Trojaner-Board - Unterstrichene Wörter mit Werbefenstern und überall Werbeanzeigen

Danke für die Infos über Avira. Ich habe zwar Avira schon vor einigen Jahren installiert, aber ich werde mal einen Wechsel überlegen.

hier FRST:

FRST Logfile:

FRST Logfile:

Code:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-03-2014 02

Ran by LBusch (administrator) on LBUSCH-PC on 10-03-2014 16:39:34

Running from C:\Users\LBusch\Desktop

Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard

Internet Explorer Version 11

Boot Mode: Normal
 
 
 

==================== Processes (Whitelisted) =================
 

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe

(AMD) C:\Windows\system32\atiesrxx.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe

(AMD) C:\Windows\system32\atieclxx.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE

(APN LLC.) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WlanNetService.exe

(Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe

(cFos Software GmbH) C:\Program Files\ASRock\XFast LAN\spd.exe

(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe

(Intel Corporation) C:\Windows\system32\IProsetMonitor.exe

() C:\Windows\SysWOW64\PnkBstrA.exe

(Ralink Technology, Corp.) C:\Program Files (x86)\Edimax\Common\RaRegistry.exe

(Ralink Technology, Corp.) C:\Program Files (x86)\Edimax\Common\RaRegistry64.exe

() C:\Program Files (x86)\FindRight\updateFindRight.exe

() C:\Program Files (x86)\FindRight\bin\utilFindRight.exe

(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

() C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe

(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE

() C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe

(Logitech, Inc.) C:\Program Files\Logitech\SetPointG\SetPointII.exe

(Microsoft Corporation) C:\Windows\System32\alg.exe

(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

(cFos Software GmbH) C:\Program Files\ASRock\XFast LAN\cfosspeed.exe

(Microsoft Corporation) D:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE

(Apple Inc.) D:\Program Files (x86)\iTunes\iTunesHelper.exe

(Geek Software GmbH) D:\Program Files (x86)\PDF24\pdf24.exe

(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanGUI.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe

(APN) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe

(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe

(FNet Co., Ltd.) C:\Program Files (x86)\XFastUSB\XFastUsb.exe

(Advanced Micro Devices Inc.) d:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe

(ATI Technologies Inc.) D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe

(Mozilla Corporation) D:\Program Files (x86)\Mozilla Firefox\firefox.exe

(Mozilla Corporation) D:\Program Files (x86)\Mozilla Firefox\plugin-container.exe

(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_152.exe

(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_152.exe

(Microsoft Corporation) C:\Windows\system32\AUDIODG.EXE
 
 

==================== Registry (Whitelisted) ==================
 

HKLM\...\Run: [EvtMgr6] - C:\Program Files\Logitech\SetPointP\SetPoint.exe [1744152 2011-06-24] (Logitech, Inc.)

HKLM\...\Run: [Launch LCore] - C:\Program Files\Logitech Gaming Software\LCore.exe [8292120 2013-11-14] (Logitech Inc.)

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13513288 2013-03-29] (Realtek Semiconductor)

HKLM\...\Run: [XFast LAN] - C:\Program Files\ASRock\XFast LAN\cFosSpeed.exe [1441152 2011-10-19] (cFos Software GmbH)

HKLM-x32\...\Run: [HDAudDeck] - C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2171904 2009-06-05] (VIA)

HKLM-x32\...\Run: [iTunesHelper] - D:\Program Files (x86)\iTunes\iTunesHelper.exe [141600 2009-10-28] (Apple Inc.)

HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [417792 2009-09-05] (Apple Inc.)

HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - D:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [41208 2012-12-19] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [946352 2012-12-03] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [PDFPrint] - d:\Program Files (x86)\PDF24\pdf24.exe [163000 2012-12-12] (Geek Software GmbH)

HKLM-x32\...\Run: [AVMWlanClient] - C:\Program Files (x86)\avmwlanstick\wlangui.exe [2105344 2010-10-22] (AVM Berlin)

HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [684600 2013-12-17] (Avira Operations GmbH & Co. KG)

HKLM-x32\...\Run: [ApnTBMon] - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [1758160 2014-02-13] (APN)

HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)

HKLM-x32\...\Run: [USB3MON] - C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-11] (Intel Corporation)

HKLM-x32\...\Run: [XFastUSB] - C:\Program Files (x86)\XFastUSB\XFastUsb.exe [5021448 2014-01-11] (FNet Co., Ltd.)

HKLM-x32\...\Run: [StartCCC] - d:\Program Files\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-12-06] (Advanced Micro Devices, Inc.)

Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)

HKU\S-1-5-21-3814341045-3795636032-2271566647-1000\...\Run: [CtxfiReg] - Ctxfireg.exe /FAIL1

HKU\S-1-5-21-3814341045-3795636032-2271566647-1000\...\Run: [parti] - C:\Users\LBusch\AppData\Roaming\parti\slash.bat [203 2013-05-18] ()

HKU\S-1-5-21-3814341045-3795636032-2271566647-1000\...\Run: [ASRock A-Tuning] - [X]

HKU\S-1-5-21-3814341045-3795636032-2271566647-1000\...\MountPoints2: {3811097e-9ab3-11e2-a98b-90987fc03280} - G:\pushinst.exe

HKU\S-1-5-21-3814341045-3795636032-2271566647-1000\...\MountPoints2: {79ccd850-7a65-11e3-914a-806e6f6e6963} - F:\Bin\assetup.exe

HKU\S-1-5-21-3814341045-3795636032-2271566647-1000\...\MountPoints2: {e260dbab-d157-11de-b0a2-806e6f6e6963} - F:\Installer.exe

Startup: C:\Users\LBusch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk

ShortcutTarget: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk -> D:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
 

==================== Internet (Whitelisted) ====================
 

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.youtube.com/?gl=DE&hl=de

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xD0C186958965CA01

SearchScopes: HKCU - DefaultScope {C3DFB2B8-BDF0-4C6E-9D66-6A296BAD71FA} URL = hxxp://www.google.de/search?q={searchTerms}

SearchScopes: HKCU - {4817CB16-6804-42D3-83BB-D9E279DF79CA} URL = hxxp://de.wikipedia.org/wiki/Spezial:Search?search={searchTerms}

SearchScopes: HKCU - {C3DFB2B8-BDF0-4C6E-9D66-6A296BAD71FA} URL = hxxp://www.google.de/search?q={searchTerms}

BHO: Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)

BHO: SteadyVideoBHO Class - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)

BHO: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)

BHO: Adblock Plus for IE Browser Helper Object - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll (Adblock Plus)

BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)

BHO-x32: FindRight - {2c774641-5504-46a8-b63f-6715ae3fe376} - C:\Program Files (x86)\FindRight\FindRightBHO.dll (FindRight)

BHO-x32: Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)

BHO-x32: SteadyVideoBHO Class - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)

BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)

BHO-x32: af0.Adblock.BHO - {90EFF544-3981-4d46-85C9-C0361D0931D6} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)

BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll No File

BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

BHO-x32: Adblock Plus for IE Browser Helper Object - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll (Adblock Plus)

Toolbar: HKLM - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)

Toolbar: HKLM-x32 - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)

DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab

DPF: HKLM-x32 {E705A591-DA3C-4228-B0D5-A356DBA42FBF} hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab

DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15118/CTPID.cab

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} -  No File

Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll No File

Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)

Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)

Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)

Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)

Tcpip\..\Interfaces\{45CE3659-2D84-4A10-B322-5720285C7F75}: [NameServer]192.168.178.1

Tcpip\..\Interfaces\{C8FCDDEF-DC30-400B-8B42-AF0E10D39E29}: [NameServer]192.168.178.1
 

FireFox:

========

FF ProfilePath: C:\Users\LBusch\AppData\Roaming\Mozilla\Firefox\Profiles\9t3ixatd.default

FF Homepage: hxxp://www.youtube.com/?gl=DE&hl=de&utm_campaign=de&utm_source=de-ha-emea-de-google&utm_medium=ha&utm_term=youutbe

FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_152.dll ()

FF Plugin: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_152.dll ()

FF Plugin-x32: @Apple.com/iTunes,version=1.0 - D:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

FF Plugin-x32: @ei.UtilityChest_49.com/Plugin - C:\Program Files (x86)\UtilityChest_49EI\Installr\1.bin\NP49EISB.dll (Utility Chest)

FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)

FF Plugin-x32: @esn/npbattlelog,version=2.3.1 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.1\npbattlelog.dll (EA Digital Illusions CE AB)

FF Plugin-x32: @esn/npbattlelog,version=2.3.2 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)

FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin-x32: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)

FF Plugin-x32: @ngm.nexoneu.com/NxGame - C:\ProgramData\NexonEU\NGM\npNxGameeu.dll (Nexon)

FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: Adobe Reader - D:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()

FF Extension: Avira SearchFree Toolbar plus Web Protection - C:\Users\LBusch\AppData\Roaming\Mozilla\Firefox\Profiles\9t3ixatd.default\Extensions\toolbar_AVIRA-V7@apn.ask.com.xpi [2013-07-26]

FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Users\LBusch\AppData\Roaming\Mozilla\Firefox\Profiles\9t3ixatd.default\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi [2012-11-20]

FF Extension: Greasemonkey - C:\Users\LBusch\AppData\Roaming\Mozilla\Firefox\Profiles\9t3ixatd.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2012-09-23]

FF StartMenuInternet: FIREFOX.EXE - d:\Program Files (x86)\Mozilla Firefox\firefox.exe
 

Chrome: 

=======

CHR Extension: (Avira SearchFree Toolbar plus Web Protection) - C:\Users\LBusch\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaacalgebmfelllfiaoknifldpngjh [2014-03-07]

CHR Extension: (Google Docs) - C:\Users\LBusch\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-03-07]

CHR Extension: (Google Drive) - C:\Users\LBusch\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-03-07]

CHR Extension: (YouTube) - C:\Users\LBusch\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-03-07]

CHR Extension: (Google-Suche) - C:\Users\LBusch\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-03-07]

CHR Extension: (Google Wallet) - C:\Users\LBusch\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-07]

CHR Extension: (Google Mail) - C:\Users\LBusch\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-03-07]

CHR HKLM-x32\...\Chrome\Extension: [aaaaacalgebmfelllfiaoknifldpngjh] - C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7\CRX\ToolbarCR.crx [2014-02-20]
 

==================== Services (Whitelisted) =================
 

R2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe [896056 2013-12-17] (Avira Operations GmbH & Co. KG)

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2013-12-17] (Avira Operations GmbH & Co. KG)

R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-11-25] (Avira Operations GmbH & Co. KG)

R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1011768 2013-12-17] (Avira Operations GmbH & Co. KG)

R2 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [166352 2014-02-13] (APN LLC.)

R2 Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [144672 2009-08-28] (Apple Inc.)

R2 AVM WLAN Connection Service; C:\Program Files (x86)\avmwlanstick\WlanNetService.exe [376832 2010-10-22] (AVM Berlin)

R2 cFosSpeedS; C:\Program Files\ASRock\XFast LAN\spd.exe [395136 2011-10-19] (cFos Software GmbH)

R2 ForceWare Intelligent Application Manager (IAM); C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe [625184 2009-04-19] ()

S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)

R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-03-12] (Intel Corporation)

R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-03-12] (Intel Corporation)

R2 nSvcIp; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe [207904 2009-04-19] ()

R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-11-01] ()

R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [239176 2013-02-19] (Realtek Semiconductor)

S3 SandraAgentSrv; d:\Program Files\SiSoftware\SiSoftware Sandra Lite 2014.RTM\RpcAgentSrv.exe [72344 2008-11-25] (SiSoftware)

R2 Update FindRight; C:\Program Files (x86)\FindRight\updateFindRight.exe [112416 2014-03-07] ()

R2 Util FindRight; C:\Program Files (x86)\FindRight\bin\utilFindRight.exe [112416 2014-03-07] ()

S2 AMD FUEL Service; d:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe /launchService [X]

S4 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [X]
 

==================== Drivers (Whitelisted) ====================
 

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13368 2009-04-06] ()

R0 AsrRamDisk; C:\Windows\System32\DRIVERS\AsrRamDisk.sys [34640 2012-08-09] (ASRock Inc.)

R3 AsrVDrive; C:\Windows\System32\DRIVERS\AsrVDrive.sys [23048 2011-01-26] (ASRock Inc.)

R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2009-12-25] ()

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-17] (Avira Operations GmbH & Co. KG)

R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-17] (Avira Operations GmbH & Co. KG)

R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-25] (Avira Operations GmbH & Co. KG)

S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2010-10-22] (AVM Berlin)

S3 CT20XUT.DLL; C:\Windows\System32\CT20XUT.DLL [252712 2007-04-10] (Creative Technology Ltd.)

S3 CTEAPSFX.DLL; C:\Windows\System32\CTEAPSFX.DLL [219432 2007-04-10] (Creative Technology Ltd)

S3 CTEDSPFX.DLL; C:\Windows\System32\CTEDSPFX.DLL [321832 2007-04-10] (Creative Technology Ltd)

S3 CTEDSPIO.DLL; C:\Windows\System32\CTEDSPIO.DLL [190248 2007-04-10] (Creative Technology Ltd)

S3 CTEDSPSY.DLL; C:\Windows\System32\CTEDSPSY.DLL [363304 2007-04-10] (Creative Technology Ltd)

S3 CTEXFIFX.DLL; C:\Windows\System32\CTEXFIFX.DLL [1571112 2007-04-10] (Creative Technology Ltd.)

S3 CTHWIUT.DLL; C:\Windows\System32\CTHWIUT.DLL [123688 2007-04-10] (Creative Technology Ltd.)

R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [496400 2013-02-26] (Intel Corporation)

R1 FNETURPX; C:\Windows\System32\drivers\FNETURPX.SYS [16648 2014-01-11] (FNet Co., Ltd.)

R3 fwlanusbn; C:\Windows\System32\DRIVERS\fwlanusbn.sys [714368 2010-10-22] (AVM GmbH)

R0 hotcore3; C:\Windows\System32\DRIVERS\hotcore3.sys [37392 2010-05-28] (Paragon Software Group)

R3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)

R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2009-12-25] ()

S3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-05-14] ()

S3 SANDRA; d:\Program Files\SiSoftware\SiSoftware Sandra Lite 2014.RTM\WNt500x64\Sandra.sys [23112 2009-08-07] (SiSoftware)

R0 sptd; C:\Windows\System32\Drivers\sptd.sys [526392 2011-10-30] ()

S2 AODDriver4.2.0; \??\d:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [X]

S3 COMMONFX; system32\drivers\COMMONFX.SYS [X]

S3 COMMONFX.DLL; system32\COMMONFX.DLL [X]

S3 COMMONFX.SYS; \SystemRoot\System32\drivers\COMMONFX.SYS [X]

S3 ctac32k; system32\drivers\ctac32k.sys [X]

S3 ctaud2k; system32\drivers\ctaud2k.sys [X]

S3 CTAUDFX; system32\drivers\CTAUDFX.SYS [X]

S3 CTAUDFX.DLL; system32\CTAUDFX.DLL [X]

S3 CTAUDFX.SYS; \SystemRoot\System32\drivers\CTAUDFX.SYS [X]

S3 CTERFXFX; system32\drivers\CTERFXFX.SYS [X]

S3 CTERFXFX.DLL; system32\CTERFXFX.DLL [X]

S3 CTERFXFX.SYS; \SystemRoot\System32\drivers\CTERFXFX.SYS [X]

S3 ctprxy2k; system32\drivers\ctprxy2k.sys [X]

S3 CTSBLFX; system32\drivers\CTSBLFX.SYS [X]

S3 CTSBLFX.DLL; system32\CTSBLFX.DLL [X]

S3 CTSBLFX.SYS; \SystemRoot\System32\drivers\CTSBLFX.SYS [X]

S3 ctsfm2k; system32\drivers\ctsfm2k.sys [X]

S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]

S3 emupia; system32\drivers\emupia2k.sys [X]

S3 ha10kx2k; system32\drivers\ha10kx2k.sys [X]

S3 hap16v2k; system32\drivers\hap16v2k.sys [X]

S3 hap17v2k; system32\drivers\hap17v2k.sys [X]

S3 NVHDA; system32\drivers\nvhda64v.sys [X]

S3 ossrv; system32\drivers\ctoss2k.sys [X]

S3 X6va003; \??\C:\Users\LBusch\AppData\Local\Temp\0031B8F.tmp [X]
 

==================== NetSvcs (Whitelisted) ===================
 
 

==================== One Month Created Files and Folders ========
 

2014-03-10 16:39 - 2014-03-10 16:39 - 00024473 _____ () C:\Users\LBusch\Desktop\FRST.txt

2014-03-10 16:39 - 2014-03-10 16:39 - 00000000 ____D () C:\FRST

2014-03-10 15:45 - 2014-03-10 15:45 - 02157056 _____ (Farbar) C:\Users\LBusch\Desktop\FRST64.exe

2014-03-07 22:37 - 2014-03-07 22:37 - 00000316 _____ () C:\Windows\PFRO.log

2014-03-07 22:31 - 2014-03-07 22:31 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies

2014-03-07 20:29 - 2014-03-07 20:29 - 00002255 _____ () C:\Users\Public\Desktop\Google Chrome.lnk

2014-03-07 20:28 - 2014-03-10 16:33 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2014-03-07 20:28 - 2014-03-10 15:39 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2014-03-07 20:28 - 2014-03-07 20:29 - 00000000 ____D () C:\Users\LBusch\AppData\Local\Google

2014-03-07 20:28 - 2014-03-07 20:29 - 00000000 ____D () C:\Program Files (x86)\Google

2014-03-07 20:28 - 2014-03-07 20:28 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA

2014-03-07 20:28 - 2014-03-07 20:28 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore

2014-03-07 20:28 - 2014-03-07 20:28 - 00000000 ____D () C:\Users\LBusch\AppData\Local\Deployment

2014-03-07 20:28 - 2014-03-07 20:28 - 00000000 ____D () C:\Users\LBusch\AppData\Local\Apps\2.0

2014-03-07 19:36 - 2014-03-07 19:36 - 00000000 ____D () C:\ProgramData\redistpart

2014-03-07 19:36 - 2014-03-07 19:36 - 00000000 ____D () C:\ProgramData\launcher

2014-03-07 19:36 - 2014-03-07 19:36 - 00000000 ____D () C:\ProgramData\explauncher

2014-03-07 19:35 - 2014-03-10 15:38 - 00147600 _____ () C:\Windows\setupact.log

2014-03-07 19:35 - 2014-03-07 19:35 - 00000000 _____ () C:\Windows\setuperr.log

2014-03-07 19:33 - 2014-03-07 19:33 - 00002107 _____ () C:\Users\Public\Desktop\Paragon Partition Manager™ 11 Personal.lnk

2014-03-07 19:33 - 2010-05-28 13:10 - 00037392 _____ (Paragon Software Group) C:\Windows\system32\Drivers\hotcore3.sys

2014-02-21 21:59 - 2014-02-21 21:59 - 00000000 ____D () C:\Users\LBusch\AppData\Local\Blizzard

2014-02-19 22:19 - 2014-03-05 16:40 - 00000000 ____D () C:\Program Files (x86)\FindRight

2014-02-19 22:18 - 2014-02-19 22:19 - 05182170 _____ () C:\Users\LBusch\Downloads\Metroid - Zero Mission.zip

2014-02-17 21:35 - 2014-02-17 21:35 - 00000000 ____D () C:\Users\LBusch\Documents\Respawn

2014-02-13 21:44 - 2014-02-13 21:44 - 00000521 _____ () C:\Users\Public\Desktop\Fraps.lnk

2014-02-13 19:33 - 2014-03-02 21:21 - 00000000 ____D () C:\Users\LBusch\AppData\Local\Battle.net

2014-02-13 19:33 - 2014-02-14 22:06 - 00000000 ____D () C:\Users\LBusch\AppData\Roaming\Battle.net

2014-02-13 01:40 - 2014-02-06 13:16 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2014-02-13 01:40 - 2014-02-06 12:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2014-02-13 01:40 - 2014-02-06 12:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll

2014-02-13 01:40 - 2014-02-06 12:12 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2014-02-13 01:40 - 2014-02-06 12:07 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll

2014-02-13 01:40 - 2014-02-06 12:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll

2014-02-13 01:40 - 2014-02-06 11:57 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2014-02-13 01:40 - 2014-02-06 11:56 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll

2014-02-13 01:40 - 2014-02-06 11:52 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2014-02-13 01:40 - 2014-02-06 11:49 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

2014-02-13 01:40 - 2014-02-06 11:48 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll

2014-02-13 01:40 - 2014-02-06 11:48 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe

2014-02-13 01:40 - 2014-02-06 11:38 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2014-02-13 01:40 - 2014-02-06 11:32 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe

2014-02-13 01:40 - 2014-02-06 11:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2014-02-13 01:40 - 2014-02-06 11:17 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll

2014-02-13 01:40 - 2014-02-06 11:11 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2014-02-13 01:40 - 2014-02-06 11:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll

2014-02-13 01:40 - 2014-02-06 11:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll

2014-02-13 01:40 - 2014-02-06 10:57 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2014-02-13 01:40 - 2014-02-06 10:57 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2014-02-13 01:40 - 2014-02-06 10:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll

2014-02-13 01:40 - 2014-02-06 10:52 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll

2014-02-13 01:40 - 2014-02-06 10:50 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2014-02-13 01:40 - 2014-02-06 10:49 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll

2014-02-13 01:40 - 2014-02-06 10:47 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe

2014-02-13 01:40 - 2014-02-06 10:46 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll

2014-02-13 01:40 - 2014-02-06 10:25 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2014-02-13 01:40 - 2014-02-06 10:25 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll

2014-02-13 01:40 - 2014-02-06 10:24 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2014-02-13 01:40 - 2014-02-06 10:22 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2014-02-13 01:40 - 2014-02-06 10:13 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2014-02-13 01:40 - 2014-02-06 10:09 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl

2014-02-13 01:40 - 2014-02-06 10:03 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2014-02-13 01:40 - 2014-02-06 09:55 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2014-02-13 01:40 - 2014-02-06 09:41 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2014-02-13 01:40 - 2014-02-06 09:40 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll

2014-02-13 01:40 - 2014-02-06 09:36 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2014-02-13 01:40 - 2014-02-06 09:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll

2014-02-13 01:40 - 2013-12-21 10:53 - 00548864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

2014-02-13 01:40 - 2013-12-21 09:56 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll

2014-02-12 21:13 - 2014-01-01 00:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls

2014-02-12 21:13 - 2014-01-01 00:04 - 00420008 _____ () C:\Windows\system32\locale.nls

2014-02-12 21:13 - 2013-12-25 00:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll

2014-02-12 21:13 - 2013-12-24 23:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll

2014-02-12 21:13 - 2013-12-06 03:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll

2014-02-12 21:13 - 2013-12-06 03:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll

2014-02-12 21:13 - 2013-12-06 03:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll

2014-02-12 21:13 - 2013-12-06 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll

2014-02-12 21:13 - 2013-12-04 03:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll

2014-02-12 21:13 - 2013-12-04 03:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll

2014-02-12 21:13 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll

2014-02-12 21:13 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll

2014-02-12 21:13 - 2013-12-04 03:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll

2014-02-12 21:13 - 2013-12-04 03:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe

2014-02-12 21:13 - 2013-12-04 03:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe

2014-02-12 21:13 - 2013-12-04 03:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe

2014-02-12 21:13 - 2013-12-04 03:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe

2014-02-12 21:13 - 2013-12-04 03:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll

2014-02-12 21:13 - 2013-12-04 03:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll

2014-02-12 21:13 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll

2014-02-12 21:13 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll

2014-02-12 21:13 - 2013-12-04 03:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll

2014-02-12 21:13 - 2013-12-04 02:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe

2014-02-12 21:13 - 2013-12-04 02:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe

2014-02-12 21:13 - 2013-12-04 02:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe

2014-02-12 21:13 - 2013-12-04 02:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe

2014-02-12 21:13 - 2013-11-26 09:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll

2014-02-12 21:13 - 2013-11-22 23:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
 

==================== One Month Modified Files and Folders =======
 

2014-03-10 16:39 - 2014-03-10 16:39 - 00024473 _____ () C:\Users\LBusch\Desktop\FRST.txt

2014-03-10 16:39 - 2014-03-10 16:39 - 00000000 ____D () C:\FRST

2014-03-10 16:33 - 2014-03-07 20:28 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2014-03-10 15:57 - 2009-07-14 05:45 - 00014992 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2014-03-10 15:57 - 2009-07-14 05:45 - 00014992 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2014-03-10 15:45 - 2014-03-10 15:45 - 02157056 _____ (Farbar) C:\Users\LBusch\Desktop\FRST64.exe

2014-03-10 15:43 - 2009-07-14 18:58 - 00699416 _____ () C:\Windows\system32\perfh007.dat

2014-03-10 15:43 - 2009-07-14 18:58 - 00149556 _____ () C:\Windows\system32\perfc007.dat

2014-03-10 15:43 - 2009-07-14 06:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI

2014-03-10 15:42 - 2013-10-28 17:58 - 01939984 _____ () C:\Windows\WindowsUpdate.log

2014-03-10 15:39 - 2014-03-07 20:28 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2014-03-10 15:38 - 2014-03-07 19:35 - 00147600 _____ () C:\Windows\setupact.log

2014-03-10 15:38 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT

2014-03-09 19:33 - 2011-01-03 19:20 - 00000000 ____D () C:\Users\LBusch\AppData\Local\PMB Files

2014-03-09 16:54 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF

2014-03-09 15:58 - 2010-02-01 15:34 - 00000000 ____D () C:\Users\LBusch\Documents\gothic3

2014-03-09 14:52 - 2011-01-24 17:07 - 00000000 ____D () C:\Users\LBusch\AppData\Roaming\Skype

2014-03-09 10:25 - 2009-12-27 00:17 - 00000374 _____ () C:\Windows\system32\Drivers\etc\hosts.ics

2014-03-07 22:53 - 2010-03-11 19:41 - 00000000 ____D () C:\Users\LBusch\AppData\Local\Risen

2014-03-07 22:52 - 2009-11-16 21:29 - 00000000 ____D () C:\Users\LBusch\AppData\Roaming\vlc

2014-03-07 22:37 - 2014-03-07 22:37 - 00000316 _____ () C:\Windows\PFRO.log

2014-03-07 22:31 - 2014-03-07 22:31 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies

2014-03-07 22:31 - 2009-11-14 22:11 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation

2014-03-07 20:29 - 2014-03-07 20:29 - 00002255 _____ () C:\Users\Public\Desktop\Google Chrome.lnk

2014-03-07 20:29 - 2014-03-07 20:28 - 00000000 ____D () C:\Users\LBusch\AppData\Local\Google

2014-03-07 20:29 - 2014-03-07 20:28 - 00000000 ____D () C:\Program Files (x86)\Google

2014-03-07 20:28 - 2014-03-07 20:28 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA

2014-03-07 20:28 - 2014-03-07 20:28 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore

2014-03-07 20:28 - 2014-03-07 20:28 - 00000000 ____D () C:\Users\LBusch\AppData\Local\Deployment

2014-03-07 20:28 - 2014-03-07 20:28 - 00000000 ____D () C:\Users\LBusch\AppData\Local\Apps\2.0

2014-03-07 19:36 - 2014-03-07 19:36 - 00000000 ____D () C:\ProgramData\redistpart

2014-03-07 19:36 - 2014-03-07 19:36 - 00000000 ____D () C:\ProgramData\launcher

2014-03-07 19:36 - 2014-03-07 19:36 - 00000000 ____D () C:\ProgramData\explauncher

2014-03-07 19:35 - 2014-03-07 19:35 - 00000000 _____ () C:\Windows\setuperr.log

2014-03-07 19:33 - 2014-03-07 19:33 - 00002107 _____ () C:\Users\Public\Desktop\Paragon Partition Manager™ 11 Personal.lnk

2014-03-05 22:19 - 2011-10-11 18:52 - 00000000 ____D () C:\ProgramData\Origin

2014-03-05 21:08 - 2013-06-22 21:03 - 00214392 _____ () C:\Windows\SysWOW64\PnkBstrB.exe

2014-03-05 20:57 - 2013-02-03 14:52 - 00214392 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0

2014-03-05 20:25 - 2013-10-04 14:22 - 00000000 ____D () C:\Program Files (x86)\O R I G E N

2014-03-05 16:40 - 2014-02-19 22:19 - 00000000 ____D () C:\Program Files (x86)\FindRight

2014-03-03 16:09 - 2012-05-12 00:26 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe

2014-03-03 16:09 - 2011-06-25 21:26 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

2014-03-02 21:21 - 2014-02-13 19:33 - 00000000 ____D () C:\Users\LBusch\AppData\Local\Battle.net

2014-02-26 18:24 - 2011-07-23 15:37 - 00018960 _____ (Logitech, Inc.) C:\Windows\system32\Drivers\LNonPnP.sys

2014-02-25 22:36 - 2011-02-02 16:30 - 01593956 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI

2014-02-21 21:59 - 2014-02-21 21:59 - 00000000 ____D () C:\Users\LBusch\AppData\Local\Blizzard

2014-02-19 22:24 - 2012-08-18 22:47 - 00000000 ____D () C:\Users\LBusch\Desktop\Visual Boy

2014-02-19 22:19 - 2014-02-19 22:18 - 05182170 _____ () C:\Users\LBusch\Downloads\Metroid - Zero Mission.zip

2014-02-17 21:35 - 2014-02-17 21:35 - 00000000 ____D () C:\Users\LBusch\Documents\Respawn

2014-02-16 15:08 - 2013-07-29 10:11 - 00000000 ____D () C:\Windows\system32\MRT

2014-02-16 15:07 - 2009-12-25 01:55 - 88567024 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

2014-02-14 22:06 - 2014-02-13 19:33 - 00000000 ____D () C:\Users\LBusch\AppData\Roaming\Battle.net

2014-02-13 21:44 - 2014-02-13 21:44 - 00000521 _____ () C:\Users\Public\Desktop\Fraps.lnk

2014-02-13 21:33 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache

2014-02-12 17:17 - 2013-02-03 15:08 - 00281688 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr

2014-02-11 14:07 - 2009-07-14 06:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD

2014-02-10 20:57 - 2012-06-12 16:46 - 00000000 ____D () C:\Users\LBusch\AppData\Roaming\DVDVideoSoft

2014-02-10 20:02 - 2014-02-06 16:55 - 00000000 ____D () C:\Users\LBusch\Desktop\PkmnObs
 

Files to move or delete:

====================

C:\ProgramData\3wiqeje.dat

C:\ProgramData\ejeqiw3.pad

C:\ProgramData\go_0molg.pad
 
 

Some content of TEMP:

====================

C:\Users\LBusch\AppData\Local\Temp\avgnt.exe
 
 

==================== Bamital & volsnap Check =================
 

C:\Windows\System32\winlogon.exe => MD5 is legit

C:\Windows\System32\wininit.exe => MD5 is legit

C:\Windows\SysWOW64\wininit.exe => MD5 is legit

C:\Windows\explorer.exe => MD5 is legit

C:\Windows\SysWOW64\explorer.exe => MD5 is legit

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\SysWOW64\svchost.exe => MD5 is legit

C:\Windows\System32\services.exe => MD5 is legit

C:\Windows\System32\User32.dll => MD5 is legit

C:\Windows\SysWOW64\User32.dll => MD5 is legit

C:\Windows\System32\userinit.exe => MD5 is legit

C:\Windows\SysWOW64\userinit.exe => MD5 is legit

C:\Windows\System32\rpcss.dll => MD5 is legit

C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 

LastRegBack: 2014-03-02 16:50
 

==================== End Of Log ============================

--- --- ---

--- --- ---

und ADDITION:

Code:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-03-2014 02

Ran by LBusch at 2014-03-10 16:40:02

Running from C:\Users\LBusch\Desktop

Boot Mode: Normal

==========================================================
 
 

==================== Security Center ========================
 

AV: Avira Desktop (Disabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}

AS: Avira Desktop (Disabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 

==================== Installed Programs ======================
 

 Update for Microsoft Office 2007 (KB2508958) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version:  - Microsoft)

Adblock Plus for IE (32-bit and 64-bit) (HKLM\...\{C23EE7CE-C1A3-4F94-A8F0-9E0AC9C6DE6E}) (Version: 1.1 - Eyeo GmbH)

Adblock Plus for IE (HKLM-x32\...\{fd97d1e2-368a-4cd9-af63-8eeff938044a}) (Version: 1.1 - )

AdblockIE (HKLM-x32\...\{5508128A-2C7B-46B5-81F9-58E8E8115F0B}) (Version: 1.2 - af0.net)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.0.0.4080 - Adobe Systems Incorporated)

Adobe AIR (x32 Version: 3.0.0.4080 - Adobe Systems Incorporated) Hidden

Adobe Flash Player 11 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 11.9.900.152 - Adobe Systems Incorporated)

Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.70 - Adobe Systems Incorporated)

Adobe Reader 9.5.3 - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-A95000000001}) (Version: 9.5.3 - Adobe Systems Incorporated)

AMD Accelerated Video Transcoding (Version: 13.20.100.31206 - Advanced Micro Devices, Inc.) Hidden

AMD APP SDK Runtime (Version: 10.0.1084.4 - Advanced Micro Devices Inc.) Hidden

AMD Catalyst Control Center (x32 Version: 2013.1206.1603.28764 - Ihr Firmenname) Hidden

AMD Catalyst Install Manager (HKLM\...\{308051DA-0048-7A07-FE8B-9B6EC119A9E8}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)

AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden

AMD Media Foundation Decoders (Version: 1.0.81206.1620 - Advanced Micro Devices, Inc.) Hidden

AMD Steady Video Plug-In  (Version: 2.06.0000 - AMD) Hidden

AMD Wireless Display v3.0 (Version: 1.0.0.14 - Advanced Micro Devices, Inc.) Hidden

ANNO 2070 (HKLM-x32\...\{B48E264C-C8CD-4617-B0BE-46E977BAD694}) (Version: 1.0.0.0 - Ubisoft)

Apple Application Support (HKLM-x32\...\{B607C354-CD79-4D22-86D1-92DC94153F42}) (Version: 1.0.1 - Apple Inc.)

Apple Mobile Device Support (HKLM\...\{9EFC40E3-5F31-4F75-8445-286273F74D8E}) (Version: 2.6.0.32 - Apple Inc.)

Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)

Application Profiles (HKLM-x32\...\{A231A6F2-2C80-6203-ED35-2CFB96B25A38}) (Version: 2.0.4719.35969 - Advanced Micro Devices, Inc.)

applicationupdater (HKCU\...\SOE-C:/Users/LBusch/AppData/Local/Sony Online Entertainment/ApplicationUpdater) (Version:  - Sony Online Entertainment)

Arctic Combat (HKLM-x32\...\{9C84DFF4-A98C-42d5-A09F-6985A05205B2}_is1) (Version: 1.0.0.1 - Webzen)

ASRock 3TB+ Unlocker v1.1 (HKLM\...\ASRock 3TB+ Unlocker_is1) (Version:  - ASRock Inc.)

ASRock App Charger v1.0.5 (HKLM\...\ASRock App Charger_is1) (Version:  - ASRock Inc.)

ASRock XFast RAM v2.0.28 (HKLM\...\ASRock XFast RAM_is1) (Version:  - ASRock Inc.)

A-Tuning v1.0.17 (HKLM-x32\...\A-Tuning_is1) (Version: 1.0.17 - )

Avira Antivirus Premium (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.2.286 - Avira)

Avira SearchFree Toolbar (HKLM-x32\...\{41564952-412D-5637-00A7-A758B70C0A03}) (Version: 12.10.3.4487 - APN, LLC)

AVM FRITZ!Box Dokumentation (HKLM-x32\...\AVMFBox) (Version:  - AVM Berlin)

AVM FRITZ!Box Druckeranschluss (HKLM-x32\...\AVMFBoxPrinter) (Version:  - AVM Berlin)

AVM FRITZ!WLAN (HKLM-x32\...\AVMWLANCLI) (Version:  - AVM Berlin)

Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)

Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.1.0.1 - Electronic Arts)

Battlefield 4™ Beta (HKLM-x32\...\{CFAB3721-549D-4827-A4E8-7F90192114AB}) (Version: 1.0.0.0 - Electronic Arts)

Battlefield: Bad Company 2 (HKLM-x32\...\Steam App 24960) (Version:  - DICE)

Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.2 - EA Digital Illusions CE AB)

BBI USB WIRELESS CONTROLLER (HKLM-x32\...\{2C38C251-DE7B-40DC-9D26-C54044348DE5}) (Version: 2005.12.02 - )

Bonjour (HKLM\...\{DAE239CE-EB9D-4EB3-B0D4-528D6BAA48FD}) (Version: 1.0.106 - Apple Inc.)

Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center Graphics Previews Common (x32 Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center InstallProxy (x32 Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center Localization All (x32 Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden

CCC Help Chinese Standard (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden

CCC Help Chinese Traditional (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden

CCC Help Czech (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden

CCC Help Danish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden

CCC Help Dutch (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden

CCC Help English (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden

CCC Help Finnish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden

CCC Help French (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden

CCC Help German (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden

CCC Help Greek (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden

CCC Help Hungarian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden

CCC Help Italian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden

CCC Help Japanese (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden

CCC Help Korean (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden

CCC Help Norwegian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden

CCC Help Polish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden

CCC Help Portuguese (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden

CCC Help Russian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden

CCC Help Spanish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden

CCC Help Swedish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden

CCC Help Thai (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden

CCC Help Turkish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden

ccc-utility64 (Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden

CCleaner (HKLM-x32\...\CCleaner) (Version:  - Piriform)

Cisco EAP-FAST Module (HKLM-x32\...\{415B2719-AD3A-4944-B404-C472DB6085B3}) (Version: 2.1.6 - Cisco Systems, Inc.)

Cisco LEAP Module (HKLM-x32\...\{83770D14-21B9-44B3-8689-F7B523F94560}) (Version: 1.0.12 - Cisco Systems, Inc.)

Cisco PEAP Module (HKLM-x32\...\{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}) (Version: 1.0.13 - Cisco Systems, Inc.)

Click to Call with Skype (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.6.8153 - Skype Technologies S.A.)

Combat Arms EU (HKLM-x32\...\Combat Arms EU) (Version:  - )

CPUID CPU-Z 1.67.1 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )

Creative ALchemy (HKLM-x32\...\ALchemy) (Version: 1.41 - Creative Technology Limited)

Creative Entertainment Center (HKLM-x32\...\Creative Entertainment Center) (Version:  - )

Creative Software AutoUpdate (HKLM-x32\...\Creative Software AutoUpdate) (Version: 1.40 - Creative Technology Limited)

Creative-Audiokonsole (HKLM-x32\...\AudioCS) (Version: 1.33 - Creative Technology Limited)

DIE SIEDLER - Aufstieg eines Königreichs (HKLM-x32\...\{D3F80A98-05AB-4D8C-9272-766CCFA6A48D}) (Version: 1.00.0000 - Ubisoft)

Die Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.17.60 - Electronic Arts)

Die Sims™ 3 Late Night (HKLM-x32\...\{45057FCE-5784-48BE-8176-D9D00AF56C3C}) (Version: 6.0.81 - Electronic Arts)

Die Sims™ 3 Reiseabenteuer (HKLM-x32\...\{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}) (Version: 2.0.86 - Electronic Arts)

Dota 2 (HKLM-x32\...\Steam App 570) (Version:  - Valve)

EasyBits GO (HKCU\...\Game Organizer) (Version:  - EasyBits Media)

EPU (HKLM-x32\...\{9C2AC00C-0C06-4B7E-97A4-A833808D54D6}) (Version: 1.00.22 - )

eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden

erLT (x32 Version: 1.20.0137 - Logitech, Inc.) Hidden

ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)

Far Cry 3 (HKLM-x32\...\{E3B9C5A9-BD7A-4B56-B754-FAEA7DD6FA88}) (Version: 1.05 - Ubisoft)

FindRight (HKLM\...\FindRight) (Version: 2014.02.19.174052 - FindRight) <==== ATTENTION

Fraps (HKLM-x32\...\Fraps) (Version:  - )

Free YouTube to MP3 Converter version 3.12.20.1230 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.20.1230 - DVDVideoSoft Ltd.)

gamelauncher-ps2-psg (x86)-Steam-Planetside 2 (HKCU\...\SOE-E:/Program Files (x86)/Steam/Planetside 2) (Version:  - Sony Online Entertainment)

Google Chrome (HKLM-x32\...\Google Chrome) (Version: 33.0.1750.146 - Google Inc.)

Google Update Helper (x32 Version: 1.3.22.5 - Google Inc.) Hidden

Gothic 3 (HKLM-x32\...\{9F78DB3D-4F90-4A10-AD0A-85C271C88106}) (Version: 1.0.0 - JoWood)

GRID (HKLM-x32\...\Steam App 12750) (Version:  - Codemasters)

Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)

Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{A6C48A9F-694A-4234-B3AA-62590B668927}) (Version: 1.0.0.36702 - Intel Corporation)

Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1323 - Intel Corporation)

Intel(R) Network Connections 18.2.63.0 (HKLM\...\PROSetDX) (Version: 18.2.63.0 - Intel)

Intel(R) Network Connections 18.2.63.0 (Version: 18.2.63.0 - Intel) Hidden

Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.0.0.102 - Intel Corporation)

Intel® Trusted Connect Service Client (Version: 1.27.798.1 - Intel Corporation) Hidden

iTunes (HKLM\...\{A5F59952-475D-4DCC-BEAD-C216FC68E05C}) (Version: 9.0.2.25 - Apple Inc.)

Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.510 - Oracle)

Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden

JNLP (HKCU\...\JNLP) (Version:  - JNLP)

League of Legends (HKLM-x32\...\{92606477-9366-4D3B-8AE3-6BE4B29727AB}) (Version: 1.3 - Riot Games)

Logitech Gaming Software (Version: 8.45.88 - Logitech Inc.) Hidden

Logitech Gaming Software 8.51 (HKLM\...\Logitech Gaming Software) (Version: 8.51.5 - Logitech Inc.)

Logitech SetPoint 6.30 (HKLM\...\sp6) (Version: 6.30.43 - Logitech)

Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden

Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)

Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)

Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden

Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)

Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden

Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)

Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)

Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)

Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden

Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20913.0 - Microsoft Corporation)

Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)

Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{D285FC5F-3021-32E9-9C59-24CA325BDC5C}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)

Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden

Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)

MinecraftAlpha (HKLM-x32\...\MinecraftAlpha) (Version:  - )

Mozilla Firefox 27.0.1 (x86 de) (HKCU\...\Mozilla Firefox 27.0.1 (x86 de)) (Version: 27.0.1 - Mozilla)

Mozilla Firefox 4.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 4.0 (x86 de)) (Version: 4.0 - Mozilla)

Mozilla Thunderbird 24.1.1 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.1.1 (x86 de)) (Version: 24.1.1 - Mozilla)

Mozilla Thunderbird 24.2.0 (x86 de) (HKCU\...\Mozilla Thunderbird 24.2.0 (x86 de)) (Version: 24.2.0 - Mozilla)

Need for Speed(TM) Hot Pursuit (HKLM-x32\...\{83A606F5-BF6F-42ED-9F33-B9F74297CDED}) (Version: 1.0.0.0 - Electronic Arts)

Need for Speed™ Carbon (HKLM-x32\...\{259C0ABB-A3B2-4D70-008F-BF7EE491B70B}) (Version:  - )

Need for Speed™ SHIFT (HKLM-x32\...\{BBF0A67B-5DBA-452F-9D2E-6F168BC226E4}) (Version: 1.0.0.0 - Electronic Arts)

Need for Speed™ SHIFT Demo (HKLM-x32\...\{BBF0A67B-5DBA-452F-9D2E-6F168BC226E5}) (Version: 1.0.0.0 - Electronic Arts)

NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.4 - NVIDIA Corporation)

NVIDIA ForceWare Network Access Manager (Version: 1.00.7305 - NVIDIA Corporation) Hidden

NVIDIA Install Application (Version: 2.1002.85.551 - NVIDIA Corporation) Hidden

NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)

NVIDIA Systemsteuerung 296.19 (Version: 296.19 - NVIDIA Corporation) Hidden

OpenAL (HKLM-x32\...\OpenAL) (Version:  - )

Origin (HKLM-x32\...\Origin) (Version: 9.3.7.2735 - Electronic Arts, Inc.)

Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.8 - Pando Networks Inc.)

Paragon Partition Manager™ 11 Personal (HKLM-x32\...\{986A654F-F1E4-11DD-9FCA-005056C00008}) (Version: 90.00.0003 - Paragon Software)

PDF24 Creator 5.2.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)

Perry Rhodan (HKLM-x32\...\Perry Rhodan_is1) (Version:  - Deep Silver)

Planetside (HKCU\...\SOE-Planetside) (Version:  - Sony Online Entertainment)

PlanetSide 2 (HKCU\...\soe-PlanetSide 2 PSG) (Version: 1.0.3.183 - Sony Online Entertainment)

Platform (x32 Version: 1.34 - VIA Technologies, Inc.) Hidden

Pokemon Online 2.3.2 (HKLM-x32\...\{2C08D7E7-9EE1-4A08-AFE0-745F02DCD6A4}_is1) (Version:  - Dreambelievers)

PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)

Quick Memory Editor 5.5 (HKLM-x32\...\Quick Memory Editor_is1) (Version:  - softcows.com)

QuickTime (HKLM-x32\...\{A429C2AE-EBF1-4F81-A221-1C115CAADDAD}) (Version: 7.64.17.73 - Apple Inc.)

Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6873 - Realtek Semiconductor Corp.)

Risen (HKLM-x32\...\{155F4A0E-76ED-45A2-91FB-FF2A2133C31A}) (Version: 1.00.0000 - Deep Silver)

SiSoftware Sandra Lite 2014.RTM (HKLM\...\{C3113E55-7BCB-4de3-8EBF-60E6CE6B2396}_is1) (Version: 20.10.2014.2 - SiSoftware)

StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)

Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)

TeamSpeak 3 Client (HKCU\...\TeamSpeak 3 Client) (Version: 3.0.10 - TeamSpeak Systems GmbH)

Test Drive Unlimited (HKLM-x32\...\{C37A0BC1-52EE-4F97-8223-5CA9FC0357B0}) (Version: 0.10.0000 - Ihr Firmenname)

The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)

Titanfall™-Beta (HKLM-x32\...\{E933BD1A-9B05-42A3-A1CF-3DA81C72E454}) (Version: 1.0.0.0 - Electronic Arts)

Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)

Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)

Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6FAA03BD-2B51-4029-9AD9-64A3B8E3C84C}) (Version:  - Microsoft)

Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)

Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)

Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)

Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)

Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)

Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)

Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)

VC_CRT_x64 (Version: 1.02.0000 - Intel Corporation) Hidden

VIA Plattform-Geräte-Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.34 - VIA Technologies, Inc.)

VLC media player 1.0.3 (HKLM-x32\...\VLC media player) (Version: 1.0.3 - VideoLAN Team)

Windows Live ID-Anmelde-Assistent (HKLM\...\{B0EFB716-085B-4564-8060-212E41F5CE50}) (Version: 6.500.3146.0 - Microsoft Corporation)

WinRAR archiver (HKLM-x32\...\WinRAR archiver) (Version:  - )

World of Tanks (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1) (Version:  - Wargaming.net)

XFast LAN v6.61 (HKLM\...\XFast LAN) (Version: 6.61 - cFos Software GmbH, Bonn)

XFastUSB (HKLM-x32\...\XFastUSB) (Version: 3.02.31 - ASRock Inc.)
 

==================== Restore Points  =========================
 

07-03-2014 18:33:30 Installed Paragon Partition Manager™ 11 Personal.

07-03-2014 21:31:18 NVIDIA PhysX wird installiert
 

==================== Hosts content: ==========================
 

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 

==================== Scheduled Tasks (whitelisted) =============
 

Task: {08DEACF7-90DB-4254-9A88-46F6F91E2D20} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2012-06-14] (Intel Corporation)

Task: {27C55297-8A00-4E67-A2F2-493B8DD9880E} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)

Task: {27DDE1DE-06F3-4F68-BD73-97DDEF204CC1} - System32\Tasks\{248A9A7F-0107-4E96-B842-0315C4FDE992} => Firefox.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&amp;ver=6.3.0.105&amp;LastError=-9

Task: {2F347AE4-158B-41A9-B3D4-B273D318A4AF} - System32\Tasks\{48D4DA08-D2D7-4853-969E-0C5B30A899EA} => Firefox.exe hxxp://www.skype.com/go/downloading?source=installer&amp;ver=6.3.0.107&amp;LastError=-9

Task: {394E5344-1347-406A-A741-41C6937919DC} - System32\Tasks\{22BA7FC3-70B6-4577-B00F-5E9B263F2C28} => Firefox.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&amp;ver=6.6.0.106&amp;LastError=-9

Task: {60822CF7-2868-45E5-994E-59B969B6E262} - System32\Tasks\ASUS\Cpu Level Up Hook Lanunch => C:\Program Files (x86)\ASUS\AI Suite\CpuLevelUpHookLaunch.exe

Task: {707E1F43-390A-47BA-974D-3EC94200CF8B} - System32\Tasks\ASUS\ASUS RegRun Loader => C:\Program Files (x86)\ASUS\AASP\1.00.91\AsLoader.exe

Task: {7619CD46-12E7-4DAF-9C57-D343A2C389C2} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2012-06-14] (Intel Corporation)

Task: {95C4ABB4-3B3C-4FB3-AA84-FBD5802E68DA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-07] (Google Inc.)

Task: {9D12DAF0-53B0-4232-B4C0-9C53CA2856D7} - System32\Tasks\{C8F3EDC6-CB25-48A1-B06D-6973DADAE9FA} => Firefox.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&amp;ver=6.3.0.107&amp;LastError=-9

Task: {9F5FFACF-9015-4935-AE9E-9983CD900F60} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-07] (Google Inc.)

Task: {A97638ED-06D6-4DD8-97E9-B88B980041A4} - System32\Tasks\{3916C61A-9FAF-4EA6-97C3-4892C3554798} => C:\Program Files (x86)\Skype\\Phone\Skype.exe

Task: {B6266156-7C39-45EC-8269-3765C63D6ED4} - System32\Tasks\ASUS\ASUS SIX Engine => C:\Program Files (x86)\ASUS\EPU\EPU.exe

Task: {C94AB16F-549F-4E0D-A1E1-6A349A4B7AFA} - System32\Tasks\{E5F601FB-C302-4CEC-B5B9-5619DED547F5} => Firefox.exe hxxp://www.skype.com/go/downloading?source=installer&amp;ver=6.1.0.129&amp;LastError=-9

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 

==================== Loaded Modules (whitelisted) =============
 

2009-11-15 00:56 - 2010-03-15 10:28 - 00052224 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll

2013-02-03 14:52 - 2013-11-01 23:39 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe

2014-02-19 18:40 - 2014-03-07 20:49 - 00112416 _____ () C:\Program Files (x86)\FindRight\updateFindRight.exe

2014-02-20 15:04 - 2014-03-07 20:16 - 00112416 _____ () C:\Program Files (x86)\FindRight\bin\utilFindRight.exe

2009-04-19 08:34 - 2009-04-19 08:34 - 00625184 _____ () C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe

2009-04-19 08:34 - 2009-04-19 08:34 - 00070176 _____ () C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nv_common.dll

2009-04-19 08:34 - 2009-04-19 08:34 - 00578080 _____ () C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\SpecialCase.dll

2009-04-19 08:34 - 2009-04-19 08:34 - 00207904 _____ () C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe

2013-07-29 12:21 - 2013-07-18 07:16 - 00394824 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll

2009-10-23 17:01 - 2009-10-23 17:01 - 00120096 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\objc.dll

2009-10-23 17:01 - 2009-10-23 17:01 - 00039712 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ASL.dll

2009-09-05 01:54 - 2009-09-05 01:54 - 00180224 _____ () C:\Program Files (x86)\QuickTime\QTSystem\QTCF.dll

2009-10-23 17:01 - 2009-10-23 17:01 - 00067872 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll

2014-01-11 03:17 - 2013-03-12 13:19 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

2014-02-22 20:44 - 2014-02-22 20:44 - 03578992 _____ () D:\Program Files (x86)\Mozilla Firefox\mozjs.dll

2013-11-29 17:44 - 2013-11-29 17:44 - 16237448 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_152.dll
 

==================== Alternate Data Streams (whitelisted) =========
 
 

==================== Safe Mode (whitelisted) ===================
 
 

==================== Disabled items from MSCONFIG ==============
 

MSCONFIG\Services: AsSysCtrlService => 2

MSCONFIG\Services: Creative ALchemy AL6 Licensing Service => 3

MSCONFIG\Services: Creative Audio Engine Licensing Service => 3

MSCONFIG\Services: CTAudSvcService => 2

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Wireless Utility.lnk => C:\Windows\pss\Wireless Utility.lnk.CommonStartup

MSCONFIG\startupfolder: C:^Users^LBusch^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Logitech . Produktregistrierung.lnk => C:\Windows\pss\Logitech . Produktregistrierung.lnk.Startup

MSCONFIG\startupreg: Ai Nap => "C:\Program Files (x86)\ASUS\AI Suite\Q-Button\QButton.exe"

MSCONFIG\startupreg: AudioDrvEmulator => "C:\Program Files (x86)\Creative\Shared Files\Module Loader\DLLML.exe" -1 AudioDrvEmulator "C:\Program Files (x86)\Creative\Shared Files\Module Loader\Audio Emulator\AudDrvEm.dll"

MSCONFIG\startupreg: Cpu Level Up help => "C:\Program Files (x86)\ASUS\AI Suite\CpuLevelUpHelp.exe"

MSCONFIG\startupreg: CTxfiHlp => CTXFIHLP.EXE

MSCONFIG\startupreg: EvtMgr6 => D:\Programm Files\Logitech\SetPointP\SetPoint.exe /launchGaming

MSCONFIG\startupreg: KPeerNexonEU => C:\Nexon\NEXON_EU_Downloader\nxEULauncher.exe

MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start

MSCONFIG\startupreg: Module Loader => C:\Program Files (x86)\Creative\Shared Files\Module Loader\DLLML.exe -StartUpRun

MSCONFIG\startupreg: QFan Help => "C:\Program Files (x86)\ASUS\AI Suite\QFan3\QFanHelp.exe"
 

==================== Faulty Device Manager Devices =============
 
 

==================== Event log errors: =========================
 

Application errors:

==================

Error: (03/07/2014 09:08:28 PM) (Source: Steam Client Service) (User: )

Description: Error: Failed to poke open firewall
 

Error: (03/05/2014 09:06:25 PM) (Source: Application Hang) (User: )

Description: Programm bf4.exe, Version 1.1.0.1 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
 

Prozess-ID: 1ee8
 

Startzeit: 01cf38acd7ba3f53
 

Endzeit: 474
 

Anwendungspfad: E:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe
 

Berichts-ID:
 

Error: (03/02/2014 09:29:11 PM) (Source: Steam Client Service) (User: )

Description: Error: Failed to poke open firewall
 

Error: (03/02/2014 09:25:17 PM) (Source: Application Error) (User: )

Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 11.0.9600.16518, Zeitstempel: 0x52f347b2

Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea8e7

Ausnahmecode: 0xc0000005

Fehleroffset: 0x00038e19

ID des fehlerhaften Prozesses: 0x23f4

Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0

Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1

Pfad des fehlerhaften Moduls: IEXPLORE.EXE2

Berichtskennung: IEXPLORE.EXE3
 

Error: (03/01/2014 01:12:39 PM) (Source: Steam Client Service) (User: )

Description: Error: Failed to poke open firewall
 

Error: (02/28/2014 09:34:21 PM) (Source: Steam Client Service) (User: )

Description: Error: Failed to poke open firewall
 

Error: (02/28/2014 09:22:32 PM) (Source: Steam Client Service) (User: )

Description: Error: Failed to poke open firewall
 

Error: (02/22/2014 10:42:00 PM) (Source: Application Error) (User: )

Description: Name der fehlerhaften Anwendung: bf4.exe, Version: 1.1.0.1, Zeitstempel: 0x52f4ec9e

Name des fehlerhaften Moduls: bf4.exe, Version: 1.1.0.1, Zeitstempel: 0x52f4ec9e

Ausnahmecode: 0xc0000005

Fehleroffset: 0x0000000000b87bf2

ID des fehlerhaften Prozesses: 0x4cc

Startzeit der fehlerhaften Anwendung: 0xbf4.exe0

Pfad der fehlerhaften Anwendung: bf4.exe1

Pfad des fehlerhaften Moduls: bf4.exe2

Berichtskennung: bf4.exe3
 

Error: (02/21/2014 09:41:15 PM) (Source: Steam Client Service) (User: )

Description: Error: Failed to poke open firewall
 

Error: (02/19/2014 10:20:10 PM) (Source: Application Hang) (User: )

Description: Programm CR_Downloader_fuer_metroid---zero-mission.exe, Version 0.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
 

Prozess-ID: e60
 

Startzeit: 01cf2db82f8bc4f5
 

Endzeit: 0
 

Anwendungspfad: D:\Downloads\CR_Downloader_fuer_metroid---zero-mission.exe
 

Berichts-ID:
 
 

System errors:

=============

Error: (03/10/2014 03:38:59 PM) (Source: Service Control Manager) (User: )

Description: Der Dienst "AODDriver4.2.0" wurde aufgrund folgenden Fehlers nicht gestartet: 

%%3
 

Error: (03/10/2014 03:38:59 PM) (Source: Service Control Manager) (User: )

Description: Der Dienst "AMD FUEL Service" wurde aufgrund folgenden Fehlers nicht gestartet: 

%%2
 

Error: (03/09/2014 11:14:50 PM) (Source: Service Control Manager) (User: )

Description: Der Dienst "AODDriver4.2.0" wurde aufgrund folgenden Fehlers nicht gestartet: 

%%3
 

Error: (03/09/2014 11:14:49 PM) (Source: Service Control Manager) (User: )

Description: Der Dienst "AMD FUEL Service" wurde aufgrund folgenden Fehlers nicht gestartet: 

%%2
 

Error: (03/09/2014 11:12:09 PM) (Source: Service Control Manager) (User: )

Description: Der Dienst "AODDriver4.2.0" wurde aufgrund folgenden Fehlers nicht gestartet: 

%%3
 

Error: (03/09/2014 11:12:09 PM) (Source: Service Control Manager) (User: )

Description: Der Dienst "AMD FUEL Service" wurde aufgrund folgenden Fehlers nicht gestartet: 

%%2
 

Error: (03/09/2014 11:09:35 PM) (Source: Service Control Manager) (User: )

Description: Der Dienst "AODDriver4.2.0" wurde aufgrund folgenden Fehlers nicht gestartet: 

%%3
 

Error: (03/09/2014 11:09:34 PM) (Source: Service Control Manager) (User: )

Description: Der Dienst "AMD FUEL Service" wurde aufgrund folgenden Fehlers nicht gestartet: 

%%2
 

Error: (03/09/2014 09:37:48 PM) (Source: Disk) (User: )

Description: Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.
 

Error: (03/09/2014 09:37:46 PM) (Source: Disk) (User: )

Description: Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.
 
 

Microsoft Office Sessions:

=========================
 

CodeIntegrity Errors:

===================================

  Date: 2014-01-31 19:23:18.934

  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
 

  Date: 2014-01-31 19:23:18.888

  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
 

  Date: 2014-01-31 17:45:15.126

  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
 

  Date: 2014-01-31 17:45:15.073

  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
 

  Date: 2014-01-31 14:51:38.852

  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
 

  Date: 2014-01-31 14:51:38.798

  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
 

  Date: 2014-01-31 13:22:28.375

  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
 

  Date: 2014-01-31 13:22:28.325

  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
 

  Date: 2014-01-31 00:10:17.902

  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
 

  Date: 2014-01-31 00:10:17.850

  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
 
 

==================== Memory info =========================== 
 

Percentage of memory in use: 25%

Total physical RAM: 8122.73 MB

Available physical RAM: 6047.83 MB

Total Pagefile: 16243.65 MB

Available Pagefile: 13899.2 MB

Total Virtual: 8192 MB

Available Virtual: 8191.81 MB
 

==================== Drives ================================
 

Drive c: (Win7) (Fixed) (Total:80.01 GB) (Free:31.35 GB) NTFS

Drive d: (Programme) (Fixed) (Total:169.99 GB) (Free:127.19 GB) NTFS

Drive e: (Games) (Fixed) (Total:215.66 GB) (Free:47.01 GB) NTFS

Drive f: (SC2-L100-D1) (CDROM) (Total:7.05 GB) (Free:0 GB) UDF
 

==================== MBR & Partition Table ==================
 

========================================================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: AF775AD2)
 

Partition: GPT Partition Type.
 

==================== End Of Log ============================

Das AdwCleaner[S0] Log:

Code:

# AdwCleaner v3.021 - Bericht erstellt am 12/03/2014 um 16:20:03

# Aktualisiert 10/03/2014 von Xplode

# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)

# Benutzername : LBusch - LBUSCH-PC

# Gestartet von : C:\Users\LBusch\Desktop\adwcleaner.exe

# Option : Löschen
 

***** [ Dienste ] *****
 

[#] Dienst Gelöscht : Update FindRight

[#] Dienst Gelöscht : Util FindRight
 

***** [ Dateien / Ordner ] *****
 

Ordner Gelöscht : C:\Program Files (x86)\FindRight

Ordner Gelöscht : C:\Users\LBusch\AppData\Roaming\dvdvideosoftiehelpers
 

***** [ Verknüpfungen ] *****
 
 

***** [ Registrierungsdatenbank ] *****
 

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{2C774641-5504-46A8-B63F-6715AE3FE376}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2C774641-5504-46A8-B63F-6715AE3FE376}

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2C774641-5504-46A8-B63F-6715AE3FE376}

Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2C774641-5504-46A8-B63F-6715AE3FE376}

Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}

Schlüssel Gelöscht : HKCU\Software\YahooPartnerToolbar

Schlüssel Gelöscht : HKLM\Software\systweak
 

***** [ Browser ] *****
 

-\\ Internet Explorer v11.0.9600.16518
 
 

-\\ Mozilla Firefox v4.0 (de)
 

[ Datei : C:\Users\LBusch\AppData\Roaming\Mozilla\Firefox\Profiles\9t3ixatd.default\prefs.js ]
 
 

-\\ Google Chrome v33.0.1750.146
 

[ Datei : C:\Users\LBusch\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 

*************************
 

AdwCleaner[R0].txt - [2498 octets] - [12/03/2014 16:19:20]

AdwCleaner[S0].txt - [2365 octets] - [12/03/2014 16:20:03]
 

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2425 octets] ##########

Das JRT Log:

Code:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 6.1.2 (02.20.2014:1)

OS: Windows 7 Home Premium x64

Ran by LBusch on 12.03.2014 at 16:28:35,15

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 

~~~ Services
 
 
 

~~~ Registry Values
 
 
 
 

~~~ Registry Keys
 

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{41564952-412D-5637-00A7-7A786E7484D7}

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{41564952-412D-5637-00A7-7A786E7484D7}

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{4817CB16-6804-42D3-83BB-D9E279DF79CA}
 
 
 

~~~ Files
 
 
 

~~~ Folders
 

Successfully deleted: [Folder] "C:\ProgramData\apn"
 
 
 

~~~ Chrome
 

Successfully deleted: [Folder] C:\Users\LBusch\appdata\local\Google\Chrome\User Data\Default\Extensions\aaaaacalgebmfelllfiaoknifldpngjh

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Google\Chrome\Extensions\aaaaacalgebmfelllfiaoknifldpngjh
 
 
 

~~~ Event Viewer Logs were cleared
 
 
 
 
 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on 12.03.2014 at 16:29:55,63

Computer was rebooted

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Das neue FRST Log:

FRST Logfile:

FRST Logfile:

Code:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-03-2014 02

Ran by LBusch (administrator) on LBUSCH-PC on 12-03-2014 16:31:24

Running from C:\Users\LBusch\Desktop

Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard

Internet Explorer Version 11

Boot Mode: Normal
 
 
 

==================== Processes (Whitelisted) =================
 

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe

(AMD) C:\Windows\system32\atiesrxx.exe

(Microsoft Corporation) C:\Windows\system32\AUDIODG.EXE

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe

(AMD) C:\Windows\system32\atieclxx.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE

(APN LLC.) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WlanNetService.exe

(Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe

(cFos Software GmbH) C:\Program Files\ASRock\XFast LAN\spd.exe

(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe

(Intel Corporation) C:\Windows\system32\IProsetMonitor.exe

() C:\Windows\SysWOW64\PnkBstrA.exe

(Ralink Technology, Corp.) C:\Program Files (x86)\Edimax\Common\RaRegistry.exe

(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE

(Logitech, Inc.) C:\Program Files\Logitech\SetPointG\SetPointII.exe

(Ralink Technology, Corp.) C:\Program Files (x86)\Edimax\Common\RaRegistry64.exe

(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

() C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe

() C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe

(Microsoft Corporation) C:\Windows\System32\alg.exe

(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

(cFos Software GmbH) C:\Program Files\ASRock\XFast LAN\cfosspeed.exe

(Microsoft Corporation) D:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE

(Apple Inc.) D:\Program Files (x86)\iTunes\iTunesHelper.exe

(Adobe Systems Incorporated) D:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe

(Geek Software GmbH) D:\Program Files (x86)\PDF24\pdf24.exe

(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanGUI.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe

(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe

(FNet Co., Ltd.) C:\Program Files (x86)\XFastUSB\XFastUsb.exe

(Advanced Micro Devices Inc.) d:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

(ATI Technologies Inc.) D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
 
 

==================== Registry (Whitelisted) ==================
 

HKLM\...\Run: [EvtMgr6] - C:\Program Files\Logitech\SetPointP\SetPoint.exe [1744152 2011-06-24] (Logitech, Inc.)

HKLM\...\Run: [Launch LCore] - C:\Program Files\Logitech Gaming Software\LCore.exe [8292120 2013-11-14] (Logitech Inc.)

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13513288 2013-03-29] (Realtek Semiconductor)

HKLM\...\Run: [XFast LAN] - C:\Program Files\ASRock\XFast LAN\cFosSpeed.exe [1441152 2011-10-19] (cFos Software GmbH)

HKLM-x32\...\Run: [HDAudDeck] - C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2171904 2009-06-05] (VIA)

HKLM-x32\...\Run: [iTunesHelper] - D:\Program Files (x86)\iTunes\iTunesHelper.exe [141600 2009-10-28] (Apple Inc.)

HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [417792 2009-09-05] (Apple Inc.)

HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - D:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [41208 2012-12-19] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [946352 2012-12-03] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [PDFPrint] - d:\Program Files (x86)\PDF24\pdf24.exe [163000 2012-12-12] (Geek Software GmbH)

HKLM-x32\...\Run: [AVMWlanClient] - C:\Program Files (x86)\avmwlanstick\wlangui.exe [2105344 2010-10-22] (AVM Berlin)

HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [689744 2014-03-11] (Avira Operations GmbH & Co. KG)

HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)

HKLM-x32\...\Run: [USB3MON] - C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-11] (Intel Corporation)

HKLM-x32\...\Run: [XFastUSB] - C:\Program Files (x86)\XFastUSB\XFastUsb.exe [5021448 2014-01-11] (FNet Co., Ltd.)

HKLM-x32\...\Run: [StartCCC] - d:\Program Files\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-12-06] (Advanced Micro Devices, Inc.)

Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)

HKU\S-1-5-21-3814341045-3795636032-2271566647-1000\...\Run: [CtxfiReg] - Ctxfireg.exe /FAIL1

Startup: C:\Users\LBusch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk

ShortcutTarget: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk -> D:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
 

==================== Internet (Whitelisted) ====================
 

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.youtube.com/?gl=DE&hl=de

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xD0C186958965CA01

StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe

SearchScopes: HKCU - {C3DFB2B8-BDF0-4C6E-9D66-6A296BAD71FA} URL = hxxp://www.google.de/search?q={searchTerms}

BHO: No Name - {41564952-412D-5637-00A7-7A786E7484D7} -  No File

BHO: SteadyVideoBHO Class - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)

BHO: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)

BHO: Adblock Plus for IE Browser Helper Object - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll (Adblock Plus)

BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)

BHO-x32: No Name - {41564952-412D-5637-00A7-7A786E7484D7} -  No File

BHO-x32: SteadyVideoBHO Class - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)

BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)

BHO-x32: af0.Adblock.BHO - {90EFF544-3981-4d46-85C9-C0361D0931D6} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)

BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

BHO-x32: Adblock Plus for IE Browser Helper Object - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll (Adblock Plus)

Toolbar: HKLM - No Name - {41564952-412D-5637-00A7-7A786E7484D7} -  No File

Toolbar: HKLM-x32 - No Name - {41564952-412D-5637-00A7-7A786E7484D7} -  No File

DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab

DPF: HKLM-x32 {E705A591-DA3C-4228-B0D5-A356DBA42FBF} hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab

DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15118/CTPID.cab

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} -  No File

Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll No File

Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)

Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)

Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)

Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)

Tcpip\..\Interfaces\{45CE3659-2D84-4A10-B322-5720285C7F75}: [NameServer]192.168.178.1

Tcpip\..\Interfaces\{C8FCDDEF-DC30-400B-8B42-AF0E10D39E29}: [NameServer]192.168.178.1
 

FireFox:

========

FF ProfilePath: C:\Users\LBusch\AppData\Roaming\Mozilla\Firefox\Profiles\9t3ixatd.default

FF Homepage: hxxp://www.youtube.com/?gl=DE&hl=de&utm_campaign=de&utm_source=de-ha-emea-de-google&utm_medium=ha&utm_term=youutbe

FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_152.dll ()

FF Plugin: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_152.dll ()

FF Plugin-x32: @Apple.com/iTunes,version=1.0 - D:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

FF Plugin-x32: @ei.UtilityChest_49.com/Plugin - C:\Program Files (x86)\UtilityChest_49EI\Installr\1.bin\NP49EISB.dll (Utility Chest)

FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)

FF Plugin-x32: @esn/npbattlelog,version=2.3.1 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.1\npbattlelog.dll (EA Digital Illusions CE AB)

FF Plugin-x32: @esn/npbattlelog,version=2.3.2 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)

FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin-x32: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)

FF Plugin-x32: @ngm.nexoneu.com/NxGame - C:\ProgramData\NexonEU\NGM\npNxGameeu.dll (Nexon)

FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: Adobe Reader - D:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()

FF Extension: Avira SearchFree Toolbar plus Web Protection - C:\Users\LBusch\AppData\Roaming\Mozilla\Firefox\Profiles\9t3ixatd.default\Extensions\toolbar_AVIRA-V7@apn.ask.com.xpi [2013-07-26]

FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Users\LBusch\AppData\Roaming\Mozilla\Firefox\Profiles\9t3ixatd.default\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi [2012-11-20]

FF Extension: Greasemonkey - C:\Users\LBusch\AppData\Roaming\Mozilla\Firefox\Profiles\9t3ixatd.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2012-09-23]

FF StartMenuInternet: FIREFOX.EXE - d:\Program Files (x86)\Mozilla Firefox\firefox.exe
 

Chrome: 

=======

CHR Extension: (Google Docs) - C:\Users\LBusch\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-03-07]

CHR Extension: (Google Drive) - C:\Users\LBusch\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-03-07]

CHR Extension: (YouTube) - C:\Users\LBusch\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-03-07]

CHR Extension: (Google-Suche) - C:\Users\LBusch\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-03-07]

CHR Extension: (Google Wallet) - C:\Users\LBusch\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-07]

CHR Extension: (Google Mail) - C:\Users\LBusch\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-03-07]
 

==================== Services (Whitelisted) =================
 

R2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe [896592 2014-03-11] (Avira Operations GmbH & Co. KG)

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440400 2014-03-11] (Avira Operations GmbH & Co. KG)

R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440400 2014-03-11] (Avira Operations GmbH & Co. KG)

R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1017424 2014-03-11] (Avira Operations GmbH & Co. KG)

R2 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [166352 2014-02-13] (APN LLC.)

R2 Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [144672 2009-08-28] (Apple Inc.)

R2 AVM WLAN Connection Service; C:\Program Files (x86)\avmwlanstick\WlanNetService.exe [376832 2010-10-22] (AVM Berlin)

R2 cFosSpeedS; C:\Program Files\ASRock\XFast LAN\spd.exe [395136 2011-10-19] (cFos Software GmbH)

R2 ForceWare Intelligent Application Manager (IAM); C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe [625184 2009-04-19] ()

S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)

R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-03-12] (Intel Corporation)

R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-03-12] (Intel Corporation)

R2 nSvcIp; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe [207904 2009-04-19] ()

R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-11-01] ()

R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [239176 2013-02-19] (Realtek Semiconductor)

S3 SandraAgentSrv; d:\Program Files\SiSoftware\SiSoftware Sandra Lite 2014.RTM\RpcAgentSrv.exe [72344 2008-11-25] (SiSoftware)

S2 AMD FUEL Service; d:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe /launchService [X]

S4 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [X]
 

==================== Drivers (Whitelisted) ====================
 

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13368 2009-04-06] ()

R0 AsrRamDisk; C:\Windows\System32\DRIVERS\AsrRamDisk.sys [34640 2012-08-09] (ASRock Inc.)

R3 AsrVDrive; C:\Windows\System32\DRIVERS\AsrVDrive.sys [23048 2011-01-26] (ASRock Inc.)

R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2009-12-25] ()

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-17] (Avira Operations GmbH & Co. KG)

R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-17] (Avira Operations GmbH & Co. KG)

R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-25] (Avira Operations GmbH & Co. KG)

S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2010-10-22] (AVM Berlin)

S3 CT20XUT.DLL; C:\Windows\System32\CT20XUT.DLL [252712 2007-04-10] (Creative Technology Ltd.)

S3 CTEAPSFX.DLL; C:\Windows\System32\CTEAPSFX.DLL [219432 2007-04-10] (Creative Technology Ltd)

S3 CTEDSPFX.DLL; C:\Windows\System32\CTEDSPFX.DLL [321832 2007-04-10] (Creative Technology Ltd)

S3 CTEDSPIO.DLL; C:\Windows\System32\CTEDSPIO.DLL [190248 2007-04-10] (Creative Technology Ltd)

S3 CTEDSPSY.DLL; C:\Windows\System32\CTEDSPSY.DLL [363304 2007-04-10] (Creative Technology Ltd)

S3 CTEXFIFX.DLL; C:\Windows\System32\CTEXFIFX.DLL [1571112 2007-04-10] (Creative Technology Ltd.)

S3 CTHWIUT.DLL; C:\Windows\System32\CTHWIUT.DLL [123688 2007-04-10] (Creative Technology Ltd.)

R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [496400 2013-02-26] (Intel Corporation)

R1 FNETURPX; C:\Windows\System32\drivers\FNETURPX.SYS [16648 2014-01-11] (FNet Co., Ltd.)

R3 fwlanusbn; C:\Windows\System32\DRIVERS\fwlanusbn.sys [714368 2010-10-22] (AVM GmbH)

R0 hotcore3; C:\Windows\System32\DRIVERS\hotcore3.sys [37392 2010-05-28] (Paragon Software Group)

R3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)

R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2009-12-25] ()

S3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-05-14] ()

S3 SANDRA; d:\Program Files\SiSoftware\SiSoftware Sandra Lite 2014.RTM\WNt500x64\Sandra.sys [23112 2009-08-07] (SiSoftware)

R0 sptd; C:\Windows\System32\Drivers\sptd.sys [526392 2011-10-30] ()

S2 AODDriver4.2.0; \??\d:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [X]

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)

S3 catchme; \??\C:\ComboFix\catchme.sys [X]

S3 COMMONFX; system32\drivers\COMMONFX.SYS [X]

S3 COMMONFX.DLL; system32\COMMONFX.DLL [X]

S3 COMMONFX.SYS; \SystemRoot\System32\drivers\COMMONFX.SYS [X]

S3 ctac32k; system32\drivers\ctac32k.sys [X]

S3 ctaud2k; system32\drivers\ctaud2k.sys [X]

S3 CTAUDFX; system32\drivers\CTAUDFX.SYS [X]

S3 CTAUDFX.DLL; system32\CTAUDFX.DLL [X]

S3 CTAUDFX.SYS; \SystemRoot\System32\drivers\CTAUDFX.SYS [X]

S3 CTERFXFX; system32\drivers\CTERFXFX.SYS [X]

S3 CTERFXFX.DLL; system32\CTERFXFX.DLL [X]

S3 CTERFXFX.SYS; \SystemRoot\System32\drivers\CTERFXFX.SYS [X]

S3 ctprxy2k; system32\drivers\ctprxy2k.sys [X]

S3 CTSBLFX; system32\drivers\CTSBLFX.SYS [X]

S3 CTSBLFX.DLL; system32\CTSBLFX.DLL [X]

S3 CTSBLFX.SYS; \SystemRoot\System32\drivers\CTSBLFX.SYS [X]

S3 ctsfm2k; system32\drivers\ctsfm2k.sys [X]

S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]

S3 emupia; system32\drivers\emupia2k.sys [X]

S3 ha10kx2k; system32\drivers\ha10kx2k.sys [X]

S3 hap16v2k; system32\drivers\hap16v2k.sys [X]

S3 hap17v2k; system32\drivers\hap17v2k.sys [X]

S3 NVHDA; system32\drivers\nvhda64v.sys [X]

S3 ossrv; system32\drivers\ctoss2k.sys [X]

S3 X6va003; \??\C:\Users\LBusch\AppData\Local\Temp\0031B8F.tmp [X]
 

==================== NetSvcs (Whitelisted) ===================
 
 

==================== One Month Created Files and Folders ========
 

2014-03-12 16:29 - 2014-03-12 16:29 - 00001361 _____ () C:\Users\LBusch\Desktop\JRT.txt

2014-03-12 16:25 - 2014-03-12 16:25 - 00000000 ____D () C:\Windows\ERUNT

2014-03-12 16:24 - 2014-03-12 16:24 - 01037734 _____ (Thisisu) C:\Users\LBusch\Desktop\JRT.exe

2014-03-12 16:19 - 2014-03-12 16:20 - 00000000 ____D () C:\AdwCleaner

2014-03-12 16:15 - 2014-03-12 16:15 - 01949184 _____ () C:\Users\LBusch\Desktop\adwcleaner.exe

2014-03-11 16:11 - 2014-03-11 16:11 - 00031417 _____ () C:\ComboFix.txt

2014-03-11 15:51 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe

2014-03-11 15:51 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe

2014-03-11 15:51 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe

2014-03-11 15:51 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe

2014-03-11 15:51 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe

2014-03-11 15:51 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe

2014-03-11 15:51 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe

2014-03-11 15:51 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe

2014-03-11 15:09 - 2014-03-11 16:11 - 00000000 ____D () C:\Qoobox

2014-03-11 15:09 - 2014-03-11 16:10 - 00000000 ____D () C:\Windows\erdnt

2014-03-11 15:08 - 2014-03-11 15:08 - 05188693 ____R (Swearware) C:\Users\LBusch\Desktop\ComboFix.exe

2014-03-10 16:40 - 2014-03-10 16:40 - 00042213 _____ () C:\Users\LBusch\Desktop\Addition.txt

2014-03-10 16:39 - 2014-03-12 16:31 - 00022086 _____ () C:\Users\LBusch\Desktop\FRST.txt

2014-03-10 16:39 - 2014-03-12 16:31 - 00000000 ____D () C:\FRST

2014-03-10 15:45 - 2014-03-10 15:45 - 02157056 _____ (Farbar) C:\Users\LBusch\Desktop\FRST64.exe

2014-03-07 22:37 - 2014-03-11 16:44 - 00000868 _____ () C:\Windows\PFRO.log

2014-03-07 22:31 - 2014-03-07 22:31 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies

2014-03-07 20:29 - 2014-03-07 20:29 - 00002255 _____ () C:\Users\Public\Desktop\Google Chrome.lnk

2014-03-07 20:28 - 2014-03-12 16:28 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2014-03-07 20:28 - 2014-03-11 22:33 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2014-03-07 20:28 - 2014-03-07 20:29 - 00000000 ____D () C:\Users\LBusch\AppData\Local\Google

2014-03-07 20:28 - 2014-03-07 20:29 - 00000000 ____D () C:\Program Files (x86)\Google

2014-03-07 20:28 - 2014-03-07 20:28 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA

2014-03-07 20:28 - 2014-03-07 20:28 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore

2014-03-07 20:28 - 2014-03-07 20:28 - 00000000 ____D () C:\Users\LBusch\AppData\Local\Deployment

2014-03-07 20:28 - 2014-03-07 20:28 - 00000000 ____D () C:\Users\LBusch\AppData\Local\Apps\2.0

2014-03-07 19:36 - 2014-03-07 19:36 - 00000000 ____D () C:\ProgramData\redistpart

2014-03-07 19:36 - 2014-03-07 19:36 - 00000000 ____D () C:\ProgramData\launcher

2014-03-07 19:36 - 2014-03-07 19:36 - 00000000 ____D () C:\ProgramData\explauncher

2014-03-07 19:35 - 2014-03-12 16:28 - 00250920 _____ () C:\Windows\setupact.log

2014-03-07 19:35 - 2014-03-07 19:35 - 00000000 _____ () C:\Windows\setuperr.log

2014-03-07 19:33 - 2014-03-07 19:33 - 00002107 _____ () C:\Users\Public\Desktop\Paragon Partition Manager™ 11 Personal.lnk

2014-03-07 19:33 - 2010-05-28 13:10 - 00037392 _____ (Paragon Software Group) C:\Windows\system32\Drivers\hotcore3.sys

2014-02-21 21:59 - 2014-02-21 21:59 - 00000000 ____D () C:\Users\LBusch\AppData\Local\Blizzard

2014-02-19 22:18 - 2014-02-19 22:19 - 05182170 _____ () C:\Users\LBusch\Downloads\Metroid - Zero Mission.zip

2014-02-17 21:35 - 2014-02-17 21:35 - 00000000 ____D () C:\Users\LBusch\Documents\Respawn

2014-02-13 21:44 - 2014-02-13 21:44 - 00000521 _____ () C:\Users\Public\Desktop\Fraps.lnk

2014-02-13 19:33 - 2014-03-02 21:21 - 00000000 ____D () C:\Users\LBusch\AppData\Local\Battle.net

2014-02-13 19:33 - 2014-02-14 22:06 - 00000000 ____D () C:\Users\LBusch\AppData\Roaming\Battle.net

2014-02-13 01:40 - 2014-02-06 13:16 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2014-02-13 01:40 - 2014-02-06 12:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2014-02-13 01:40 - 2014-02-06 12:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll

2014-02-13 01:40 - 2014-02-06 12:12 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2014-02-13 01:40 - 2014-02-06 12:07 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll

2014-02-13 01:40 - 2014-02-06 12:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll

2014-02-13 01:40 - 2014-02-06 11:57 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2014-02-13 01:40 - 2014-02-06 11:56 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll

2014-02-13 01:40 - 2014-02-06 11:52 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2014-02-13 01:40 - 2014-02-06 11:49 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

2014-02-13 01:40 - 2014-02-06 11:48 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll

2014-02-13 01:40 - 2014-02-06 11:48 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe

2014-02-13 01:40 - 2014-02-06 11:38 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2014-02-13 01:40 - 2014-02-06 11:32 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe

2014-02-13 01:40 - 2014-02-06 11:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2014-02-13 01:40 - 2014-02-06 11:17 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll

2014-02-13 01:40 - 2014-02-06 11:11 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2014-02-13 01:40 - 2014-02-06 11:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll

2014-02-13 01:40 - 2014-02-06 11:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll

2014-02-13 01:40 - 2014-02-06 10:57 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2014-02-13 01:40 - 2014-02-06 10:57 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2014-02-13 01:40 - 2014-02-06 10:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll

2014-02-13 01:40 - 2014-02-06 10:52 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll

2014-02-13 01:40 - 2014-02-06 10:50 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2014-02-13 01:40 - 2014-02-06 10:49 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll

2014-02-13 01:40 - 2014-02-06 10:47 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe

2014-02-13 01:40 - 2014-02-06 10:46 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll

2014-02-13 01:40 - 2014-02-06 10:25 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2014-02-13 01:40 - 2014-02-06 10:25 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll

2014-02-13 01:40 - 2014-02-06 10:24 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2014-02-13 01:40 - 2014-02-06 10:22 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2014-02-13 01:40 - 2014-02-06 10:13 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2014-02-13 01:40 - 2014-02-06 10:09 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl

2014-02-13 01:40 - 2014-02-06 10:03 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2014-02-13 01:40 - 2014-02-06 09:55 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2014-02-13 01:40 - 2014-02-06 09:41 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2014-02-13 01:40 - 2014-02-06 09:40 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll

2014-02-13 01:40 - 2014-02-06 09:36 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2014-02-13 01:40 - 2014-02-06 09:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll

2014-02-13 01:40 - 2013-12-21 10:53 - 00548864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

2014-02-13 01:40 - 2013-12-21 09:56 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll

2014-02-12 21:13 - 2014-01-01 00:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls

2014-02-12 21:13 - 2014-01-01 00:04 - 00420008 _____ () C:\Windows\system32\locale.nls

2014-02-12 21:13 - 2013-12-25 00:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll

2014-02-12 21:13 - 2013-12-24 23:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll

2014-02-12 21:13 - 2013-12-06 03:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll

2014-02-12 21:13 - 2013-12-06 03:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll

2014-02-12 21:13 - 2013-12-06 03:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll

2014-02-12 21:13 - 2013-12-06 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll

2014-02-12 21:13 - 2013-12-04 03:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll

2014-02-12 21:13 - 2013-12-04 03:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll

2014-02-12 21:13 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll

2014-02-12 21:13 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll

2014-02-12 21:13 - 2013-12-04 03:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll

2014-02-12 21:13 - 2013-12-04 03:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe

2014-02-12 21:13 - 2013-12-04 03:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe

2014-02-12 21:13 - 2013-12-04 03:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe

2014-02-12 21:13 - 2013-12-04 03:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe

2014-02-12 21:13 - 2013-12-04 03:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll

2014-02-12 21:13 - 2013-12-04 03:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll

2014-02-12 21:13 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll

2014-02-12 21:13 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll

2014-02-12 21:13 - 2013-12-04 03:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll

2014-02-12 21:13 - 2013-12-04 02:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe

2014-02-12 21:13 - 2013-12-04 02:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe

2014-02-12 21:13 - 2013-12-04 02:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe

2014-02-12 21:13 - 2013-12-04 02:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe

2014-02-12 21:13 - 2013-11-26 09:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll

2014-02-12 21:13 - 2013-11-22 23:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
 

==================== One Month Modified Files and Folders =======
 

2014-03-12 16:31 - 2014-03-10 16:39 - 00022086 _____ () C:\Users\LBusch\Desktop\FRST.txt

2014-03-12 16:31 - 2014-03-10 16:39 - 00000000 ____D () C:\FRST

2014-03-12 16:29 - 2014-03-12 16:29 - 00001361 _____ () C:\Users\LBusch\Desktop\JRT.txt

2014-03-12 16:28 - 2014-03-07 20:28 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2014-03-12 16:28 - 2014-03-07 19:35 - 00250920 _____ () C:\Windows\setupact.log

2014-03-12 16:28 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT

2014-03-12 16:27 - 2013-10-28 17:58 - 02050375 _____ () C:\Windows\WindowsUpdate.log

2014-03-12 16:27 - 2009-07-14 05:45 - 00014992 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2014-03-12 16:27 - 2009-07-14 05:45 - 00014992 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2014-03-12 16:26 - 2009-07-14 18:58 - 00699416 _____ () C:\Windows\system32\perfh007.dat

2014-03-12 16:26 - 2009-07-14 18:58 - 00149556 _____ () C:\Windows\system32\perfc007.dat

2014-03-12 16:26 - 2009-07-14 06:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI

2014-03-12 16:25 - 2014-03-12 16:25 - 00000000 ____D () C:\Windows\ERUNT

2014-03-12 16:24 - 2014-03-12 16:24 - 01037734 _____ (Thisisu) C:\Users\LBusch\Desktop\JRT.exe

2014-03-12 16:20 - 2014-03-12 16:19 - 00000000 ____D () C:\AdwCleaner

2014-03-12 16:15 - 2014-03-12 16:15 - 01949184 _____ () C:\Users\LBusch\Desktop\adwcleaner.exe

2014-03-11 22:33 - 2014-03-07 20:28 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2014-03-11 22:26 - 2011-01-03 19:20 - 00000000 ____D () C:\Users\LBusch\AppData\Local\PMB Files

2014-03-11 18:28 - 2011-01-24 17:07 - 00000000 ____D () C:\Users\LBusch\AppData\Roaming\Skype

2014-03-11 16:44 - 2014-03-07 22:37 - 00000868 _____ () C:\Windows\PFRO.log

2014-03-11 16:12 - 2014-01-11 05:23 - 00000000 ____D () C:\Users\LBusch\Desktop\Tools

2014-03-11 16:11 - 2014-03-11 16:11 - 00031417 _____ () C:\ComboFix.txt

2014-03-11 16:11 - 2014-03-11 15:09 - 00000000 ____D () C:\Qoobox

2014-03-11 16:10 - 2014-03-11 15:09 - 00000000 ____D () C:\Windows\erdnt

2014-03-11 16:10 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini

2014-03-11 15:08 - 2014-03-11 15:08 - 05188693 ____R (Swearware) C:\Users\LBusch\Desktop\ComboFix.exe

2014-03-10 19:00 - 2013-06-22 21:03 - 00214392 _____ () C:\Windows\SysWOW64\PnkBstrB.exe

2014-03-10 18:54 - 2013-02-03 14:52 - 00214392 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0

2014-03-10 18:22 - 2013-10-04 14:22 - 00000000 ____D () C:\Program Files (x86)\O R I G E N

2014-03-10 18:22 - 2011-10-11 18:52 - 00000000 ____D () C:\ProgramData\Origin

2014-03-10 16:40 - 2014-03-10 16:40 - 00042213 _____ () C:\Users\LBusch\Desktop\Addition.txt

2014-03-10 15:45 - 2014-03-10 15:45 - 02157056 _____ (Farbar) C:\Users\LBusch\Desktop\FRST64.exe

2014-03-09 16:54 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF

2014-03-09 15:58 - 2010-02-01 15:34 - 00000000 ____D () C:\Users\LBusch\Documents\gothic3

2014-03-09 10:25 - 2009-12-27 00:17 - 00000374 _____ () C:\Windows\system32\Drivers\etc\hosts.ics

2014-03-07 22:53 - 2010-03-11 19:41 - 00000000 ____D () C:\Users\LBusch\AppData\Local\Risen

2014-03-07 22:52 - 2009-11-16 21:29 - 00000000 ____D () C:\Users\LBusch\AppData\Roaming\vlc

2014-03-07 22:31 - 2014-03-07 22:31 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies

2014-03-07 22:31 - 2009-11-14 22:11 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation

2014-03-07 20:29 - 2014-03-07 20:29 - 00002255 _____ () C:\Users\Public\Desktop\Google Chrome.lnk

2014-03-07 20:29 - 2014-03-07 20:28 - 00000000 ____D () C:\Users\LBusch\AppData\Local\Google

2014-03-07 20:29 - 2014-03-07 20:28 - 00000000 ____D () C:\Program Files (x86)\Google

2014-03-07 20:28 - 2014-03-07 20:28 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA

2014-03-07 20:28 - 2014-03-07 20:28 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore

2014-03-07 20:28 - 2014-03-07 20:28 - 00000000 ____D () C:\Users\LBusch\AppData\Local\Deployment

2014-03-07 20:28 - 2014-03-07 20:28 - 00000000 ____D () C:\Users\LBusch\AppData\Local\Apps\2.0

2014-03-07 19:36 - 2014-03-07 19:36 - 00000000 ____D () C:\ProgramData\redistpart

2014-03-07 19:36 - 2014-03-07 19:36 - 00000000 ____D () C:\ProgramData\launcher

2014-03-07 19:36 - 2014-03-07 19:36 - 00000000 ____D () C:\ProgramData\explauncher

2014-03-07 19:35 - 2014-03-07 19:35 - 00000000 _____ () C:\Windows\setuperr.log

2014-03-07 19:33 - 2014-03-07 19:33 - 00002107 _____ () C:\Users\Public\Desktop\Paragon Partition Manager™ 11 Personal.lnk

2014-03-03 16:09 - 2012-05-12 00:26 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe

2014-03-03 16:09 - 2011-06-25 21:26 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

2014-03-02 21:21 - 2014-02-13 19:33 - 00000000 ____D () C:\Users\LBusch\AppData\Local\Battle.net

2014-02-26 18:24 - 2011-07-23 15:37 - 00018960 _____ (Logitech, Inc.) C:\Windows\system32\Drivers\LNonPnP.sys

2014-02-25 22:36 - 2011-02-02 16:30 - 01593956 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI

2014-02-21 21:59 - 2014-02-21 21:59 - 00000000 ____D () C:\Users\LBusch\AppData\Local\Blizzard

2014-02-19 22:24 - 2012-08-18 22:47 - 00000000 ____D () C:\Users\LBusch\Desktop\Visual Boy

2014-02-19 22:19 - 2014-02-19 22:18 - 05182170 _____ () C:\Users\LBusch\Downloads\Metroid - Zero Mission.zip

2014-02-17 21:35 - 2014-02-17 21:35 - 00000000 ____D () C:\Users\LBusch\Documents\Respawn

2014-02-16 15:08 - 2013-07-29 10:11 - 00000000 ____D () C:\Windows\system32\MRT

2014-02-16 15:07 - 2009-12-25 01:55 - 88567024 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

2014-02-14 22:06 - 2014-02-13 19:33 - 00000000 ____D () C:\Users\LBusch\AppData\Roaming\Battle.net

2014-02-13 21:44 - 2014-02-13 21:44 - 00000521 _____ () C:\Users\Public\Desktop\Fraps.lnk

2014-02-13 21:33 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache

2014-02-12 17:17 - 2013-02-03 15:08 - 00281688 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr

2014-02-11 14:07 - 2009-07-14 06:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD

2014-02-10 20:57 - 2012-06-12 16:46 - 00000000 ____D () C:\Users\LBusch\AppData\Roaming\DVDVideoSoft

2014-02-10 20:02 - 2014-02-06 16:55 - 00000000 ____D () C:\Users\LBusch\Desktop\PkmnObs
 

Some content of TEMP:

====================

C:\Users\LBusch\AppData\Local\Temp\avgnt.exe

C:\Users\LBusch\AppData\Local\Temp\Quarantine.exe
 
 

==================== Bamital & volsnap Check =================
 

C:\Windows\System32\winlogon.exe => MD5 is legit

C:\Windows\System32\wininit.exe => MD5 is legit

C:\Windows\SysWOW64\wininit.exe => MD5 is legit

C:\Windows\explorer.exe => MD5 is legit

C:\Windows\SysWOW64\explorer.exe => MD5 is legit

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\SysWOW64\svchost.exe => MD5 is legit

C:\Windows\System32\services.exe => MD5 is legit

C:\Windows\System32\User32.dll => MD5 is legit

C:\Windows\SysWOW64\User32.dll => MD5 is legit

C:\Windows\System32\userinit.exe => MD5 is legit

C:\Windows\SysWOW64\userinit.exe => MD5 is legit

C:\Windows\System32\rpcss.dll => MD5 is legit

C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 

LastRegBack: 2014-03-10 19:56
 

==================== End Of Log ============================

--- --- ---

--- --- ---

Und das neue Addition Log:

Code:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-03-2014 02

Ran by LBusch at 2014-03-10 16:40:02

Running from C:\Users\LBusch\Desktop

Boot Mode: Normal

==========================================================
 
 

==================== Security Center ========================
 

AV: Avira Desktop (Disabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}

AS: Avira Desktop (Disabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 

==================== Installed Programs ======================
 

 Update for Microsoft Office 2007 (KB2508958) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version:  - Microsoft)

Adblock Plus for IE (32-bit and 64-bit) (HKLM\...\{C23EE7CE-C1A3-4F94-A8F0-9E0AC9C6DE6E}) (Version: 1.1 - Eyeo GmbH)

Adblock Plus for IE (HKLM-x32\...\{fd97d1e2-368a-4cd9-af63-8eeff938044a}) (Version: 1.1 - )

AdblockIE (HKLM-x32\...\{5508128A-2C7B-46B5-81F9-58E8E8115F0B}) (Version: 1.2 - af0.net)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.0.0.4080 - Adobe Systems Incorporated)

Adobe AIR (x32 Version: 3.0.0.4080 - Adobe Systems Incorporated) Hidden

Adobe Flash Player 11 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 11.9.900.152 - Adobe Systems Incorporated)

Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.70 - Adobe Systems Incorporated)

Adobe Reader 9.5.3 - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-A95000000001}) (Version: 9.5.3 - Adobe Systems Incorporated)

AMD Accelerated Video Transcoding (Version: 13.20.100.31206 - Advanced Micro Devices, Inc.) Hidden

AMD APP SDK Runtime (Version: 10.0.1084.4 - Advanced Micro Devices Inc.) Hidden

AMD Catalyst Control Center (x32 Version: 2013.1206.1603.28764 - Ihr Firmenname) Hidden

AMD Catalyst Install Manager (HKLM\...\{308051DA-0048-7A07-FE8B-9B6EC119A9E8}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)

AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden

AMD Media Foundation Decoders (Version: 1.0.81206.1620 - Advanced Micro Devices, Inc.) Hidden

AMD Steady Video Plug-In  (Version: 2.06.0000 - AMD) Hidden

AMD Wireless Display v3.0 (Version: 1.0.0.14 - Advanced Micro Devices, Inc.) Hidden

ANNO 2070 (HKLM-x32\...\{B48E264C-C8CD-4617-B0BE-46E977BAD694}) (Version: 1.0.0.0 - Ubisoft)

Apple Application Support (HKLM-x32\...\{B607C354-CD79-4D22-86D1-92DC94153F42}) (Version: 1.0.1 - Apple Inc.)

Apple Mobile Device Support (HKLM\...\{9EFC40E3-5F31-4F75-8445-286273F74D8E}) (Version: 2.6.0.32 - Apple Inc.)

Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)

Application Profiles (HKLM-x32\...\{A231A6F2-2C80-6203-ED35-2CFB96B25A38}) (Version: 2.0.4719.35969 - Advanced Micro Devices, Inc.)

applicationupdater (HKCU\...\SOE-C:/Users/LBusch/AppData/Local/Sony Online Entertainment/ApplicationUpdater) (Version:  - Sony Online Entertainment)

Arctic Combat (HKLM-x32\...\{9C84DFF4-A98C-42d5-A09F-6985A05205B2}_is1) (Version: 1.0.0.1 - Webzen)

ASRock 3TB+ Unlocker v1.1 (HKLM\...\ASRock 3TB+ Unlocker_is1) (Version:  - ASRock Inc.)

ASRock App Charger v1.0.5 (HKLM\...\ASRock App Charger_is1) (Version:  - ASRock Inc.)

ASRock XFast RAM v2.0.28 (HKLM\...\ASRock XFast RAM_is1) (Version:  - ASRock Inc.)

A-Tuning v1.0.17 (HKLM-x32\...\A-Tuning_is1) (Version: 1.0.17 - )

Avira Antivirus Premium (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.2.286 - Avira)

Avira SearchFree Toolbar (HKLM-x32\...\{41564952-412D-5637-00A7-A758B70C0A03}) (Version: 12.10.3.4487 - APN, LLC)

AVM FRITZ!Box Dokumentation (HKLM-x32\...\AVMFBox) (Version:  - AVM Berlin)

AVM FRITZ!Box Druckeranschluss (HKLM-x32\...\AVMFBoxPrinter) (Version:  - AVM Berlin)

AVM FRITZ!WLAN (HKLM-x32\...\AVMWLANCLI) (Version:  - AVM Berlin)

Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)

Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.1.0.1 - Electronic Arts)

Battlefield 4™ Beta (HKLM-x32\...\{CFAB3721-549D-4827-A4E8-7F90192114AB}) (Version: 1.0.0.0 - Electronic Arts)

Battlefield: Bad Company 2 (HKLM-x32\...\Steam App 24960) (Version:  - DICE)

Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.2 - EA Digital Illusions CE AB)

BBI USB WIRELESS CONTROLLER (HKLM-x32\...\{2C38C251-DE7B-40DC-9D26-C54044348DE5}) (Version: 2005.12.02 - )

Bonjour (HKLM\...\{DAE239CE-EB9D-4EB3-B0D4-528D6BAA48FD}) (Version: 1.0.106 - Apple Inc.)

Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center Graphics Previews Common (x32 Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center InstallProxy (x32 Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center Localization All (x32 Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden

CCC Help Chinese Standard (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden

CCC Help Chinese Traditional (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden

CCC Help Czech (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden

CCC Help Danish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden

CCC Help Dutch (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden

CCC Help English (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden

CCC Help Finnish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden

CCC Help French (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden

CCC Help German (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden

CCC Help Greek (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden

CCC Help Hungarian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden

CCC Help Italian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden

CCC Help Japanese (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden

CCC Help Korean (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden

CCC Help Norwegian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden

CCC Help Polish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden

CCC Help Portuguese (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden

CCC Help Russian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden

CCC Help Spanish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden

CCC Help Swedish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden

CCC Help Thai (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden

CCC Help Turkish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden

ccc-utility64 (Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden

CCleaner (HKLM-x32\...\CCleaner) (Version:  - Piriform)

Cisco EAP-FAST Module (HKLM-x32\...\{415B2719-AD3A-4944-B404-C472DB6085B3}) (Version: 2.1.6 - Cisco Systems, Inc.)

Cisco LEAP Module (HKLM-x32\...\{83770D14-21B9-44B3-8689-F7B523F94560}) (Version: 1.0.12 - Cisco Systems, Inc.)

Cisco PEAP Module (HKLM-x32\...\{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}) (Version: 1.0.13 - Cisco Systems, Inc.)

Click to Call with Skype (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.6.8153 - Skype Technologies S.A.)

Combat Arms EU (HKLM-x32\...\Combat Arms EU) (Version:  - )

CPUID CPU-Z 1.67.1 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )

Creative ALchemy (HKLM-x32\...\ALchemy) (Version: 1.41 - Creative Technology Limited)

Creative Entertainment Center (HKLM-x32\...\Creative Entertainment Center) (Version:  - )

Creative Software AutoUpdate (HKLM-x32\...\Creative Software AutoUpdate) (Version: 1.40 - Creative Technology Limited)

Creative-Audiokonsole (HKLM-x32\...\AudioCS) (Version: 1.33 - Creative Technology Limited)

DIE SIEDLER - Aufstieg eines Königreichs (HKLM-x32\...\{D3F80A98-05AB-4D8C-9272-766CCFA6A48D}) (Version: 1.00.0000 - Ubisoft)

Die Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.17.60 - Electronic Arts)

Die Sims™ 3 Late Night (HKLM-x32\...\{45057FCE-5784-48BE-8176-D9D00AF56C3C}) (Version: 6.0.81 - Electronic Arts)

Die Sims™ 3 Reiseabenteuer (HKLM-x32\...\{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}) (Version: 2.0.86 - Electronic Arts)

Dota 2 (HKLM-x32\...\Steam App 570) (Version:  - Valve)

EasyBits GO (HKCU\...\Game Organizer) (Version:  - EasyBits Media)

EPU (HKLM-x32\...\{9C2AC00C-0C06-4B7E-97A4-A833808D54D6}) (Version: 1.00.22 - )

eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden

erLT (x32 Version: 1.20.0137 - Logitech, Inc.) Hidden

ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)

Far Cry 3 (HKLM-x32\...\{E3B9C5A9-BD7A-4B56-B754-FAEA7DD6FA88}) (Version: 1.05 - Ubisoft)

FindRight (HKLM\...\FindRight) (Version: 2014.02.19.174052 - FindRight) <==== ATTENTION

Fraps (HKLM-x32\...\Fraps) (Version:  - )

Free YouTube to MP3 Converter version 3.12.20.1230 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.20.1230 - DVDVideoSoft Ltd.)

gamelauncher-ps2-psg (x86)-Steam-Planetside 2 (HKCU\...\SOE-E:/Program Files (x86)/Steam/Planetside 2) (Version:  - Sony Online Entertainment)

Google Chrome (HKLM-x32\...\Google Chrome) (Version: 33.0.1750.146 - Google Inc.)

Google Update Helper (x32 Version: 1.3.22.5 - Google Inc.) Hidden

Gothic 3 (HKLM-x32\...\{9F78DB3D-4F90-4A10-AD0A-85C271C88106}) (Version: 1.0.0 - JoWood)

GRID (HKLM-x32\...\Steam App 12750) (Version:  - Codemasters)

Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)

Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{A6C48A9F-694A-4234-B3AA-62590B668927}) (Version: 1.0.0.36702 - Intel Corporation)

Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1323 - Intel Corporation)

Intel(R) Network Connections 18.2.63.0 (HKLM\...\PROSetDX) (Version: 18.2.63.0 - Intel)

Intel(R) Network Connections 18.2.63.0 (Version: 18.2.63.0 - Intel) Hidden

Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.0.0.102 - Intel Corporation)

Intel® Trusted Connect Service Client (Version: 1.27.798.1 - Intel Corporation) Hidden

iTunes (HKLM\...\{A5F59952-475D-4DCC-BEAD-C216FC68E05C}) (Version: 9.0.2.25 - Apple Inc.)

Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.510 - Oracle)

Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden

JNLP (HKCU\...\JNLP) (Version:  - JNLP)

League of Legends (HKLM-x32\...\{92606477-9366-4D3B-8AE3-6BE4B29727AB}) (Version: 1.3 - Riot Games)

Logitech Gaming Software (Version: 8.45.88 - Logitech Inc.) Hidden

Logitech Gaming Software 8.51 (HKLM\...\Logitech Gaming Software) (Version: 8.51.5 - Logitech Inc.)

Logitech SetPoint 6.30 (HKLM\...\sp6) (Version: 6.30.43 - Logitech)

Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden

Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)

Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)

Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden

Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)

Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden

Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)

Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)

Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)

Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden

Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20913.0 - Microsoft Corporation)

Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)

Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{D285FC5F-3021-32E9-9C59-24CA325BDC5C}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)

Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden

Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)

MinecraftAlpha (HKLM-x32\...\MinecraftAlpha) (Version:  - )

Mozilla Firefox 27.0.1 (x86 de) (HKCU\...\Mozilla Firefox 27.0.1 (x86 de)) (Version: 27.0.1 - Mozilla)

Mozilla Firefox 4.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 4.0 (x86 de)) (Version: 4.0 - Mozilla)

Mozilla Thunderbird 24.1.1 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.1.1 (x86 de)) (Version: 24.1.1 - Mozilla)

Mozilla Thunderbird 24.2.0 (x86 de) (HKCU\...\Mozilla Thunderbird 24.2.0 (x86 de)) (Version: 24.2.0 - Mozilla)

Need for Speed(TM) Hot Pursuit (HKLM-x32\...\{83A606F5-BF6F-42ED-9F33-B9F74297CDED}) (Version: 1.0.0.0 - Electronic Arts)

Need for Speed™ Carbon (HKLM-x32\...\{259C0ABB-A3B2-4D70-008F-BF7EE491B70B}) (Version:  - )

Need for Speed™ SHIFT (HKLM-x32\...\{BBF0A67B-5DBA-452F-9D2E-6F168BC226E4}) (Version: 1.0.0.0 - Electronic Arts)

Need for Speed™ SHIFT Demo (HKLM-x32\...\{BBF0A67B-5DBA-452F-9D2E-6F168BC226E5}) (Version: 1.0.0.0 - Electronic Arts)

NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.4 - NVIDIA Corporation)

NVIDIA ForceWare Network Access Manager (Version: 1.00.7305 - NVIDIA Corporation) Hidden

NVIDIA Install Application (Version: 2.1002.85.551 - NVIDIA Corporation) Hidden

NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)

NVIDIA Systemsteuerung 296.19 (Version: 296.19 - NVIDIA Corporation) Hidden

OpenAL (HKLM-x32\...\OpenAL) (Version:  - )

Origin (HKLM-x32\...\Origin) (Version: 9.3.7.2735 - Electronic Arts, Inc.)

Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.8 - Pando Networks Inc.)

Paragon Partition Manager™ 11 Personal (HKLM-x32\...\{986A654F-F1E4-11DD-9FCA-005056C00008}) (Version: 90.00.0003 - Paragon Software)

PDF24 Creator 5.2.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)

Perry Rhodan (HKLM-x32\...\Perry Rhodan_is1) (Version:  - Deep Silver)

Planetside (HKCU\...\SOE-Planetside) (Version:  - Sony Online Entertainment)

PlanetSide 2 (HKCU\...\soe-PlanetSide 2 PSG) (Version: 1.0.3.183 - Sony Online Entertainment)

Platform (x32 Version: 1.34 - VIA Technologies, Inc.) Hidden

Pokemon Online 2.3.2 (HKLM-x32\...\{2C08D7E7-9EE1-4A08-AFE0-745F02DCD6A4}_is1) (Version:  - Dreambelievers)

PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)

Quick Memory Editor 5.5 (HKLM-x32\...\Quick Memory Editor_is1) (Version:  - softcows.com)

QuickTime (HKLM-x32\...\{A429C2AE-EBF1-4F81-A221-1C115CAADDAD}) (Version: 7.64.17.73 - Apple Inc.)

Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6873 - Realtek Semiconductor Corp.)

Risen (HKLM-x32\...\{155F4A0E-76ED-45A2-91FB-FF2A2133C31A}) (Version: 1.00.0000 - Deep Silver)

SiSoftware Sandra Lite 2014.RTM (HKLM\...\{C3113E55-7BCB-4de3-8EBF-60E6CE6B2396}_is1) (Version: 20.10.2014.2 - SiSoftware)

StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)

Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)

TeamSpeak 3 Client (HKCU\...\TeamSpeak 3 Client) (Version: 3.0.10 - TeamSpeak Systems GmbH)

Test Drive Unlimited (HKLM-x32\...\{C37A0BC1-52EE-4F97-8223-5CA9FC0357B0}) (Version: 0.10.0000 - Ihr Firmenname)

The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)

Titanfall™-Beta (HKLM-x32\...\{E933BD1A-9B05-42A3-A1CF-3DA81C72E454}) (Version: 1.0.0.0 - Electronic Arts)

Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)

Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)

Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6FAA03BD-2B51-4029-9AD9-64A3B8E3C84C}) (Version:  - Microsoft)

Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)

Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)

Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)

Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)

Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)

Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)

Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)

VC_CRT_x64 (Version: 1.02.0000 - Intel Corporation) Hidden

VIA Plattform-Geräte-Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.34 - VIA Technologies, Inc.)

VLC media player 1.0.3 (HKLM-x32\...\VLC media player) (Version: 1.0.3 - VideoLAN Team)

Windows Live ID-Anmelde-Assistent (HKLM\...\{B0EFB716-085B-4564-8060-212E41F5CE50}) (Version: 6.500.3146.0 - Microsoft Corporation)

WinRAR archiver (HKLM-x32\...\WinRAR archiver) (Version:  - )

World of Tanks (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1) (Version:  - Wargaming.net)

XFast LAN v6.61 (HKLM\...\XFast LAN) (Version: 6.61 - cFos Software GmbH, Bonn)

XFastUSB (HKLM-x32\...\XFastUSB) (Version: 3.02.31 - ASRock Inc.)
 

==================== Restore Points  =========================
 

07-03-2014 18:33:30 Installed Paragon Partition Manager™ 11 Personal.

07-03-2014 21:31:18 NVIDIA PhysX wird installiert
 

==================== Hosts content: ==========================
 

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 

==================== Scheduled Tasks (whitelisted) =============
 

Task: {08DEACF7-90DB-4254-9A88-46F6F91E2D20} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2012-06-14] (Intel Corporation)

Task: {27C55297-8A00-4E67-A2F2-493B8DD9880E} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)

Task: {27DDE1DE-06F3-4F68-BD73-97DDEF204CC1} - System32\Tasks\{248A9A7F-0107-4E96-B842-0315C4FDE992} => Firefox.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&amp;ver=6.3.0.105&amp;LastError=-9

Task: {2F347AE4-158B-41A9-B3D4-B273D318A4AF} - System32\Tasks\{48D4DA08-D2D7-4853-969E-0C5B30A899EA} => Firefox.exe hxxp://www.skype.com/go/downloading?source=installer&amp;ver=6.3.0.107&amp;LastError=-9

Task: {394E5344-1347-406A-A741-41C6937919DC} - System32\Tasks\{22BA7FC3-70B6-4577-B00F-5E9B263F2C28} => Firefox.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&amp;ver=6.6.0.106&amp;LastError=-9

Task: {60822CF7-2868-45E5-994E-59B969B6E262} - System32\Tasks\ASUS\Cpu Level Up Hook Lanunch => C:\Program Files (x86)\ASUS\AI Suite\CpuLevelUpHookLaunch.exe

Task: {707E1F43-390A-47BA-974D-3EC94200CF8B} - System32\Tasks\ASUS\ASUS RegRun Loader => C:\Program Files (x86)\ASUS\AASP\1.00.91\AsLoader.exe

Task: {7619CD46-12E7-4DAF-9C57-D343A2C389C2} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2012-06-14] (Intel Corporation)

Task: {95C4ABB4-3B3C-4FB3-AA84-FBD5802E68DA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-07] (Google Inc.)

Task: {9D12DAF0-53B0-4232-B4C0-9C53CA2856D7} - System32\Tasks\{C8F3EDC6-CB25-48A1-B06D-6973DADAE9FA} => Firefox.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&amp;ver=6.3.0.107&amp;LastError=-9

Task: {9F5FFACF-9015-4935-AE9E-9983CD900F60} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-07] (Google Inc.)

Task: {A97638ED-06D6-4DD8-97E9-B88B980041A4} - System32\Tasks\{3916C61A-9FAF-4EA6-97C3-4892C3554798} => C:\Program Files (x86)\Skype\\Phone\Skype.exe

Task: {B6266156-7C39-45EC-8269-3765C63D6ED4} - System32\Tasks\ASUS\ASUS SIX Engine => C:\Program Files (x86)\ASUS\EPU\EPU.exe

Task: {C94AB16F-549F-4E0D-A1E1-6A349A4B7AFA} - System32\Tasks\{E5F601FB-C302-4CEC-B5B9-5619DED547F5} => Firefox.exe hxxp://www.skype.com/go/downloading?source=installer&amp;ver=6.1.0.129&amp;LastError=-9

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 

==================== Loaded Modules (whitelisted) =============
 

2009-11-15 00:56 - 2010-03-15 10:28 - 00052224 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll

2013-02-03 14:52 - 2013-11-01 23:39 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe

2014-02-19 18:40 - 2014-03-07 20:49 - 00112416 _____ () C:\Program Files (x86)\FindRight\updateFindRight.exe

2014-02-20 15:04 - 2014-03-07 20:16 - 00112416 _____ () C:\Program Files (x86)\FindRight\bin\utilFindRight.exe

2009-04-19 08:34 - 2009-04-19 08:34 - 00625184 _____ () C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe

2009-04-19 08:34 - 2009-04-19 08:34 - 00070176 _____ () C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nv_common.dll

2009-04-19 08:34 - 2009-04-19 08:34 - 00578080 _____ () C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\SpecialCase.dll

2009-04-19 08:34 - 2009-04-19 08:34 - 00207904 _____ () C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe

2013-07-29 12:21 - 2013-07-18 07:16 - 00394824 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll

2009-10-23 17:01 - 2009-10-23 17:01 - 00120096 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\objc.dll

2009-10-23 17:01 - 2009-10-23 17:01 - 00039712 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ASL.dll

2009-09-05 01:54 - 2009-09-05 01:54 - 00180224 _____ () C:\Program Files (x86)\QuickTime\QTSystem\QTCF.dll

2009-10-23 17:01 - 2009-10-23 17:01 - 00067872 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll

2014-01-11 03:17 - 2013-03-12 13:19 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

2014-02-22 20:44 - 2014-02-22 20:44 - 03578992 _____ () D:\Program Files (x86)\Mozilla Firefox\mozjs.dll

2013-11-29 17:44 - 2013-11-29 17:44 - 16237448 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_152.dll
 

==================== Alternate Data Streams (whitelisted) =========
 
 

==================== Safe Mode (whitelisted) ===================
 
 

==================== Disabled items from MSCONFIG ==============
 

MSCONFIG\Services: AsSysCtrlService => 2

MSCONFIG\Services: Creative ALchemy AL6 Licensing Service => 3

MSCONFIG\Services: Creative Audio Engine Licensing Service => 3

MSCONFIG\Services: CTAudSvcService => 2

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Wireless Utility.lnk => C:\Windows\pss\Wireless Utility.lnk.CommonStartup

MSCONFIG\startupfolder: C:^Users^LBusch^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Logitech . Produktregistrierung.lnk => C:\Windows\pss\Logitech . Produktregistrierung.lnk.Startup

MSCONFIG\startupreg: Ai Nap => "C:\Program Files (x86)\ASUS\AI Suite\Q-Button\QButton.exe"

MSCONFIG\startupreg: AudioDrvEmulator => "C:\Program Files (x86)\Creative\Shared Files\Module Loader\DLLML.exe" -1 AudioDrvEmulator "C:\Program Files (x86)\Creative\Shared Files\Module Loader\Audio Emulator\AudDrvEm.dll"

MSCONFIG\startupreg: Cpu Level Up help => "C:\Program Files (x86)\ASUS\AI Suite\CpuLevelUpHelp.exe"

MSCONFIG\startupreg: CTxfiHlp => CTXFIHLP.EXE

MSCONFIG\startupreg: EvtMgr6 => D:\Programm Files\Logitech\SetPointP\SetPoint.exe /launchGaming

MSCONFIG\startupreg: KPeerNexonEU => C:\Nexon\NEXON_EU_Downloader\nxEULauncher.exe

MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start

MSCONFIG\startupreg: Module Loader => C:\Program Files (x86)\Creative\Shared Files\Module Loader\DLLML.exe -StartUpRun

MSCONFIG\startupreg: QFan Help => "C:\Program Files (x86)\ASUS\AI Suite\QFan3\QFanHelp.exe"
 

==================== Faulty Device Manager Devices =============
 
 

==================== Event log errors: =========================
 

Application errors:

==================

Error: (03/07/2014 09:08:28 PM) (Source: Steam Client Service) (User: )

Description: Error: Failed to poke open firewall
 

Error: (03/05/2014 09:06:25 PM) (Source: Application Hang) (User: )

Description: Programm bf4.exe, Version 1.1.0.1 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
 

Prozess-ID: 1ee8
 

Startzeit: 01cf38acd7ba3f53
 

Endzeit: 474
 

Anwendungspfad: E:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe
 

Berichts-ID:
 

Error: (03/02/2014 09:29:11 PM) (Source: Steam Client Service) (User: )

Description: Error: Failed to poke open firewall
 

Error: (03/02/2014 09:25:17 PM) (Source: Application Error) (User: )

Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 11.0.9600.16518, Zeitstempel: 0x52f347b2

Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea8e7

Ausnahmecode: 0xc0000005

Fehleroffset: 0x00038e19

ID des fehlerhaften Prozesses: 0x23f4

Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0

Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1

Pfad des fehlerhaften Moduls: IEXPLORE.EXE2

Berichtskennung: IEXPLORE.EXE3
 

Error: (03/01/2014 01:12:39 PM) (Source: Steam Client Service) (User: )

Description: Error: Failed to poke open firewall
 

Error: (02/28/2014 09:34:21 PM) (Source: Steam Client Service) (User: )

Description: Error: Failed to poke open firewall
 

Error: (02/28/2014 09:22:32 PM) (Source: Steam Client Service) (User: )

Description: Error: Failed to poke open firewall
 

Error: (02/22/2014 10:42:00 PM) (Source: Application Error) (User: )

Description: Name der fehlerhaften Anwendung: bf4.exe, Version: 1.1.0.1, Zeitstempel: 0x52f4ec9e

Name des fehlerhaften Moduls: bf4.exe, Version: 1.1.0.1, Zeitstempel: 0x52f4ec9e

Ausnahmecode: 0xc0000005

Fehleroffset: 0x0000000000b87bf2

ID des fehlerhaften Prozesses: 0x4cc

Startzeit der fehlerhaften Anwendung: 0xbf4.exe0

Pfad der fehlerhaften Anwendung: bf4.exe1

Pfad des fehlerhaften Moduls: bf4.exe2

Berichtskennung: bf4.exe3
 

Error: (02/21/2014 09:41:15 PM) (Source: Steam Client Service) (User: )

Description: Error: Failed to poke open firewall
 

Error: (02/19/2014 10:20:10 PM) (Source: Application Hang) (User: )

Description: Programm CR_Downloader_fuer_metroid---zero-mission.exe, Version 0.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
 

Prozess-ID: e60
 

Startzeit: 01cf2db82f8bc4f5
 

Endzeit: 0
 

Anwendungspfad: D:\Downloads\CR_Downloader_fuer_metroid---zero-mission.exe
 

Berichts-ID:
 
 

System errors:

=============

Error: (03/10/2014 03:38:59 PM) (Source: Service Control Manager) (User: )

Description: Der Dienst "AODDriver4.2.0" wurde aufgrund folgenden Fehlers nicht gestartet: 

%%3
 

Error: (03/10/2014 03:38:59 PM) (Source: Service Control Manager) (User: )

Description: Der Dienst "AMD FUEL Service" wurde aufgrund folgenden Fehlers nicht gestartet: 

%%2
 

Error: (03/09/2014 11:14:50 PM) (Source: Service Control Manager) (User: )

Description: Der Dienst "AODDriver4.2.0" wurde aufgrund folgenden Fehlers nicht gestartet: 

%%3
 

Error: (03/09/2014 11:14:49 PM) (Source: Service Control Manager) (User: )

Description: Der Dienst "AMD FUEL Service" wurde aufgrund folgenden Fehlers nicht gestartet: 

%%2
 

Error: (03/09/2014 11:12:09 PM) (Source: Service Control Manager) (User: )

Description: Der Dienst "AODDriver4.2.0" wurde aufgrund folgenden Fehlers nicht gestartet: 

%%3
 

Error: (03/09/2014 11:12:09 PM) (Source: Service Control Manager) (User: )

Description: Der Dienst "AMD FUEL Service" wurde aufgrund folgenden Fehlers nicht gestartet: 

%%2
 

Error: (03/09/2014 11:09:35 PM) (Source: Service Control Manager) (User: )

Description: Der Dienst "AODDriver4.2.0" wurde aufgrund folgenden Fehlers nicht gestartet: 

%%3
 

Error: (03/09/2014 11:09:34 PM) (Source: Service Control Manager) (User: )

Description: Der Dienst "AMD FUEL Service" wurde aufgrund folgenden Fehlers nicht gestartet: 

%%2
 

Error: (03/09/2014 09:37:48 PM) (Source: Disk) (User: )

Description: Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.
 

Error: (03/09/2014 09:37:46 PM) (Source: Disk) (User: )

Description: Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.
 
 

Microsoft Office Sessions:

=========================
 

CodeIntegrity Errors:

===================================

  Date: 2014-01-31 19:23:18.934

  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
 

  Date: 2014-01-31 19:23:18.888

  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
 

  Date: 2014-01-31 17:45:15.126

  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
 

  Date: 2014-01-31 17:45:15.073

  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
 

  Date: 2014-01-31 14:51:38.852

  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
 

  Date: 2014-01-31 14:51:38.798

  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
 

  Date: 2014-01-31 13:22:28.375

  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
 

  Date: 2014-01-31 13:22:28.325

  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
 

  Date: 2014-01-31 00:10:17.902

  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
 

  Date: 2014-01-31 00:10:17.850

  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
 
 

==================== Memory info =========================== 
 

Percentage of memory in use: 25%

Total physical RAM: 8122.73 MB

Available physical RAM: 6047.83 MB

Total Pagefile: 16243.65 MB

Available Pagefile: 13899.2 MB

Total Virtual: 8192 MB

Available Virtual: 8191.81 MB
 

==================== Drives ================================
 

Drive c: (Win7) (Fixed) (Total:80.01 GB) (Free:31.35 GB) NTFS

Drive d: (Programme) (Fixed) (Total:169.99 GB) (Free:127.19 GB) NTFS

Drive e: (Games) (Fixed) (Total:215.66 GB) (Free:47.01 GB) NTFS

Drive f: (SC2-L100-D1) (CDROM) (Total:7.05 GB) (Free:0 GB) UDF
 

==================== MBR & Partition Table ==================
 

========================================================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: AF775AD2)
 

Partition: GPT Partition Type.
 

==================== End Of Log ============================