 2012-02-21 13:29 - 00128280 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
2012-02-09 17:26 - 2012-02-09 17:26 - 00133632 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
2012-02-09 17:26 - 2012-02-09 17:26 - 00048128 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll
2012-02-09 17:26 - 2012-02-09 17:26 - 00036864 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\ISCTNetDetect.dll
2012-01-10 15:41 - 2013-07-17 14:10 - 00567880 _____ () C:\Program Files (x86)\puush\puush.exe
2010-09-02 18:01 - 2010-09-02 18:01 - 00948504 _____ () C:\Program Files (x86)\DeviceVM\SmartView\SmartViewAgent.exe
2013-11-01 08:15 - 2014-01-29 22:36 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-01-26 01:52 - 2013-11-21 22:57 - 20585888 ____N () C:\Program Files (x86)\DSL Soforthilfe\DSL_Soforthilfe.exe
2013-02-13 04:37 - 2013-02-13 04:37 - 01263952 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
2013-09-20 17:58 - 2014-05-09 20:00 - 00598072 _____ () C:\Users\PBell\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
2013-09-13 20:51 - 2013-09-13 20:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2013-09-13 20:51 - 2013-09-13 20:51 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-05-12 10:05 - 2014-04-22 00:55 - 00340480 _____ () C:\Users\PBell\Desktop\Steam\libavresample-1.dll
2014-05-12 10:05 - 2014-04-22 00:55 - 00471552 _____ () C:\Users\PBell\Desktop\Steam\libavutil-53.dll
2014-05-12 10:06 - 2014-04-01 00:09 - 00754688 _____ () C:\Users\PBell\Desktop\Steam\SDL2.dll
2014-05-12 10:06 - 2014-04-24 00:01 - 01092288 _____ () C:\Users\PBell\Desktop\Steam\bin\chromehtml.DLL
2014-05-12 10:05 - 2014-03-03 21:15 - 20626624 _____ () C:\Users\PBell\Desktop\Steam\bin\libcef.dll
2014-05-12 10:05 - 2013-06-15 01:49 - 01100800 _____ () C:\Users\PBell\Desktop\Steam\bin\avcodec-53.dll
2014-05-12 10:05 - 2013-06-15 01:49 - 00124416 _____ () C:\Users\PBell\Desktop\Steam\bin\avutil-51.dll
2014-05-12 10:05 - 2013-06-15 01:49 - 00192000 _____ () C:\Users\PBell\Desktop\Steam\bin\avformat-53.dll
2014-05-12 10:06 - 2014-04-24 00:01 - 00119488 _____ () C:\Users\PBell\Desktop\Steam\bin\audio.dll
2014-05-12 10:05 - 2013-06-15 01:49 - 00071680 _____ () C:\Users\PBell\Desktop\Steam\bin\mssmp3.asi
2014-05-12 10:05 - 2013-06-15 01:49 - 00153088 _____ () C:\Users\PBell\Desktop\Steam\bin\mssvoice.asi
2012-06-20 20:24 - 2014-05-09 20:00 - 36966968 _____ () C:\Users\PBell\AppData\Roaming\Spotify\Data\libcef.dll
2010-09-02 17:54 - 2010-09-02 17:54 - 00503202 _____ () C:\Program Files (x86)\DeviceVM\SmartView\sqlite3.dll
2010-11-20 04:08 - 2010-03-15 12:28 - 00141824 _____ () C:\Program Files (x86)\WinRAR\rarext.dll
2013-02-13 04:38 - 2013-02-13 04:38 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
2013-09-20 17:58 - 2014-05-09 20:00 - 00886840 _____ () C:\Users\PBell\AppData\Roaming\Spotify\Data\libglesv2.dll
2013-09-20 17:58 - 2014-05-09 20:00 - 00108600 _____ () C:\Users\PBell\AppData\Roaming\Spotify\Data\libegl.dll
2014-02-14 15:07 - 2014-02-14 15:07 - 00172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\2f069b57965f456c3c25fb82419a363d\IsdiInterop.ni.dll
2013-03-03 01:39 - 2012-05-30 14:55 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2013-03-03 01:47 - 2012-02-21 13:09 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2014-05-09 23:57 - 2014-05-09 23:57 - 03839088 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-04-29 13:42 - 2014-04-29 13:42 - 16351920 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\TEMP:1D32EC29
AlternateDataStreams: C:\ProgramData\TEMP:4D066AD2
AlternateDataStreams: C:\ProgramData\TEMP:AB689DEA
AlternateDataStreams: C:\ProgramData\TEMP:ABE89FFE
AlternateDataStreams: C:\Users\PBell\Anwendungsdaten:NT
AlternateDataStreams: C:\Users\PBell\AppData\Roaming:NT

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== EXE Association (whitelisted) =============

HKU\S-1-5-21-3396300932-3457207744-2361604580-1000\Software\Classes\.exe: exefile =>  <===== ATTENTION!
HKU\S-1-5-21-3396300932-3457207744-2361604580-1000\Software\Classes\exefile:  <===== ATTENTION!

==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============

Name: TAP-Win32 Adapter V9
Description: TAP-Win32 Adapter V9
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TAP-Win32 Provider V9
Service: tap0901
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: TAP-Win32 Adapter V9 (Tunngle)
Description: TAP-Win32 Adapter V9 (Tunngle)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TAP-Win32 Provider V9 (Tunngle)
Service: tap0901t
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (05/12/2014 04:09:46 PM) (Source: Bonjour Service) (User: ) (EventID: 100)
Description: Task Scheduling Error: m->NextScheduledSPRetry 8003

Error: (05/12/2014 04:09:46 PM) (Source: Bonjour Service) (User: ) (EventID: 100)
Description: Task Scheduling Error: m->NextScheduledEvent 8003

Error: (05/12/2014 04:09:46 PM) (Source: Bonjour Service) (User: ) (EventID: 100)
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (05/12/2014 04:09:45 PM) (Source: Bonjour Service) (User: ) (EventID: 100)
Description: Task Scheduling Error: m->NextScheduledSPRetry 7004

Error: (05/12/2014 04:09:45 PM) (Source: Bonjour Service) (User: ) (EventID: 100)
Description: Task Scheduling Error: m->NextScheduledEvent 7004

Error: (05/12/2014 04:09:45 PM) (Source: Bonjour Service) (User: ) (EventID: 100)
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (05/12/2014 04:09:44 PM) (Source: Bonjour Service) (User: ) (EventID: 100)
Description: Task Scheduling Error: m->NextScheduledSPRetry 6006

Error: (05/12/2014 04:09:44 PM) (Source: Bonjour Service) (User: ) (EventID: 100)
Description: Task Scheduling Error: m->NextScheduledEvent 6006

Error: (05/12/2014 04:09:44 PM) (Source: Bonjour Service) (User: ) (EventID: 100)
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (05/12/2014 04:09:43 PM) (Source: Bonjour Service) (User: ) (EventID: 100)
Description: Task Scheduling Error: m->NextScheduledSPRetry 5008


System errors:
=============
Error: (05/12/2014 07:09:19 PM) (Source: Microsoft-Windows-DNS-Client) (User: NT-AUTORITÄT) (EventID: 1012)
Description: Fehler beim Lesen der Datei für lokale Hosts.

Error: (05/12/2014 07:09:19 PM) (Source: Microsoft-Windows-DNS-Client) (User: NT-AUTORITÄT) (EventID: 1012)
Description: Fehler beim Lesen der Datei für lokale Hosts.

Error: (05/12/2014 07:09:18 PM) (Source: Microsoft-Windows-DNS-Client) (User: NT-AUTORITÄT) (EventID: 1012)
Description: Fehler beim Lesen der Datei für lokale Hosts.

Error: (05/12/2014 07:09:18 PM) (Source: Microsoft-Windows-DNS-Client) (User: NT-AUTORITÄT) (EventID: 1012)
Description: Fehler beim Lesen der Datei für lokale Hosts.

Error: (05/12/2014 07:09:14 PM) (Source: Microsoft-Windows-DNS-Client) (User: NT-AUTORITÄT) (EventID: 1012)
Description: Fehler beim Lesen der Datei für lokale Hosts.

Error: (05/12/2014 07:09:13 PM) (Source: Microsoft-Windows-DNS-Client) (User: NT-AUTORITÄT) (EventID: 1012)
Description: Fehler beim Lesen der Datei für lokale Hosts.

Error: (05/12/2014 03:12:42 PM) (Source: Microsoft-Windows-DNS-Client) (User: NT-AUTORITÄT) (EventID: 1012)
Description: Fehler beim Lesen der Datei für lokale Hosts.

Error: (05/12/2014 03:12:42 PM) (Source: Microsoft-Windows-DNS-Client) (User: NT-AUTORITÄT) (EventID: 1012)
Description: Fehler beim Lesen der Datei für lokale Hosts.

Error: (05/12/2014 03:12:42 PM) (Source: Microsoft-Windows-DNS-Client) (User: NT-AUTORITÄT) (EventID: 1012)
Description: Fehler beim Lesen der Datei für lokale Hosts.

Error: (05/12/2014 03:12:37 PM) (Source: Microsoft-Windows-DNS-Client) (User: NT-AUTORITÄT) (EventID: 1012)
Description: Fehler beim Lesen der Datei für lokale Hosts.


Microsoft Office Sessions:
=========================
Error: (05/12/2014 04:09:46 PM) (Source: Bonjour Service) (User: ) (EventID: 100)
Description: Task Scheduling Error: m->NextScheduledSPRetry 8003

Error: (05/12/2014 04:09:46 PM) (Source: Bonjour Service) (User: ) (EventID: 100)
Description: Task Scheduling Error: m->NextScheduledEvent 8003

Error: (05/12/2014 04:09:46 PM) (Source: Bonjour Service) (User: ) (EventID: 100)
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (05/12/2014 04:09:45 PM) (Source: Bonjour Service) (User: ) (EventID: 100)
Description: Task Scheduling Error: m->NextScheduledSPRetry 7004

Error: (05/12/2014 04:09:45 PM) (Source: Bonjour Service) (User: ) (EventID: 100)
Description: Task Scheduling Error: m->NextScheduledEvent 7004

Error: (05/12/2014 04:09:45 PM) (Source: Bonjour Service) (User: ) (EventID: 100)
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (05/12/2014 04:09:44 PM) (Source: Bonjour Service) (User: ) (EventID: 100)
Description: Task Scheduling Error: m->NextScheduledSPRetry 6006

Error: (05/12/2014 04:09:44 PM) (Source: Bonjour Service) (User: ) (EventID: 100)
Description: Task Scheduling Error: m->NextScheduledEvent 6006

Error: (05/12/2014 04:09:44 PM) (Source: Bonjour Service) (User: ) (EventID: 100)
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (05/12/2014 04:09:43 PM) (Source: Bonjour Service) (User: ) (EventID: 100)
Description: Task Scheduling Error: m->NextScheduledSPRetry 5008


==================== Memory info =========================== 

Percentage of memory in use: 28%
Total physical RAM: 8155.01 MB
Available physical RAM: 5841.53 MB
Total Pagefile: 16308.2 MB
Available Pagefile: 12643.55 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: (Packard Bell) (Fixed) (Total:457.95 GB) (Free:116.22 GB) NTFS
Drive d: (DATA) (Fixed) (Total:458.46 GB) (Free:211.22 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 3C83586A)
Partition 1: (Not Active) - (Size=15 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=458 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=458 GB) - (Type=07 NTFS)

==================== End Of Log ============================

Verzweifle sogar bei youtube videos geht die cpu hoch unglaublich -.-

schrauber · 13.05.2014, 16:28

Da is Malware, muss aber nit das CU Problem auslösen.

Revo Uninstaller - Download - Filepony
Damit alles deinstallieren was Du in der Additional.txt findest mit dem Zusatz <== ATTENTION

Mit Revo auch Moderat die Reste entfernen lassen.

Scan mit Combofix

WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link

WICHTIG: Speichere Combofix auf deinem Desktop.

Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.

Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!

Wenn Combofix fertig ist, wird es ein Logfile erstellen.

Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

50eurovirus · 15.05.2014, 19:34

Code:

ATTFilter

ComboFix 14-05-13.01 - PBell 15.05.2014  13:20:24.3.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.8155.6014 [GMT 2:00]
ausgeführt von:: c:\users\PBell\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\CFLog
c:\program files (x86)\Common Files\packardbell.ico
c:\windows\SysWow64\SET2EB5.tmp
c:\windows\SysWow64\SET65F2.tmp
c:\windows\SysWow64\SETC22.tmp
D:\install.exe
.
.
(((((((((((((((((((((((   Dateien erstellt von 2014-04-15 bis 2014-05-15  ))))))))))))))))))))))))))))))
.
.
2014-05-15 11:30 . 2014-05-15 11:30	--------	d-----w-	c:\users\Public\AppData\Local\temp
2014-05-15 11:30 . 2014-05-15 11:30	--------	d-----w-	c:\users\Default\AppData\Local\temp
2014-05-15 10:35 . 2014-05-15 10:35	94656	----a-w-	c:\windows\system32\WPRO_41_2001woem.tmp
2014-05-15 00:07 . 2014-05-06 04:40	23544320	----a-w-	c:\windows\system32\mshtml.dll
2014-05-15 00:07 . 2014-05-06 03:00	84992	----a-w-	c:\windows\system32\mshtmled.dll
2014-05-15 00:06 . 2014-05-06 04:17	2724864	----a-w-	c:\windows\system32\mshtml.tlb
2014-05-15 00:06 . 2014-05-06 03:07	2724864	----a-w-	c:\windows\SysWow64\mshtml.tlb
2014-05-14 19:58 . 2014-05-14 19:59	--------	d-----w-	c:\users\PBell\AppData\Local\Ubisoft Game Launcher
2014-05-14 07:44 . 2014-05-14 07:44	--------	d-----w-	c:\users\PBell\AppData\Local\Aeria Games
2014-05-13 17:29 . 2014-05-13 17:29	--------	d-----w-	c:\users\PBell\AppData\Local\SplitMediaLabs
2014-05-13 17:29 . 2014-05-13 17:29	--------	d-----w-	c:\users\PBell\AppData\Local\Blizzard Entertainment
2014-05-13 17:29 . 2014-05-14 23:58	--------	d-----w-	c:\users\PBell\AppData\Local\Battle.net
2014-05-13 12:35 . 2014-05-15 11:11	--------	d-----w-	c:\users\PBell\AppData\Local\CrashDumps
2014-05-13 12:07 . 2014-04-17 03:31	10651704	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{967CBA80-98F1-4921-9383-520CCE3B22B7}\mpengine.dll
2014-05-13 11:58 . 2014-05-15 10:42	--------	d-----w-	c:\users\PBell\AppData\Local\LogMeIn Hamachi
2014-05-13 11:58 . 2014-05-13 11:58	--------	d-----w-	c:\users\PBell\AppData\Local\LogMeIn
2014-05-13 11:58 . 2014-05-13 11:58	--------	d-----w-	c:\users\PBell\AppData\Local\LogiShrd
2014-05-13 10:37 . 2014-05-13 11:24	--------	d-sh--w-	c:\users\PBell\AppData\Local\EmieUserList
2014-05-13 10:37 . 2014-05-13 11:24	--------	d-sh--w-	c:\users\PBell\AppData\Local\EmieSiteList
2014-05-13 10:29 . 2014-05-13 10:29	--------	d-----w-	c:\program files (x86)\VS Revo Group
2014-05-13 10:28 . 2014-05-13 10:28	--------	d-----w-	c:\users\PBell\AppData\Local\Macromedia
2014-05-13 10:25 . 2014-05-13 10:25	--------	d-----w-	c:\users\PBell\AppData\Local\MFAData
2014-05-12 22:46 . 2014-05-12 22:46	--------	d-----w-	c:\users\PBell\AppData\Local\Avg2014
2014-05-12 19:22 . 2014-05-12 19:22	--------	d-----w-	c:\program files (x86)\AGEIA Technologies
2014-05-12 19:21 . 2014-03-04 11:32	599840	----a-w-	c:\windows\SysWow64\nvStreaming.exe
2014-05-12 19:05 . 2014-04-14 18:13	96168	----a-w-	c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-05-12 17:14 . 2014-05-12 17:17	--------	d-----w-	C:\FRST
2014-05-12 10:39 . 2014-05-13 11:57	--------	d-----w-	C:\SUPERDelete
2014-05-12 10:14 . 2014-05-12 10:14	--------	d-----w-	c:\program files\SUPERAntiSpyware
2014-05-12 10:10 . 2014-05-12 22:43	--------	d-----w-	c:\users\PBell\AppData\Roaming\AVG2014
2014-05-12 09:04 . 2014-03-31 16:42	40392	----a-w-	c:\windows\system32\drivers\nvvad64v.sys
2014-05-12 09:04 . 2014-03-31 16:42	34760	----a-w-	c:\windows\SysWow64\nvaudcap32v.dll
2014-05-06 23:18 . 2014-05-15 10:33	--------	d-s---w-	c:\windows\system32\CompatTel
2014-05-01 18:42 . 2014-05-01 18:42	--------	d-----w-	c:\program files (x86)\MegaDev
2014-04-21 21:18 . 2014-04-21 21:18	--------	d-----w-	c:\users\PBell\AppData\Roaming\OBS
2014-04-21 21:18 . 2014-04-21 21:18	--------	d-----w-	c:\program files\OBS
2014-04-21 21:18 . 2014-04-21 21:18	--------	d-----w-	c:\program files (x86)\OBS
2014-04-21 10:44 . 2014-04-21 10:44	--------	d-----w-	c:\program files (x86)\MSECache
2014-04-18 13:01 . 2014-04-18 13:01	237336	----a-w-	c:\windows\system32\drivers\avgidsdrivera.sys
2014-04-17 11:19 . 2014-04-17 11:19	--------	d-----w-	c:\program files (x86)\LogMeIn Hamachi
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-05-15 10:35 . 2013-03-02 23:54	34752	----a-w-	c:\windows\system32\drivers\WPRO_41_2001.sys
2014-05-15 00:02 . 2010-11-03 09:11	93223848	----a-w-	c:\windows\system32\MRT.exe
2014-05-14 13:40 . 2012-04-09 21:06	692400	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2014-05-14 13:40 . 2011-05-25 05:12	70832	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-05-12 20:52 . 2013-11-01 06:15	214392	----a-w-	c:\windows\SysWow64\PnkBstrB.exe
2014-05-12 20:45 . 2011-05-15 00:03	214392	----a-w-	c:\windows\SysWow64\PnkBstrB.ex0
2014-04-30 18:29 . 2013-11-05 16:18	1081112	----a-w-	c:\windows\SysWow64\nvspcap.dll
2014-04-30 18:29 . 2013-11-05 16:18	1225920	----a-w-	c:\windows\system32\nvspcap64.dll
2014-03-31 16:42 . 2013-10-09 15:38	37320	----a-w-	c:\windows\system32\nvaudcap64v.dll
2014-03-31 14:20 . 2014-03-31 14:20	274200	----a-w-	c:\windows\system32\drivers\avgtdia.sys
2014-03-31 14:06 . 2014-03-31 14:06	130840	----a-w-	c:\windows\system32\drivers\avgmfx64.sys
2014-03-31 07:35 . 2010-02-16 00:12	270496	------w-	c:\windows\system32\MpSigStub.exe
2014-03-27 20:14 . 2014-03-27 20:14	192792	----a-w-	c:\windows\system32\drivers\avgidsha.sys
2014-03-27 20:14 . 2014-03-27 20:14	153368	----a-w-	c:\windows\system32\drivers\avgdiska.sys
2014-03-27 20:07 . 2014-03-27 20:07	236824	----a-w-	c:\windows\system32\drivers\avgldx64.sys
2014-03-27 20:05 . 2014-03-27 20:05	324376	----a-w-	c:\windows\system32\drivers\avgloga.sys
2014-03-27 20:03 . 2014-03-27 20:03	32536	----a-w-	c:\windows\system32\drivers\avgrkx64.sys
2014-03-04 14:35 . 2014-01-25 23:05	15783992	----a-w-	c:\windows\SysWow64\nvwgf2um.dll
2014-03-04 14:35 . 2013-10-09 16:07	17755424	----a-w-	c:\windows\system32\nvd3dumx.dll
2014-03-04 14:35 . 2013-03-31 14:54	2715264	----a-w-	c:\windows\SysWow64\nvapi.dll
2014-03-04 14:35 . 2013-02-25 22:32	14709720	----a-w-	c:\windows\SysWow64\nvd3dum.dll
2014-03-04 14:35 . 2013-02-25 22:32	947808	----a-w-	c:\windows\system32\nvumdshimx.dll
2014-03-04 14:35 . 2013-02-25 22:32	18302384	----a-w-	c:\windows\system32\nvwgf2umx.dll
2014-03-04 14:35 . 2012-10-10 20:23	3093280	----a-w-	c:\windows\system32\nvapi64.dll
2014-03-04 13:06 . 2011-01-07 18:49	6714312	----a-w-	c:\windows\system32\nvcpl.dll
2014-03-04 13:06 . 2011-01-07 18:49	3497816	----a-w-	c:\windows\system32\nvsvc64.dll
2014-03-04 13:05 . 2011-01-07 18:48	922968	----a-w-	c:\windows\system32\nvvsvc.exe
2014-03-04 13:05 . 2009-07-14 08:51	64968	----a-w-	c:\windows\system32\nvshext.dll
2014-03-04 13:05 . 2009-07-14 08:51	2558808	----a-w-	c:\windows\system32\nvsvcr.dll
2014-03-04 13:05 . 2011-01-07 18:48	386336	----a-w-	c:\windows\system32\nvmctray.dll
2014-03-04 13:05 . 2013-03-31 14:44	3649185	----a-w-	c:\windows\system32\nvcoproc.bin
2014-03-04 09:44 . 2014-04-09 12:38	243712	----a-w-	c:\windows\system32\wow64.dll
2014-03-04 09:44 . 2014-04-09 12:38	362496	----a-w-	c:\windows\system32\wow64win.dll
2014-03-04 09:44 . 2014-04-09 12:38	13312	----a-w-	c:\windows\system32\wow64cpu.dll
2014-03-04 09:44 . 2014-04-09 12:38	16384	----a-w-	c:\windows\system32\ntvdm64.dll
2014-03-04 09:44 . 2014-04-09 12:38	1163264	----a-w-	c:\windows\system32\kernel32.dll
2014-03-04 09:17 . 2014-04-09 12:38	14336	----a-w-	c:\windows\SysWow64\ntvdm64.dll
2014-03-04 09:17 . 2014-04-09 12:38	44032	----a-w-	c:\windows\apppatch\acwow64.dll
2014-03-04 09:16 . 2014-04-09 12:38	25600	----a-w-	c:\windows\SysWow64\setup16.exe
2014-03-04 09:16 . 2014-04-09 12:38	5120	----a-w-	c:\windows\SysWow64\wow32.dll
2014-03-04 08:09 . 2014-04-09 12:38	7680	----a-w-	c:\windows\SysWow64\instnm.exe
2014-03-04 08:09 . 2014-04-09 12:38	2048	----a-w-	c:\windows\SysWow64\user.exe
2009-09-24 12:30 . 2010-01-23 22:35	1456640	----a-w-	c:\program files (x86)\Common Files\Falk Navi-Manager.msi
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{0F3DC9E0-C459-4a40-BCF8-747BD9322E10}"= "c:\program files (x86)\DeviceVM\SmartView\AddressBarSearch.dll" [2010-09-02 162080]
.
[HKEY_CLASSES_ROOT\clsid\{0f3dc9e0-c459-4a40-bcf8-747bd9322e10}]
[HKEY_CLASSES_ROOT\AddressBarSearch.SearchHook.1]
[HKEY_CLASSES_ROOT\TypeLib\{4E8E0178-00EF-413d-9324-E7B3E31572E3}]
[HKEY_CLASSES_ROOT\AddressBarSearch.SearchHook]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="c:\users\PBell\Desktop\Steam\steam.exe" [2014-04-23 1825984]
"Spotify Web Helper"="c:\users\PBell\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2014-05-13 1176632]
"Spotify"="c:\users\PBell\AppData\Roaming\Spotify\Spotify.exe" [2014-05-13 6170168]
"RGSC"="d:\steamlibrary\SteamApps\common\Grand Theft Auto IV\GTAIV\RGSCLauncher.exe" [2008-12-13 306088]
"puush"="c:\program files (x86)\puush\puush.exe" [2013-07-17 567880]
"EADM"="c:\program files (x86)\Origin\Origin.exe" [2014-05-12 3588952]
"Akamai NetSession Interface"="c:\users\PBell\AppData\Local\Akamai\netsession_win.exe" [2014-04-17 4672920]
"icq"="c:\users\PBell\AppData\Roaming\ICQM\icq.exe" [2014-03-03 33664344]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2014-02-10 20922016]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2014-01-06 6563608]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SmartviewAgent"="c:\program files (x86)\DeviceVM\SmartView\SmartViewAgent.exe" [2010-09-02 948504]
"XFastUSB"="c:\program files (x86)\XFastUSB\XFastUsb.exe" [2013-03-02 5019360]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-02-26 291608]
"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-11 90112]
"THX TruStudio NB Settings"="c:\program files (x86)\Creative\THX TruStudio\THXNBSet\THXAudNB.exe" [2011-05-19 909824]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-11-29 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-11-01 152392]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" [2012-06-07 56128]
"GamingKeyboard"="c:\program files (x86)\SHARKOON Skiller\GameMon.exe" [2012-06-07 1803264]
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2013-02-13 1263952]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-09-13 59720]
"Aeria Ignite"="c:\program files (x86)\Aeria Games\Ignite\aeriaignite.exe" [2013-06-06 1925656]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2014-04-15 3814736]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
SetPointII.lnk - c:\program files\Logitech\SetPoint II\SetPointII.exe [2009-7-21 815104]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
R1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgldx64.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 ALSysIO;ALSysIO;c:\users\PBell\AppData\Local\Temp\ALSysIO64.sys;c:\users\PBell\AppData\Local\Temp\ALSysIO64.sys [x]
R3 e1kexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver K;c:\windows\system32\DRIVERS\e1k62x64.sys;c:\windows\SYSNATIVE\DRIVERS\e1k62x64.sys [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys;c:\windows\SYSNATIVE\drivers\EagleX64.sys [x]
R3 FNETTBOH_305;FNETTBOH_305;c:\windows\system32\drivers\FNETTBOH_305.SYS;c:\windows\SYSNATIVE\drivers\FNETTBOH_305.SYS [x]
R3 HCW85BDA;Hauppauge WinTV 885 Video Capture;c:\windows\system32\drivers\HCW85BDA.sys;c:\windows\SYSNATIVE\drivers\HCW85BDA.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver;c:\windows\system32\DRIVERS\MijXfilt.sys;c:\windows\SYSNATIVE\DRIVERS\MijXfilt.sys [x]
R3 MSICDSetup;MSICDSetup;e:\cdriver64.sys;e:\CDriver64.sys [x]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des;c:\windows\SYSNATIVE\GameMon.des [x]
R3 PAC207;SoC PC-Camera;c:\windows\system32\DRIVERS\PFC027.SYS;c:\windows\SYSNATIVE\DRIVERS\PFC027.SYS [x]
R3 SaiU04E5;SaiU04E5;c:\windows\system32\DRIVERS\SaiU04E5.sys;c:\windows\SYSNATIVE\DRIVERS\SaiU04E5.sys [x]
R3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\DRIVERS\ss_bbus.sys;c:\windows\SYSNATIVE\DRIVERS\ss_bbus.sys [x]
R3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\DRIVERS\ss_bmdfl.sys;c:\windows\SYSNATIVE\DRIVERS\ss_bmdfl.sys [x]
R3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\DRIVERS\ss_bmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ss_bmdm.sys [x]
R3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);c:\windows\system32\DRIVERS\tap0901t.sys;c:\windows\SYSNATIVE\DRIVERS\tap0901t.sys [x]
R3 TFsExDisk;TFsExDisk;c:\windows\System32\Drivers\TFsExDisk.sys;c:\windows\SYSNATIVE\Drivers\TFsExDisk.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TunngleService;TunngleService;d:\tunngle\TnglCtrl.exe;d:\tunngle\TnglCtrl.exe [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 wolf;wolf;d:\games\WolfTeam\WolfTeam-DE\avital\wolf64.sys;d:\games\WolfTeam\WolfTeam-DE\avital\wolf64.sys [x]
R3 X6va002;X6va002;c:\users\PBell\AppData\Local\Temp\002D55A.tmp;c:\users\PBell\AppData\Local\Temp\002D55A.tmp [x]
R3 X6va005;X6va005;c:\users\PBell\AppData\Local\Temp\005BDCB.tmp;c:\users\PBell\AppData\Local\Temp\005BDCB.tmp [x]
R3 X6va008;X6va008;c:\windows\SysWOW64\Drivers\X6va008;c:\windows\SysWOW64\Drivers\X6va008 [x]
R3 X6va009;X6va009;c:\windows\SysWOW64\Drivers\X6va009;c:\windows\SysWOW64\Drivers\X6va009 [x]
R3 X6va011;X6va011;c:\windows\SysWOW64\Drivers\X6va011;c:\windows\SysWOW64\Drivers\X6va011 [x]
R3 X6va012;X6va012;c:\windows\SysWOW64\Drivers\X6va012;c:\windows\SysWOW64\Drivers\X6va012 [x]
R3 xhunter1;xhunter1;c:\windows\xhunter1.sys;c:\windows\xhunter1.sys [x]
R4 avgfws;AVG Firewall;c:\program files (x86)\AVG\AVG2014\avgfws.exe;c:\program files (x86)\AVG\AVG2014\avgfws.exe [x]
R4 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2014\avgidsagent.exe;c:\program files (x86)\AVG\AVG2014\avgidsagent.exe [x]
R4 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2014\avgwdsvc.exe;c:\program files (x86)\AVG\AVG2014\avgwdsvc.exe [x]
S0 AsrRamDisk;AsrRamDisk;c:\windows\system32\DRIVERS\AsrRamDisk.sys;c:\windows\SYSNATIVE\DRIVERS\AsrRamDisk.sys [x]
S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsha.sys [x]
S0 Avgloga;AVG Logging Driver;c:\windows\system32\DRIVERS\avgloga.sys;c:\windows\SYSNATIVE\DRIVERS\avgloga.sys [x]
S0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgmfx64.sys [x]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgrkx64.sys [x]
S0 iusb3hcs;Intel(R) USB 3.0 Hostcontroller-Switchtreiber;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S1 AsrAppCharger;AsrAppCharger;c:\windows\system32\DRIVERS\AsrAppCharger.sys;c:\windows\SYSNATIVE\DRIVERS\AsrAppCharger.sys [x]
S1 Avgdiska;AVG Disk Driver;c:\windows\system32\DRIVERS\avgdiska.sys;c:\windows\SYSNATIVE\DRIVERS\avgdiska.sys [x]
S1 Avgfwfd;AVG network filter service;c:\windows\system32\DRIVERS\avgfwd6a.sys;c:\windows\SYSNATIVE\DRIVERS\avgfwd6a.sys [x]
S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsdrivera.sys [x]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys;c:\windows\SYSNATIVE\DRIVERS\avgtdia.sys [x]
S1 FNETURPX;FNETURPX;c:\windows\system32\drivers\FNETURPX.SYS;c:\windows\SYSNATIVE\drivers\FNETURPX.SYS [x]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [x]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [x]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [x]
S2 AdobeActiveFileMonitor7.0;Adobe Active File Monitor V7;c:\program files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe;c:\program files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe [x]
S2 DRHARD64;DRHARD64;c:\windows\system32\drivers\DRHARD64.sys;c:\windows\SYSNATIVE\drivers\DRHARD64.sys [x]
S2 DRHMSR64;DRHMSR64;c:\windows\system32\drivers\DRHMSR64.sys;c:\windows\SYSNATIVE\drivers\DRHMSR64.sys [x]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 Intel(R) ME Service;Intel(R) ME Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [x]
S2 ISCTAgent;ISCT Always Updated Agent;c:\program files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe;c:\program files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 LMIGuardianSvc;LMIGuardianSvc;c:\program files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe;c:\program files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 SmartViewService;SmartView service;c:\program files (x86)\DeviceVM\SmartView\SmartViewService.exe;c:\program files (x86)\DeviceVM\SmartView\SmartViewService.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 WCUService;SmartView Software Updater Service;c:\program files (x86)\DeviceVM\SmartView Software Updater\WCUService.exe;c:\program files (x86)\DeviceVM\SmartView Software Updater\WCUService.exe [x]
S3 GameKB;SHARKOON Skiller;c:\windows\system32\drivers\GameKB.sys;c:\windows\SYSNATIVE\drivers\GameKB.sys [x]
S3 ikbevent;Intel Upper keyboard Class Filter Driver;c:\windows\system32\DRIVERS\ikbevent.sys;c:\windows\SYSNATIVE\DRIVERS\ikbevent.sys [x]
S3 imsevent;Intel Upper Mouse Class Filter Driver;c:\windows\system32\DRIVERS\imsevent.sys;c:\windows\SYSNATIVE\DRIVERS\imsevent.sys [x]
S3 ISCT;Intel(R) Smart Connect Technology Device Driver;c:\windows\system32\DRIVERS\ISCTD64.sys;c:\windows\SYSNATIVE\DRIVERS\ISCTD64.sys [x]
S3 iusb3hub;Intel(R) USB 3.0-Hubtreiber;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible-Hostcontrollertreiber;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 MBfilt;MBfilt;c:\windows\system32\drivers\MBfilt64.sys;c:\windows\SYSNATIVE\drivers\MBfilt64.sys [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 WPRO_41_2001;WinPcap Packet Driver (WPRO_41_2001);c:\windows\system32\drivers\WPRO_41_2001.sys;c:\windows\SYSNATIVE\drivers\WPRO_41_2001.sys [x]
.
.
Inhalt des "geplante Tasks" Ordners
.
2014-05-15 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-09 13:40]
.
2014-05-15 c:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
- c:\program files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25 12:41]
.
2014-05-14 c:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
- c:\program files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25 12:41]
.
2014-05-14 c:\windows\Tasks\SUPERAntiSpyware Scheduled Task 1d53a26a-add7-4e27-aa09-3c87e6e52917.job
- c:\program files\SUPERAntiSpyware\SASTask.exe [2013-11-07 20:08]
.
2014-05-15 c:\windows\Tasks\SUPERAntiSpyware Scheduled Task 29a223a8-2568-45ad-b993-d578487cd2d4.job
- c:\program files\SUPERAntiSpyware\SASTask.exe [2013-11-07 20:08]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"XboxStat"="c:\program files\Microsoft Xbox 360 Accessories\XboxStat.exe" [2009-09-30 825184]
"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 660360]
"THXCfg64"="c:\windows\system32\THXCfg64.dll" [2011-05-13 26624]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2014-04-30 1225920]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-10-17 13307496]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-04-30 2199840]
"Monitor"="c:\windows\PixArt\PAC207\Monitor.exe" [2006-11-03 319488]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2009-06-17 130576]
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = about:blank
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html
Trusted Zone: aeriagames.com
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\PBell\AppData\Roaming\Mozilla\Firefox\Profiles\fprgzeol.default\
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKCU-Run-ASRockXTU - (no file)
Wow6432Node-HKCU-Run-zASRockInstantBoot - (no file)
Wow6432Node-HKCU-Run-Cerberus - c:\windows\system32\Cerberus\server.exe
Wow6432Node-HKLM-Run-Packard Bell Photo Frame - c:\program files (x86)\Packard Bell Photo Frame\ButtonMonitor.exe
Wow6432Node-HKLM-Run-ClickPotatoLiteSA - c:\program files (x86)\ClickPotatoLite\bin\10.0.622.0\ClickPotatoLiteSA.exe
Wow6432Node-HKLM-Run-AVG_UI - c:\program files (x86)\AVG\AVG2014\avgui.exe
Wow6432Node-HKU-Default-Run-MCNservice - c:\users\PBell\AppData\Roaming\MCNMiner.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
BHO-{4F5806BB-DF64-4AC5-9485-572625569CE0} - c:\program files (x86)\MintCastNetworks\MintCastNetworks_x64.dll
HKLM-Run-Nvtmru - c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe
AddRemove-Battlelog Web Plugins - c:\program files (x86)\Battlelog Web Plugins\uninstall.exe
AddRemove-Borderlands 2_is1 - d:\games\Borderlands 2\Borderlands 2\unins000.exe
AddRemove-Global Martial Heroes OBT Client + Launcher - d:\games\GlobalMartialheroes\Uninstal.exe
AddRemove-WolfTeam-DE - d:\games\WolfTeam\WolfTeam-DE\Uninst.exe
AddRemove-Akamai - c:\users\PBell\AppData\Local\Akamai\uninstall.exe
AddRemove-JoinMe - c:\users\PBell\AppData\Local\join.me\join.me.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va002]
"ImagePath"="\??\c:\users\PBell\AppData\Local\Temp\002D55A.tmp"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va005]
"ImagePath"="\??\c:\users\PBell\AppData\Local\Temp\005BDCB.tmp"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va008]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va008"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va009]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va009"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va011]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va011"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va012]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va012"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-3396300932-3457207744-2361604580-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-3396300932-3457207744-2361604580-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_USERS\S-1-5-21-3396300932-3457207744-2361604580-1000\Software\SecuROM\License information*]
"datasecu"=hex:c0,af,f0,30,4d,1e,5b,f4,90,8a,b2,9a,f5,c2,74,ba,18,25,62,74,a5,
   4e,d3,46,f8,f5,15,7b,5f,d9,c4,50,85,d0,d0,00,e0,a9,b3,52,bf,08,24,4e,6e,22,\
"rkeysecu"=hex:2f,0f,d5,3e,02,2b,06,63,b1,0b,dd,b6,71,e2,54,98
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_13_0_0_214_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_13_0_0_214_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_13_0_0_214_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_13_0_0_214_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.13"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Windows CE Services]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2014-05-15  13:33:48
ComboFix-quarantined-files.txt  2014-05-15 11:33
ComboFix2.txt  2011-05-12 06:46
ComboFix3.txt  2011-05-10 12:53
.
Vor Suchlauf: 31 Verzeichnis(se), 130.415.558.656 Bytes frei
Nach Suchlauf: 33 Verzeichnis(se), 130.058.391.552 Bytes frei
.
- - End Of File - - 220C73F78C8EFBD8FE03FB92B8449A2A

Jetzt weiß ich woran meine cpu beim download in die höhe springt der grund liegt bei avg internet security habe es einmal komplett deinstalliert und download gestarten alles super keine cpu erhöt nix dan wieder installiert cpu springt in die höhe ... irgendeine optionen bei avg aber welche keine ahnung ..

schrauber · 16.05.2014, 12:35

dann schmeiss AVG weg, aber die Adware entfernen wir noch.

Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

und ein frisches FRST log bitte.

50eurovirus · 21.05.2014, 18:46

Code:

ATTFilter

# AdwCleaner v3.210 - Bericht erstellt am 21/05/2014 um 18:01:32
# Aktualisiert 19/05/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : PBell - PATRYKOO
# Gestartet von : C:\Users\PBell\Downloads\adwcleaner_3.210.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\DeviceVM
Ordner Gelöscht : C:\ProgramData\Partner
Ordner Gelöscht : C:\ProgramData\Tarma Installer
Ordner Gelöscht : C:\Program Files (x86)\DeviceVM
Ordner Gelöscht : C:\Program Files (x86)\Common Files\Plasmoo
Ordner Gelöscht : C:\Windows\assembly\GAC_MSIL\QuickStoresToolbar
Ordner Gelöscht : C:\Program Files\Uninstaller
Ordner Gelöscht : C:\Users\PBell\AppData\Roaming\DeviceVM
Ordner Gelöscht : C:\Users\PBell\AppData\Roaming\dvdvideosoftiehelpers
Ordner Gelöscht : C:\Users\PBell\AppData\Roaming\eType
Ordner Gelöscht : C:\Users\PBell\AppData\Roaming\QuickStoresToolbar
Ordner Gelöscht : C:\Users\PBell\Desktop\Save
Datei Gelöscht : C:\END
Datei Gelöscht : C:\Users\PBell\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\QuickStores.url
Datei Gelöscht : C:\Users\PBell\AppData\Roaming\Microsoft\Windows\Start Menu\QuickStores.url

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\blaofbhgbmeikidhlkmjhbkbfohpgekf
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AddressBarSearch.SearchHook
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AddressBarSearch.SearchHook.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Movie2KDownloader
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\avg-secure-search-installer_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\avg-secure-search-installer_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\ClickPotatoLiteSA_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\ClickPotatoLiteSA_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Movie2KDownloader_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Movie2KDownloader_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_xpadder (1)_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_xpadder (1)_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_xpadder_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_xpadder_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_cossacks-european-wars_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_cossacks-european-wars_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_hypercam_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_hypercam_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_visualboyadvance_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_visualboyadvance_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{82A5CE4D-AF0C-45B6-8AF8-75625BE6A08D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{B2B7E0CD-E169-43B3-A233-E129610EE314}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{0DEC13F0-5C8C-4147-8329-6CDFAD9755B7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{0E5680D1-BF44-4929-94AF-FD30D784AD1D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{0F3DC9E0-C459-4A40-BCF8-747BD9322E10}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5E97F0FA-3B44-4634-A87E-8B0D5CFD6365}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{951F5841-FD1E-4F1D-8607-67B174DBD753}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{D1CCB0CC-DA45-4797-93D3-DEE7A13F8177}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{DCE24E28-D8EF-49BE-BC01-A1DD3B58FCE3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E4F7F1A5-490E-4884-A9E3-CBD6A25749E1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{FFE66D00-A56A-4F7F-81D7-4A28C5816D6C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{0C58B7D1-D415-492B-A149-E976156BD3B8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{4E8E0178-00EF-413D-9324-E7B3E31572E3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{A1A533A8-E106-422B-AE29-D0025269AF83}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{B1759D04-0EF9-472A-B5C3-C774997B5321}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E5680D1-BF44-4929-94AF-FD30D784AD1D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0E5680D1-BF44-4929-94AF-FD30D784AD1D}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7854F00C-DC77-477E-A10E-603F48442D3B}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0E5680D1-BF44-4929-94AF-FD30D784AD1D}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4250488A-CB24-0893-C066-B1AEA57BCFF2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{80ED3EBC-CC05-4336-ABCC-295798855718}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{0F3DC9E0-C459-4A40-BCF8-747BD9322E10}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Wert Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\DSNR Labs
Schlüssel Gelöscht : HKCU\Software\InstallCore
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\YahooPartnerToolbar
Schlüssel Gelöscht : HKLM\Software\Cheat Engine\OpenCandy
Schlüssel Gelöscht : HKLM\Software\Freeze.com
Schlüssel Gelöscht : HKLM\Software\systweak
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DMUninstaller
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\QuickStores-Toolbar_is1
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\DivX\Install\Setup\WizardLayout\ConduitToolbar

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17041


-\\ Mozilla Firefox v29.0.1 (de)

[ Datei : C:\Users\PBell\AppData\Roaming\Mozilla\Firefox\Profiles\fprgzeol.default\prefs.js ]


*************************

AdwCleaner[R0].txt - [10591 octets] - [21/05/2014 18:00:04]
AdwCleaner[S0].txt - [10168 octets] - [21/05/2014 18:01:32]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [10229 octets] ##########

Code:

ATTFilter

ComboFix 14-05-13.01 - PBell 21.05.2014  18:22:55.4.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.8155.5928 [GMT 2:00]
ausgeführt von:: c:\users\PBell\Desktop\virus vernichter\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Neuer Wiederherstellungspunkt wurde erstellt
.
.
(((((((((((((((((((((((   Dateien erstellt von 2014-04-21 bis 2014-05-21  ))))))))))))))))))))))))))))))
.
.
2014-05-21 16:35 . 2014-05-21 16:35	--------	d-----w-	c:\users\Public\AppData\Local\temp
2014-05-21 16:35 . 2014-05-21 16:35	--------	d-----w-	c:\users\Gast\AppData\Local\temp
2014-05-21 16:35 . 2014-05-21 16:35	--------	d-----w-	c:\users\Default\AppData\Local\temp
2014-05-21 16:08 . 2014-05-21 16:08	--------	d-----w-	c:\windows\ERUNT
2014-05-21 16:03 . 2014-05-21 16:03	94656	----a-w-	c:\windows\system32\WPRO_41_2001woem.tmp
2014-05-21 15:59 . 2014-05-21 16:01	--------	d-----w-	C:\AdwCleaner
2014-05-21 09:17 . 2014-04-17 03:31	10651704	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{17DFBA08-6B2B-4E66-8382-51A0467163E0}\mpengine.dll
2014-05-18 10:25 . 2014-05-21 16:07	119512	----a-w-	c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-05-18 10:25 . 2014-05-18 10:25	--------	d-----w-	c:\program files (x86)\ Malwarebytes Anti-Malware 
2014-05-18 10:25 . 2014-04-03 07:51	63192	----a-w-	c:\windows\system32\drivers\mwac.sys
2014-05-18 10:25 . 2014-04-03 07:51	88280	----a-w-	c:\windows\system32\drivers\mbamchameleon.sys
2014-05-18 10:25 . 2014-04-03 07:50	25816	----a-w-	c:\windows\system32\drivers\mbam.sys
2014-05-18 10:24 . 2014-05-18 10:24	--------	d-----w-	c:\users\PBell\AppData\Local\Programs
2014-05-16 07:47 . 2014-05-16 07:47	--------	d-----w-	c:\program files (x86)\LogMeIn Hamachi
2014-05-15 11:57 . 2014-05-18 10:10	--------	d-----w-	c:\programdata\MFAData
2014-05-15 11:57 . 2014-05-15 11:57	--------	d-----w-	c:\users\PBell\AppData\Local\MFAData
2014-05-15 00:07 . 2014-05-06 04:40	23544320	----a-w-	c:\windows\system32\mshtml.dll
2014-05-15 00:07 . 2014-05-06 03:00	84992	----a-w-	c:\windows\system32\mshtmled.dll
2014-05-15 00:06 . 2014-05-06 04:17	2724864	----a-w-	c:\windows\system32\mshtml.tlb
2014-05-15 00:06 . 2014-05-06 03:07	2724864	----a-w-	c:\windows\SysWow64\mshtml.tlb
2014-05-14 19:58 . 2014-05-14 19:59	--------	d-----w-	c:\users\PBell\AppData\Local\Ubisoft Game Launcher
2014-05-14 07:44 . 2014-05-14 07:44	--------	d-----w-	c:\users\PBell\AppData\Local\Aeria Games
2014-05-13 17:29 . 2014-05-13 17:29	--------	d-----w-	c:\users\PBell\AppData\Local\SplitMediaLabs
2014-05-13 17:29 . 2014-05-13 17:29	--------	d-----w-	c:\users\PBell\AppData\Local\Blizzard Entertainment
2014-05-13 17:29 . 2014-05-21 16:01	--------	d-----w-	c:\users\PBell\AppData\Local\Battle.net
2014-05-13 12:35 . 2014-05-17 23:08	--------	d-----w-	c:\users\PBell\AppData\Local\CrashDumps
2014-05-13 11:58 . 2014-05-21 16:07	--------	d-----w-	c:\users\PBell\AppData\Local\LogMeIn Hamachi
2014-05-13 11:58 . 2014-05-13 11:58	--------	d-----w-	c:\users\PBell\AppData\Local\LogMeIn
2014-05-13 11:58 . 2014-05-13 11:58	--------	d-----w-	c:\users\PBell\AppData\Local\LogiShrd
2014-05-13 10:37 . 2014-05-13 11:24	--------	d-sh--w-	c:\users\PBell\AppData\Local\EmieUserList
2014-05-13 10:37 . 2014-05-13 11:24	--------	d-sh--w-	c:\users\PBell\AppData\Local\EmieSiteList
2014-05-13 10:29 . 2014-05-13 10:29	--------	d-----w-	c:\program files (x86)\VS Revo Group
2014-05-13 10:28 . 2014-05-13 10:28	--------	d-----w-	c:\users\PBell\AppData\Local\Macromedia
2014-05-12 19:22 . 2014-05-12 19:22	--------	d-----w-	c:\program files (x86)\AGEIA Technologies
2014-05-12 19:21 . 2014-03-04 11:32	599840	----a-w-	c:\windows\SysWow64\nvStreaming.exe
2014-05-12 19:05 . 2014-04-14 18:13	96168	----a-w-	c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-05-12 17:14 . 2014-05-12 17:17	--------	d-----w-	C:\FRST
2014-05-12 10:39 . 2014-05-13 11:57	--------	d-----w-	C:\SUPERDelete
2014-05-12 10:14 . 2014-05-12 10:14	--------	d-----w-	c:\program files\SUPERAntiSpyware
2014-05-12 09:04 . 2014-03-31 16:42	40392	----a-w-	c:\windows\system32\drivers\nvvad64v.sys
2014-05-12 09:04 . 2014-03-31 16:42	34760	----a-w-	c:\windows\SysWow64\nvaudcap32v.dll
2014-05-06 23:18 . 2014-05-15 10:33	--------	d-s---w-	c:\windows\system32\CompatTel
2014-05-01 18:42 . 2014-05-01 18:42	--------	d-----w-	c:\program files (x86)\MegaDev
2014-04-21 21:18 . 2014-04-21 21:18	--------	d-----w-	c:\users\PBell\AppData\Roaming\OBS
2014-04-21 21:18 . 2014-04-21 21:18	--------	d-----w-	c:\program files\OBS
2014-04-21 21:18 . 2014-04-21 21:18	--------	d-----w-	c:\program files (x86)\OBS
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-05-21 16:03 . 2013-03-02 23:54	34752	----a-w-	c:\windows\system32\drivers\WPRO_41_2001.sys
2014-05-15 00:02 . 2010-11-03 09:11	93223848	----a-w-	c:\windows\system32\MRT.exe
2014-05-14 13:40 . 2012-04-09 21:06	692400	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2014-05-14 13:40 . 2011-05-25 05:12	70832	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-05-12 20:52 . 2013-11-01 06:15	214392	----a-w-	c:\windows\SysWow64\PnkBstrB.exe
2014-05-12 20:45 . 2011-05-15 00:03	214392	----a-w-	c:\windows\SysWow64\PnkBstrB.ex0
2014-04-30 18:29 . 2013-11-05 16:18	1081112	----a-w-	c:\windows\SysWow64\nvspcap.dll
2014-04-30 18:29 . 2013-11-05 16:18	1225920	----a-w-	c:\windows\system32\nvspcap64.dll
2014-03-31 16:42 . 2013-10-09 15:38	37320	----a-w-	c:\windows\system32\nvaudcap64v.dll
2014-03-31 07:35 . 2010-02-16 00:12	270496	------w-	c:\windows\system32\MpSigStub.exe
2014-03-04 14:35 . 2014-01-25 23:05	15783992	----a-w-	c:\windows\SysWow64\nvwgf2um.dll
2014-03-04 14:35 . 2013-10-09 16:07	17755424	----a-w-	c:\windows\system32\nvd3dumx.dll
2014-03-04 14:35 . 2013-03-31 14:54	2715264	----a-w-	c:\windows\SysWow64\nvapi.dll
2014-03-04 14:35 . 2013-02-25 22:32	14709720	----a-w-	c:\windows\SysWow64\nvd3dum.dll
2014-03-04 14:35 . 2013-02-25 22:32	947808	----a-w-	c:\windows\system32\nvumdshimx.dll
2014-03-04 14:35 . 2013-02-25 22:32	18302384	----a-w-	c:\windows\system32\nvwgf2umx.dll
2014-03-04 14:35 . 2012-10-10 20:23	3093280	----a-w-	c:\windows\system32\nvapi64.dll
2014-03-04 13:06 . 2011-01-07 18:49	6714312	----a-w-	c:\windows\system32\nvcpl.dll
2014-03-04 13:06 . 2011-01-07 18:49	3497816	----a-w-	c:\windows\system32\nvsvc64.dll
2014-03-04 13:05 . 2011-01-07 18:48	922968	----a-w-	c:\windows\system32\nvvsvc.exe
2014-03-04 13:05 . 2009-07-14 08:51	64968	----a-w-	c:\windows\system32\nvshext.dll
2014-03-04 13:05 . 2009-07-14 08:51	2558808	----a-w-	c:\windows\system32\nvsvcr.dll
2014-03-04 13:05 . 2011-01-07 18:48	386336	----a-w-	c:\windows\system32\nvmctray.dll
2014-03-04 13:05 . 2013-03-31 14:44	3649185	----a-w-	c:\windows\system32\nvcoproc.bin
2014-03-04 09:44 . 2014-04-09 12:38	243712	----a-w-	c:\windows\system32\wow64.dll
2014-03-04 09:44 . 2014-04-09 12:38	362496	----a-w-	c:\windows\system32\wow64win.dll
2014-03-04 09:44 . 2014-04-09 12:38	13312	----a-w-	c:\windows\system32\wow64cpu.dll
2014-03-04 09:44 . 2014-04-09 12:38	16384	----a-w-	c:\windows\system32\ntvdm64.dll
2014-03-04 09:44 . 2014-04-09 12:38	1163264	----a-w-	c:\windows\system32\kernel32.dll
2014-03-04 09:17 . 2014-04-09 12:38	14336	----a-w-	c:\windows\SysWow64\ntvdm64.dll
2014-03-04 09:17 . 2014-04-09 12:38	44032	----a-w-	c:\windows\apppatch\acwow64.dll
2014-03-04 09:16 . 2014-04-09 12:38	25600	----a-w-	c:\windows\SysWow64\setup16.exe
2014-03-04 09:16 . 2014-04-09 12:38	5120	----a-w-	c:\windows\SysWow64\wow32.dll
2014-03-04 08:09 . 2014-04-09 12:38	7680	----a-w-	c:\windows\SysWow64\instnm.exe
2014-03-04 08:09 . 2014-04-09 12:38	2048	----a-w-	c:\windows\SysWow64\user.exe
2009-09-24 12:30 . 2010-01-23 22:35	1456640	----a-w-	c:\program files (x86)\Common Files\Falk Navi-Manager.msi
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="c:\users\PBell\Desktop\Steam\steam.exe" [2014-04-23 1825984]
"Spotify Web Helper"="c:\users\PBell\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2014-05-13 1176632]
"Spotify"="c:\users\PBell\AppData\Roaming\Spotify\Spotify.exe" [2014-05-13 6170168]
"RGSC"="d:\steamlibrary\SteamApps\common\Grand Theft Auto IV\GTAIV\RGSCLauncher.exe" [2008-12-13 306088]
"puush"="c:\program files (x86)\puush\puush.exe" [2013-07-17 567880]
"EADM"="c:\program files (x86)\Origin\Origin.exe" [2014-05-12 3588952]
"Akamai NetSession Interface"="c:\users\PBell\AppData\Local\Akamai\netsession_win.exe" [2014-04-17 4672920]
"icq"="c:\users\PBell\AppData\Roaming\ICQM\icq.exe" [2014-03-03 33664344]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2014-02-10 20922016]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2014-01-06 6563608]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"XFastUSB"="c:\program files (x86)\XFastUSB\XFastUsb.exe" [2013-03-02 5019360]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-02-26 291608]
"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-11 90112]
"THX TruStudio NB Settings"="c:\program files (x86)\Creative\THX TruStudio\THXNBSet\THXAudNB.exe" [2011-05-19 909824]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-11-29 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-11-01 152392]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" [2012-06-07 56128]
"GamingKeyboard"="c:\program files (x86)\SHARKOON Skiller\GameMon.exe" [2012-06-07 1803264]
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2013-02-13 1263952]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-09-13 59720]
"Aeria Ignite"="c:\program files (x86)\Aeria Games\Ignite\aeriaignite.exe" [2013-06-06 1925656]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2014-05-13 3814736]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
SetPointII.lnk - c:\program files\Logitech\SetPoint II\SetPointII.exe [2009-7-21 815104]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SmartViewService;SmartView service;c:\program files (x86)\DeviceVM\SmartView\SmartViewService.exe;c:\program files (x86)\DeviceVM\SmartView\SmartViewService.exe [x]
R2 WCUService;SmartView Software Updater Service;c:\program files (x86)\DeviceVM\SmartView Software Updater\WCUService.exe;c:\program files (x86)\DeviceVM\SmartView Software Updater\WCUService.exe [x]
R3 e1kexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver K;c:\windows\system32\DRIVERS\e1k62x64.sys;c:\windows\SYSNATIVE\DRIVERS\e1k62x64.sys [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys;c:\windows\SYSNATIVE\drivers\EagleX64.sys [x]
R3 FNETTBOH_305;FNETTBOH_305;c:\windows\system32\drivers\FNETTBOH_305.SYS;c:\windows\SYSNATIVE\drivers\FNETTBOH_305.SYS [x]
R3 HCW85BDA;Hauppauge WinTV 885 Video Capture;c:\windows\system32\drivers\HCW85BDA.sys;c:\windows\SYSNATIVE\drivers\HCW85BDA.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver;c:\windows\system32\DRIVERS\MijXfilt.sys;c:\windows\SYSNATIVE\DRIVERS\MijXfilt.sys [x]
R3 MSICDSetup;MSICDSetup;e:\cdriver64.sys;e:\CDriver64.sys [x]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des;c:\windows\SYSNATIVE\GameMon.des [x]
R3 PAC207;SoC PC-Camera;c:\windows\system32\DRIVERS\PFC027.SYS;c:\windows\SYSNATIVE\DRIVERS\PFC027.SYS [x]
R3 SaiU04E5;SaiU04E5;c:\windows\system32\DRIVERS\SaiU04E5.sys;c:\windows\SYSNATIVE\DRIVERS\SaiU04E5.sys [x]
R3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\DRIVERS\ss_bbus.sys;c:\windows\SYSNATIVE\DRIVERS\ss_bbus.sys [x]
R3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\DRIVERS\ss_bmdfl.sys;c:\windows\SYSNATIVE\DRIVERS\ss_bmdfl.sys [x]
R3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\DRIVERS\ss_bmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ss_bmdm.sys [x]
R3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);c:\windows\system32\DRIVERS\tap0901t.sys;c:\windows\SYSNATIVE\DRIVERS\tap0901t.sys [x]
R3 TFsExDisk;TFsExDisk;c:\windows\System32\Drivers\TFsExDisk.sys;c:\windows\SYSNATIVE\Drivers\TFsExDisk.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TunngleService;TunngleService;d:\tunngle\TnglCtrl.exe;d:\tunngle\TnglCtrl.exe [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 wolf;wolf;d:\games\WolfTeam\WolfTeam-DE\avital\wolf64.sys;d:\games\WolfTeam\WolfTeam-DE\avital\wolf64.sys [x]
R3 X6va002;X6va002;c:\users\PBell\AppData\Local\Temp\002D55A.tmp;c:\users\PBell\AppData\Local\Temp\002D55A.tmp [x]
R3 X6va005;X6va005;c:\users\PBell\AppData\Local\Temp\005BDCB.tmp;c:\users\PBell\AppData\Local\Temp\005BDCB.tmp [x]
R3 X6va008;X6va008;c:\windows\SysWOW64\Drivers\X6va008;c:\windows\SysWOW64\Drivers\X6va008 [x]
R3 X6va009;X6va009;c:\windows\SysWOW64\Drivers\X6va009;c:\windows\SysWOW64\Drivers\X6va009 [x]
R3 X6va011;X6va011;c:\windows\SysWOW64\Drivers\X6va011;c:\windows\SysWOW64\Drivers\X6va011 [x]
R3 X6va012;X6va012;c:\windows\SysWOW64\Drivers\X6va012;c:\windows\SysWOW64\Drivers\X6va012 [x]
R3 xhunter1;xhunter1;c:\windows\xhunter1.sys;c:\windows\xhunter1.sys [x]
S0 AsrRamDisk;AsrRamDisk;c:\windows\system32\DRIVERS\AsrRamDisk.sys;c:\windows\SYSNATIVE\DRIVERS\AsrRamDisk.sys [x]
S0 iusb3hcs;Intel(R) USB 3.0 Hostcontroller-Switchtreiber;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S1 AsrAppCharger;AsrAppCharger;c:\windows\system32\DRIVERS\AsrAppCharger.sys;c:\windows\SYSNATIVE\DRIVERS\AsrAppCharger.sys [x]
S1 FNETURPX;FNETURPX;c:\windows\system32\drivers\FNETURPX.SYS;c:\windows\SYSNATIVE\drivers\FNETURPX.SYS [x]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [x]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [x]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [x]
S2 AdobeActiveFileMonitor7.0;Adobe Active File Monitor V7;c:\program files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe;c:\program files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe [x]
S2 DRHARD64;DRHARD64;c:\windows\system32\drivers\DRHARD64.sys;c:\windows\SYSNATIVE\drivers\DRHARD64.sys [x]
S2 DRHMSR64;DRHMSR64;c:\windows\system32\drivers\DRHMSR64.sys;c:\windows\SYSNATIVE\drivers\DRHMSR64.sys [x]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 Intel(R) ME Service;Intel(R) ME Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [x]
S2 ISCTAgent;ISCT Always Updated Agent;c:\program files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe;c:\program files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 LMIGuardianSvc;LMIGuardianSvc;c:\program files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe;c:\program files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [x]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [x]
S2 MBAMService;MBAMService;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 GameKB;SHARKOON Skiller;c:\windows\system32\drivers\GameKB.sys;c:\windows\SYSNATIVE\drivers\GameKB.sys [x]
S3 ikbevent;Intel Upper keyboard Class Filter Driver;c:\windows\system32\DRIVERS\ikbevent.sys;c:\windows\SYSNATIVE\DRIVERS\ikbevent.sys [x]
S3 imsevent;Intel Upper Mouse Class Filter Driver;c:\windows\system32\DRIVERS\imsevent.sys;c:\windows\SYSNATIVE\DRIVERS\imsevent.sys [x]
S3 ISCT;Intel(R) Smart Connect Technology Device Driver;c:\windows\system32\DRIVERS\ISCTD64.sys;c:\windows\SYSNATIVE\DRIVERS\ISCTD64.sys [x]
S3 iusb3hub;Intel(R) USB 3.0-Hubtreiber;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible-Hostcontrollertreiber;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
S3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
S3 MBfilt;MBfilt;c:\windows\system32\drivers\MBfilt64.sys;c:\windows\SYSNATIVE\drivers\MBfilt64.sys [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 WPRO_41_2001;WinPcap Packet Driver (WPRO_41_2001);c:\windows\system32\drivers\WPRO_41_2001.sys;c:\windows\SYSNATIVE\drivers\WPRO_41_2001.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - MBAMSWISSARMY
*NewlyCreated* - MBAMWEBACCESSCONTROL
.
Inhalt des "geplante Tasks" Ordners
.
2014-05-21 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-09 13:40]
.
2014-05-21 c:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
- c:\program files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25 12:41]
.
2014-05-21 c:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
- c:\program files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25 12:41]
.
2014-05-21 c:\windows\Tasks\SUPERAntiSpyware Scheduled Task 1d53a26a-add7-4e27-aa09-3c87e6e52917.job
- c:\program files\SUPERAntiSpyware\SASTask.exe [2013-11-07 20:08]
.
2014-05-18 c:\windows\Tasks\SUPERAntiSpyware Scheduled Task 29a223a8-2568-45ad-b993-d578487cd2d4.job
- c:\program files\SUPERAntiSpyware\SASTask.exe [2013-11-07 20:08]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"XboxStat"="c:\program files\Microsoft Xbox 360 Accessories\XboxStat.exe" [2009-09-30 825184]
"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 660360]
"THXCfg64"="c:\windows\system32\THXCfg64.dll" [2011-05-13 26624]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2014-04-30 1225920]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-10-17 13307496]
"Nvtmru"="c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" [BU]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-04-30 2199840]
"Monitor"="c:\windows\PixArt\PAC207\Monitor.exe" [2006-11-03 319488]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2009-06-17 130576]
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = about:blank
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html
Trusted Zone: aeriagames.com
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\PBell\AppData\Roaming\Mozilla\Firefox\Profiles\fprgzeol.default\
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKLM-Run-SmartviewAgent - c:\program files (x86)\DeviceVM\SmartView\SmartViewAgent.exe
AddRemove-Battlelog Web Plugins - c:\program files (x86)\Battlelog Web Plugins\uninstall.exe
AddRemove-Borderlands 2_is1 - d:\games\Borderlands 2\Borderlands 2\unins000.exe
AddRemove-Global Martial Heroes OBT Client + Launcher - d:\games\GlobalMartialheroes\Uninstal.exe
AddRemove-WolfTeam-DE - d:\games\WolfTeam\WolfTeam-DE\Uninst.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va002]
"ImagePath"="\??\c:\users\PBell\AppData\Local\Temp\002D55A.tmp"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va005]
"ImagePath"="\??\c:\users\PBell\AppData\Local\Temp\005BDCB.tmp"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va008]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va008"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va009]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va009"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va011]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va011"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va012]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va012"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-3396300932-3457207744-2361604580-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-3396300932-3457207744-2361604580-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_USERS\S-1-5-21-3396300932-3457207744-2361604580-1000\Software\SecuROM\License information*]
"datasecu"=hex:c0,af,f0,30,4d,1e,5b,f4,90,8a,b2,9a,f5,c2,74,ba,18,25,62,74,a5,
   4e,d3,46,f8,f5,15,7b,5f,d9,c4,50,85,d0,d0,00,e0,a9,b3,52,bf,08,24,4e,6e,22,\
"rkeysecu"=hex:2f,0f,d5,3e,02,2b,06,63,b1,0b,dd,b6,71,e2,54,98
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_13_0_0_214_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_13_0_0_214_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_13_0_0_214_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_13_0_0_214_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.13"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Windows CE Services]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2014-05-21  18:39:23
ComboFix-quarantined-files.txt  2014-05-21 16:39
ComboFix2.txt  2014-05-15 11:33
ComboFix3.txt  2011-05-12 06:46
ComboFix4.txt  2011-05-10 12:53
.
Vor Suchlauf: 32 Verzeichnis(se), 136.955.551.744 Bytes frei
Nach Suchlauf: 33 Verzeichnis(se), 136.472.190.976 Bytes frei
.
- - End Of File - - D6703DF99003DC9E654BC8E0AD0DDC89

Code:

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by PBell on 21.05.2014 at 18:08:30,40
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\etype_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\etype_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\etypesetup_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\etypesetup_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\etypeuninstall_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\etypeuninstall_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\etypeupdate_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\etypeupdate_rasmancs
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{5249300A-ED5D-4396-90EB-4E1A7F242007}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Users\PBell\appdata\locallow\boost_interprocess"
Successfully deleted: [Folder] "C:\ai_recyclebin"
Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"
Successfully deleted: [Empty Folder] C:\Users\PBell\appdata\local\{076B52B6-5CAB-47C3-B110-E46E2C247D30}
Successfully deleted: [Empty Folder] C:\Users\PBell\appdata\local\{37EE7B23-DE55-42A6-A25C-E2B3544D5456}
Successfully deleted: [Empty Folder] C:\Users\PBell\appdata\local\{8FB730BB-14F8-4841-893C-56E815EEA0A1}



~~~ FireFox

Emptied folder: C:\Users\PBell\AppData\Roaming\mozilla\firefox\profiles\fprgzeol.default\minidumps [34 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 21.05.2014 at 18:17:53,14
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 21.05.2014
Suchlauf-Zeit: 17:43:31
Logdatei: malwarebytes.txt
Administrator: Ja

Version: 2.00.1.1004
Malware Datenbank: v2014.05.21.06
Rootkit Datenbank: v2014.03.27.01
Lizenz: Testversion
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Chameleon: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: PBell

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 312977
Verstrichene Zeit: 13 Min, 36 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Shuriken: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registrierungsschlüssel: 9
PUP.Optional.MintCast.A, HKLM\SOFTWARE\CLASSES\CLSID\{4F5806BB-DF64-4AC5-9485-572625569CE0}, , [18f24a0aaccff73f403b1f0df80a7c84], 
PUP.Optional.MintCast.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{4F5806BB-DF64-4AC5-9485-572625569CE0}, , [18f24a0aaccff73f403b1f0df80a7c84], 
PUP.Optional.MintCast.A, HKU\S-1-5-21-3396300932-3457207744-2361604580-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{4F5806BB-DF64-4AC5-9485-572625569CE0}, , [18f24a0aaccff73f403b1f0df80a7c84], 
Adware.ClickPotato, HKU\S-1-5-21-3396300932-3457207744-2361604580-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{B58926D6-CFB0-45D2-9C28-4B5A0F0368AE}, , [b1591c38611a59dd4bd3d96b53afca36], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\Iminent, , [a2682133bfbc78be8f30e0c229d99070], 
PUP.Optional.SweetIM.A, HKLM\SOFTWARE\WOW6432NODE\SWEETIM, , [4ebca0b44b308ea8ae10199f1de6a957], 
PUP.Optional.1ClickDownload.A, HKU\S-1-5-21-3396300932-3457207744-2361604580-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\1ClickDownload, , [de2c401492e9e5516cbd9128ba498080], 
PUP.Optional.PriceGong.A, HKU\S-1-5-21-3396300932-3457207744-2361604580-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\PriceGong, , [b6544014077480b62807d9c3e61cd12f], 
PUP.Optional.Softonic.A, HKU\S-1-5-21-3396300932-3457207744-2361604580-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SOFTONIC\Universal Downloader, , [20eaa4b0fe7d6dc978e63b556f93a65a], 

Registrierungswerte: 1
PUP.Optional.SweetIM.A, HKLM\SOFTWARE\WOW6432NODE\SWEETIM|simapp_id, 11111111, , [4ebca0b44b308ea8ae10199f1de6a957]

Registrierungsdaten: 0
(No malicious items detected)

Ordner: 0
(No malicious items detected)

Dateien: 2
PUP.Optional.OutBrowse, C:\Users\PBell\Documents\Rust_Hack_Tool_2014.zip, , [be4cbf955e1daf8722d575a806fad927], 
PUP.Optional.PCPerformer.A, C:\Windows\System32\roboot64.exe, , [49c1be969cdfcf672092f1aa5fa331cf], 

Physische Sektoren: 0
(No malicious items detected)


(end)

Das waren alle

schrauber · 22.05.2014, 13:47

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Downloade Dir bitte

SecurityCheck und:

Speichere es auf dem Desktop.
Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.

Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?

50eurovirus · 23.05.2014, 13:27

Ok ich werde nachdem ich all dies was du mir geschrieben hast nochmal avg herunterladen und schauen ob des cpu problem noch immer da ist oder es liegt wirklich an avg...

schrauber · 24.05.2014, 12:06

Meist hilft da eine einmalige Neuinstallation der Software.

24.05.2014, 12:06	#12
schrauber /// the machine /// TB-Ausbilder	Steam - download- Cpu Überlastet. Meist hilft da eine einmalige Neuinstallation der Software. __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

Steam - download- Cpu Überlastet.

Plagegeister aller Art und deren Bekämpfung: Steam - download- Cpu Überlastet.