|
Log-Analyse und Auswertung: Windows 7 - svchost.exe 100% CPU-AuslastungWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
04.04.2014, 06:12 | #1 |
| Windows 7 - svchost.exe 100% CPU-Auslastung Hallo Leute, ich bin momentan ziemlich am Verzweifeln und weiß nicht mehr weiter. Jedes mal wenn ich den PC starte (seit gestern Abend) schraubt sich die CPU Auslastung automatisch auf 100% und verlangsamt das ganze System immens. Wenn ich in den Task Manager schaue, sehe ich eine mehr oder minder ominiöse Anwendung unter "C:\Windows\SysWOW64\svchost.exe". Das ist zwar (laut meiner Recherche) ein vollkommen normaler Windowsprozess, verbraucht aber auf einmal alle meine Ressourcen. Ich vermute leider einen Virus oder ähnliches. Habe schon SpyBot, Malwarebytes Anti Malware und Norton mehrfach drüberlaufen lassen - zwar wurde etwas gefunden, dass war aber ein veraltetes Trainer und dementsprechend nicht weiter wichtig. Ansonsten null, naja, niente. Merkwürdigerweise tritt dieser Prozess zwar auch auf, wenn ich das Lan-Kabel ziehe (also Internet gewaltsam ausstelle), aber dann verhält der Prozess sich inaktiv. Zwar sehe ich diesen svchost im Task Manager und Anwendungen, er verbraucht aber unter Leistung keine CPU-Auslastung (bei ausgestelltem Internet). Außerdem startet diese Anwendung/Prozess nicht, wenn ich den PC im gesicherten Modus (also nur grundlegende Geräte und Dienste) starte. Dementsprechend habe ich mir wohl einen Schädling eingefangen und werde anscheinend zum BitCoinMining oder etwas ähnlichem ausgenutzt.. Sollte ich weitere Programme benötigen um differenziertere Logs zu posten, bitte einfach sagen und ich werde versuchen dem bestmöglichst nachzukommen. Ich hoffe man kann mir helfen. Edit: Ich habe vor heute Mittag (muss jetzt zur Arbeit) diese Schritte durchzuarbeiten (http://www.trojaner-board.de/69886-a...-beachten.html), wollte aber vorher schonmal auf diesen Thread aufmerksam machen, da vielleicht jemand mit demselben Problem zu kämpfen hat und mit diesem Schädling schon Bekanntschaft gemacht hat (wird wohl kaum "Normal" sein) und mir wohlmöglich helfen kann. Edit2: Da ich mir nicht sicher bin, wo oder was genau das Problem ist, habe ich parallel im hijackthis-forum einen Beitrag erstellt. Geändert von Morgrain (04.04.2014 um 06:32 Uhr) Grund: Neues Wissen |
04.04.2014, 06:30 | #2 |
/// the machine /// TB-Ausbilder | Windows 7 - svchost.exe 100% CPU-Auslastung hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit (Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
04.04.2014, 11:42 | #3 |
| Windows 7 - svchost.exe 100% CPU-Auslastung Hallo,
__________________Danke für die schnelle Antwort. FRST.txt FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014 Ran by DAUM (administrator) on DAUM-PC on 04-04-2014 12:30:00 Running from C:\Users\DAUM\Desktop\PC retten Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard Internet Explorer Version 11 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe (Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe () C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\WiFi GO! Server.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ Power Control\PowerControlHelp.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.15\AsusFanControlService.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (CyberLink) C:\Program Files (x86)\Cyberlink\PowerDVD13\Kernel\DMS\CLMSMonitorServicePDVD13.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe () C:\Windows\system\HsMgr64.exe (CyberLink) C:\Program Files (x86)\Cyberlink\PowerDVD13\Kernel\DMS\CLMSServerPDVD13.exe () C:\Windows\SysWOW64\HsMgr.exe (Binary Fortress Software) C:\Program Files (x86)\DisplayFusion\DisplayFusionService.exe (DTS, Inc) C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (Symantec Corporation) C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.0.43\NST.exe (Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.2.0.38\NIS.exe (Locktime Software) C:\Program Files\NetLimiter 3\nlsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe () C:\Windows\SysWOW64\PnkBstrA.exe (Razer Inc.) E:\Programme\Razer\Razer Game Booster\RzKLService.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe (Symantec Corporation) C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.0.43\NST.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler64.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe (SMART Technologies) E:\Programme\SMART Technologies\Education Software\SMARTHelperService.exe (Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.2.0.38\NIS.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\USB 3.0 Boost\U3BoostSvr64.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVHelp.exe (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AsDLNAServerReal.exe (Binary Fortress Software) C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe (ROCCAT GmbH Co., Ltd.) C:\Program Files (x86)\ROCCAT\Ryos Keyboard\Ryos MK Monitor.exe (Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe (Binary Fortress Software) C:\Program Files (x86)\DisplayFusion\DisplayFusionHookAppWIN6032.exe (Binary Fortress Software) C:\Program Files (x86)\DisplayFusion\DisplayFusionHookAppWIN6064.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe () I:\Core Temp.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [ShadowPlay] - C:\Windows\system32\nvspcap64.dll [1179576 2014-01-21] (NVIDIA Corporation) HKLM\...\Run: [RtHDVBg_DTS] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1215632 2012-08-06] (Realtek Semiconductor) HKLM\...\Run: [Nvtmru] - "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" HKLM\...\Run: [NvBackend] - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-01-21] (NVIDIA Corporation) HKLM\...\Run: [Cmaudio8788GX64] - C:\Windows\system\HsMgr64.exe [282112 2008-07-11] () HKLM\...\Run: [Cmaudio8788GX] - C:\Windows\syswow64\HsMgr.exe [200704 2008-07-11] () HKLM-x32\...\Run: [] - [X] HKLM-x32\...\Run: [Razer Synapse] - C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [444760 2014-03-07] (Razer Inc.) Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X] HKU\.DEFAULT\...\RunOnce: [SPReview] - C:\Windows\System32\SPReview\SPReview.exe [301568 2013-08-25] (Microsoft Corporation) HKU\S-1-5-21-2263915838-1270488654-868256476-1000\...\Run: [DisplayFusion] - C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe [7952224 2013-11-27] (Binary Fortress Software) HKU\S-1-5-21-2263915838-1270488654-868256476-1000\...\Policies\Explorer: [HideSCAVolume] 0 ==================== Internet (Whitelisted) ==================== ProxyServer: http=;ftp=;https=; HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xF887D9F9BEA1CE01 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.2.0.38\coIEPlg.dll (Symantec Corporation) BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) BHO: Norton Identity Protection - {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.0.43\coIEPlg.dll (Symantec Corporation) BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer) BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\21.2.0.38\coIEPlg.dll (Symantec Corporation) BHO-x32: SMART Notebook Download Utility - {67BCF957-85FC-4036-8DC4-D4D80E00A77B} - E:\Programme\SMART Technologies\Education Software\NotebookPlugin.dll (SMART Technologies ULC.) BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\21.2.0.38\IPS\IPSBHO.DLL (Symantec Corporation) BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - E:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKLM - Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.0.43\coIEPlg.dll (Symantec Corporation) Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.2.0.38\coIEPlg.dll (Symantec Corporation) Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\21.2.0.38\coIEPlg.dll (Symantec Corporation) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1 Chrome: ======= CHR HomePage: hxxp://www.buffed.de/E-Commerce-Thema-223039/News/Die-besten-Schnaeppchen-im-Internet-Spiele-Filme-Elektronik-683186/ CHR Extension: (ProxTube) - C:\Users\DAUM\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2013-11-04] CHR Extension: (Google Docs) - C:\Users\DAUM\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-08-24] CHR Extension: (Google Drive) - C:\Users\DAUM\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-08-24] CHR Extension: (YouTube) - C:\Users\DAUM\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-08-24] CHR Extension: (Google-Suche) - C:\Users\DAUM\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-08-24] CHR Extension: (iCloud-Lesezeichen) - C:\Users\DAUM\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkepacicchenbjecpbpbclokcabebhah [2014-03-26] CHR Extension: (AdBlock) - C:\Users\DAUM\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-11-02] CHR Extension: (BittorrentBar_DE) - C:\Users\DAUM\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl [2013-11-02] CHR Extension: (Google Dictionary (by Google)) - C:\Users\DAUM\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgijmajocgfcbeboacabfgobmjgjcoja [2014-03-23] CHR Extension: (Norton Identity Protection) - C:\Users\DAUM\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2014-03-03] CHR Extension: (FastestFox – Schneller browsen) - C:\Users\DAUM\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmffncokckfccddfenhkhnllmlobdahm [2013-12-06] CHR Extension: (Erweiterung \) - C:\Users\DAUM\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlbjncdgjeocebhnmkbbbdekmmmcbfjd [2013-11-02] CHR Extension: (Google Wallet) - C:\Users\DAUM\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-24] CHR Extension: (Norton Identity Protection) - C:\Users\DAUM\AppData\Local\Google\Chrome\User Data\Default\Extensions\nppllibpnmahfaklnpggkibhkapjkeob [2014-03-20] CHR Extension: (Google Mail) - C:\Users\DAUM\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-08-24] CHR Extension: (Abstract-Blue) - C:\Users\DAUM\AppData\Local\Google\Chrome\User Data\Default\Extensions\plnacehkknmafkjgkikclamogikoiaaa [2013-11-02] CHR HKCU\...\Chrome\Extension: [hempmfkijmahkaddljkmchcmjbojoedl] - C:\Users\DAUM\AppData\Local\CRE\hempmfkijmahkaddljkmchcmjbojoedl.crx [2013-07-27] CHR HKLM-x32\...\Chrome\Extension: [hempmfkijmahkaddljkmchcmjbojoedl] - C:\Users\DAUM\AppData\Local\CRE\hempmfkijmahkaddljkmchcmjbojoedl.crx [2013-07-27] CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2013-08-24] CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\21.2.0.38\Exts\Chrome.crx [2014-03-19] CHR HKLM-x32\...\Chrome\Extension: [nppllibpnmahfaklnpggkibhkapjkeob] - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.0.43\Exts\Chrome.crx [2014-03-20] ==================== Services (Whitelisted) ================= R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2012-06-01] () R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [951936 2012-06-01] (ASUSTeK Computer Inc.) R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [149120 2012-02-17] (ASUSTeK Computer Inc.) U2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.15\AsusFanControlService.exe [1457664 2012-06-19] (ASUSTeK Computer Inc.) R2 CyberLink PowerDVD 13 Media Server Monitor Service; C:\Program Files (x86)\Cyberlink\PowerDVD13\Kernel\DMS\CLMSMonitorServicePDVD13.exe [77576 2013-07-05] (CyberLink) R2 CyberLink PowerDVD 13 Media Server Service; C:\Program Files (x86)\Cyberlink\PowerDVD13\Kernel\DMS\CLMSServerPDVD13.exe [327432 2013-07-05] (CyberLink) R2 DisplayFusionService; C:\Program Files (x86)\DisplayFusion\DisplayFusionService.exe [1375600 2013-11-27] (Binary Fortress Software) R2 DTSAudioSvc; C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [233328 2012-01-23] (DTS, Inc) S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [520416 2014-02-28] (Futuremark) S2 KMService; C:\Windows\SysWOW64\srvany.exe [8192 2014-01-19] () R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-03-05] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [857912 2014-03-05] (Malwarebytes Corporation) R2 NCO; C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.0.43\NST.exe [130104 2014-03-11] (Symantec Corporation) R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\21.2.0.38\NIS.exe [276376 2014-03-12] (Symantec Corporation) R2 nlsvc; C:\Program Files\NetLimiter 3\nlsvc.exe [1851008 2013-10-10] (Locktime Software) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-01-21] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16939296 2014-01-21] (NVIDIA Corporation) R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76888 2013-11-30] () R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-12-31] () R2 RzKLService; E:\Programme\Razer\Razer Game Booster\RzKLService.exe [105448 2014-02-25] (Razer Inc.) R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3921880 2013-10-15] (Safer-Networking Ltd.) R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1042272 2013-09-20] (Safer-Networking Ltd.) R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171416 2013-09-13] (Safer-Networking Ltd.) S2 SkypeUpdate; E:\Skype\Updater\Updater.exe [172192 2013-10-23] (Skype Technologies) R2 SMARTHelperService; E:\Programme\SMART Technologies\Education Software\SMARTHelperService.exe [538416 2013-11-22] (SMART Technologies) S2 CLKMSVC10_20EFDAAB; "E:\PowerDVD10\NavFilter\kmsvc.exe" /svc [X] ==================== Drivers (Whitelisted) ==================== R3 AiChargerPlus; C:\Windows\SysWow64\drivers\AiChargerPlus.sys [14848 2012-04-19] (ASUSTek Computer Inc.) R0 asahci64; C:\Windows\System32\DRIVERS\asahci64.sys [49760 2012-01-06] (Asmedia Technology) R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-22] () R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2012-09-14] () R3 ASUSFILTER; C:\Windows\SysWow64\drivers\ASUSFILTER.sys [46152 2011-09-20] (MCCI Corporation) R1 BHDrvx64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\BASHDefs\20140319.001\BHDrvx64.sys [1525976 2014-03-19] (Symantec Corporation) R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1502000.026\ccSetx64.sys [162392 2013-09-26] (Symantec Corporation) R1 ccSet_NST; C:\Windows\system32\drivers\NSTx64\7DE07000.02B\ccSetx64.sys [162392 2013-09-27] (Symantec Corporation) R3 cmudaxp; C:\Windows\System32\drivers\cmudaxp.sys [2725376 2011-03-10] (C-Media Inc) R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2014-02-19] (DT Soft Ltd) R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2014-03-02] (Symantec Corporation) R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [137648 2014-03-02] (Symantec Corporation) R1 IDSVia64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\IPSDefs\20140402.001\IDSvia64.sys [525016 2014-03-26] (Symantec Corporation) R1 MagicTune; C:\Windows\system32\drivers\MTiCtwl.sys [23096 2008-11-04] (Samsung Electronics, Inc. ) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-03-05] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2014-04-04] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63192 2014-03-05] (Malwarebytes Corporation) R3 NAVENG; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20140403.002\ENG64.SYS [126040 2014-03-31] (Symantec Corporation) R3 NAVEX15; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20140403.002\EX64.SYS [2099288 2014-03-31] (Symantec Corporation) R1 nltdi; C:\Program Files\NetLimiter 3\nltdi.sys [87472 2013-06-12] (Locktime Software) R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation) S3 SaiK0728; C:\Windows\System32\DRIVERS\SaiK0728.sys [180584 2012-12-05] (Saitek) R3 SaiMini; C:\Windows\System32\DRIVERS\SaiMini.sys [25120 2013-04-30] (Saitek) R3 SaiNtBus; C:\Windows\System32\drivers\SaiBus.sys [52640 2013-04-30] (Saitek) R3 SMARTMouseFilterx64; C:\Windows\System32\DRIVERS\SMARTMouseFilterx64.sys [10240 2013-11-04] (SMART Technologies) R3 SMARTVHidMiniVistaAmd64; C:\Windows\System32\DRIVERS\SMARTVHidMiniVistaAmd64.sys [9216 2013-11-04] (SMART Technologies) S3 SMARTVTabletPCx64; C:\Windows\System32\DRIVERS\SMARTVTabletPCx64.sys [22184 2013-11-04] (SMART Technologies ULC) R3 SRTSP; C:\Windows\System32\Drivers\NISx64\1502000.026\SRTSP64.SYS [875736 2014-02-13] (Symantec Corporation) R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1502000.026\SRTSPX64.SYS [36952 2013-09-10] (Symantec Corporation) R0 SymDS; C:\Windows\System32\drivers\NISx64\1502000.026\SYMDS64.SYS [493656 2013-09-10] (Symantec Corporation) R0 SymEFA; C:\Windows\System32\drivers\NISx64\1502000.026\SYMEFA64.SYS [1148120 2014-03-04] (Symantec Corporation) R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-03-03] (Symantec Corporation) R1 SymIRON; C:\Windows\system32\drivers\NISx64\1502000.026\Ironx64.SYS [264280 2013-09-27] (Symantec Corporation) R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1502000.026\SYMNETS.SYS [593112 2014-02-18] (Symantec Corporation) R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1120032 2014-03-21] (Acronis International GmbH) R0 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [198432 2014-03-21] (Acronis International GmbH) U5 UnlockerDriver5; E:\Programme\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] () <===== ATTENTION Necurs Rootkit? R0 vidsflt; C:\Windows\System32\DRIVERS\vidsflt.sys [117024 2014-03-21] (Acronis International GmbH) R2 {09F57980-3432-4AFC-957D-27AC45FAE1F5}; C:\Program Files (x86)\CyberLink\PowerDVD13\Common\NavFilter\000.fcl [130320 2013-07-06] (CyberLink Corp.) R3 ALSysIO; \??\C:\Users\DAUM\AppData\Local\Temp\ALSysIO64.sys [X] S2 AODDriver4.2.0; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [X] S3 cpuz137; \??\C:\Windows\TEMP\cpuz137\cpuz137_x64.sys [X] S3 GPUZ; \??\C:\Windows\TEMP\GPUZ.sys [X] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-04-04 12:29 - 2014-04-04 12:30 - 00000000 ____D () C:\FRST 2014-04-04 12:27 - 2014-04-04 12:30 - 00000000 ____D () C:\Users\DAUM\Desktop\PC retten 2014-04-03 21:48 - 2014-04-03 21:48 - 00602112 _____ (OldTimer Tools) C:\Users\DAUM\Desktop\OTL.exe 2014-04-03 21:30 - 2014-04-03 21:30 - 00014574 _____ () C:\Users\DAUM\Desktop\hijackthis.log 2014-04-03 21:27 - 2014-04-03 21:27 - 00009153 _____ () C:\Users\DAUM\Downloads\hijackthis.log 2014-04-03 21:26 - 2014-04-03 21:26 - 00388608 _____ (Trend Micro Inc.) C:\Users\DAUM\Desktop\hijackthis.exe 2014-04-03 21:22 - 2014-04-03 21:27 - 00000000 ____D () C:\Users\DAUM\Doctor Web 2014-04-03 21:20 - 2014-04-03 21:21 - 145673424 _____ () C:\Users\DAUM\Downloads\cureit.exe 2014-04-03 20:52 - 2014-03-21 17:46 - 00000861 _____ () C:\Windows\system32\Drivers\etc\hosts.20140403-205245.backup 2014-04-03 20:37 - 2014-04-04 12:24 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-04-03 20:37 - 2014-04-03 20:37 - 17523384 _____ (Malwarebytes Corporation ) C:\Users\DAUM\Downloads\mbam-setup-2.0.0.1000.exe 2014-04-03 20:37 - 2014-04-03 20:37 - 00001114 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-04-03 20:37 - 2014-04-03 20:37 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-04-03 20:37 - 2014-04-03 20:37 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-04-03 20:37 - 2014-03-05 09:26 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-04-03 20:37 - 2014-03-05 09:26 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-04-03 20:37 - 2014-03-05 09:26 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2014-04-03 20:22 - 2014-04-03 20:22 - 00000000 ____D () C:\Users\DAUM\Documents\ProcAlyzer Dumps 2014-04-03 20:01 - 2014-03-06 23:53 - 02925760 _____ (Sysinternals - www.sysinternals.com) C:\Users\DAUM\Desktop\procexp.exe 2014-04-03 20:01 - 2012-10-15 13:23 - 00072154 _____ () C:\Users\DAUM\Downloads\procexp.chm 2014-04-03 20:01 - 2006-07-28 08:32 - 00007005 _____ () C:\Users\DAUM\Downloads\Eula.txt 2014-04-03 20:00 - 2014-04-03 20:21 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy 2014-04-03 20:00 - 2014-04-03 20:00 - 00001391 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk 2014-04-03 20:00 - 2014-04-03 20:00 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking 2014-04-03 20:00 - 2014-04-03 20:00 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2 2014-04-03 20:00 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe 2014-04-03 19:58 - 2014-04-03 19:59 - 40658208 _____ (Safer-Networking Ltd. ) C:\Users\DAUM\Downloads\spybot-2.2.exe 2014-04-03 19:53 - 2014-04-03 19:53 - 01243655 _____ () C:\Users\DAUM\Downloads\ProcessExplorer.zip 2014-04-03 19:34 - 2014-04-03 19:34 - 00003188 _____ () C:\Windows\System32\Tasks\GUpdater 2014-04-03 19:34 - 2009-07-14 03:39 - 00065656 _____ () C:\Windows\SysWOW64\setup.bin.comp 2014-04-02 20:52 - 2014-04-02 20:53 - 00000000 ____D () C:\Users\DAUM\Desktop\Rome2 2014-04-02 19:06 - 2014-04-02 19:06 - 00006577 _____ () C:\Users\DAUM\AppData\Local\recently-used.xbel 2014-03-31 06:36 - 2014-03-31 06:36 - 00000000 ____D () C:\Windows\System32\Tasks\Norton Internet Security 2014-03-27 08:18 - 2014-03-27 08:18 - 03822704 _____ () C:\Users\DAUM\Downloads\battlelog-web-plugins_2.3.2_133.exe 2014-03-26 23:33 - 2014-03-31 13:56 - 00000000 ____D () C:\Users\DAUM\AppData\Local\BC99FC14-6988-49FB-9596-0765364BB27A.aplzod 2014-03-26 23:25 - 2014-03-26 23:26 - 70638408 _____ (Apple Inc.) C:\Users\DAUM\Downloads\iCloudSetup.exe 2014-03-26 20:04 - 2014-03-26 20:04 - 00000000 ____D () C:\Users\DAUM\Documents\Norton Identity Safe-Backups 2014-03-25 19:12 - 2014-03-25 19:12 - 00048954 _____ () C:\Users\DAUM\Desktop\DxDiag.txt 2014-03-25 19:12 - 2014-03-25 19:12 - 00040089 _____ () C:\Users\DAUM\Desktop\rome2_10270_crash_2014_3_24T11_39_52C0.rar 2014-03-24 21:13 - 2014-03-24 21:13 - 00002671 _____ () C:\Users\DAUM\Unigine_Heaven_Benchmark_4.0_20140324_2013.html 2014-03-24 20:55 - 2014-03-24 21:01 - 00000000 ____D () C:\Users\DAUM\Heaven 2014-03-24 20:53 - 2014-03-24 21:02 - 01065984 _____ () C:\Users\DAUM\AppData\Local\file__0.localstorage 2014-03-24 20:47 - 2014-03-24 20:50 - 258728440 _____ (Unigine Corp. ) C:\Users\DAUM\Downloads\Unigine_Heaven-4.0.exe 2014-03-24 20:47 - 2014-03-24 20:47 - 00019913 _____ () C:\Users\DAUM\Downloads\Unigine_Heaven-4.0.exe.torrent 2014-03-24 15:55 - 2014-03-24 15:55 - 03821624 _____ () C:\Users\DAUM\Downloads\battlelog-web-plugins_2.3.2_131.exe 2014-03-24 12:34 - 2014-03-24 12:34 - 00000000 ____D () C:\Users\DAUM\Downloads\pixelvision 2014-03-24 12:28 - 2014-04-03 19:15 - 00000000 ____D () C:\Steam 2014-03-22 18:27 - 2014-03-22 18:27 - 11182376 _____ () C:\Users\DAUM\Downloads\redsn0w-0.9.6b6.zip 2014-03-22 13:57 - 2014-03-22 13:57 - 00000000 ____D () C:\Users\DAUM\AppData\Roaming\VOWSoft 2014-03-22 13:56 - 2014-03-22 13:56 - 05842096 _____ () C:\Users\DAUM\Downloads\ibackupbot_setup.exe 2014-03-22 11:21 - 2014-01-09 04:22 - 05694464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll 2014-03-22 11:21 - 2014-01-04 00:44 - 06574592 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll 2014-03-22 10:04 - 2013-10-02 03:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll 2014-03-22 10:03 - 2013-10-02 04:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys 2014-03-22 10:03 - 2013-10-02 04:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe 2014-03-22 10:03 - 2013-10-02 04:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll 2014-03-22 10:03 - 2013-10-02 03:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll 2014-03-22 10:03 - 2013-10-02 03:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll 2014-03-22 10:03 - 2013-10-02 03:29 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll 2014-03-22 10:03 - 2013-10-02 02:15 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll 2014-03-22 10:03 - 2013-10-02 02:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll 2014-03-22 10:03 - 2013-10-02 02:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll 2014-03-22 10:03 - 2013-10-02 02:08 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe 2014-03-22 10:03 - 2013-10-02 02:01 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe 2014-03-22 10:03 - 2013-10-02 01:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll 2014-03-22 10:03 - 2013-10-02 01:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe 2014-03-22 10:03 - 2013-10-02 01:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll 2014-03-22 10:03 - 2013-10-02 00:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe 2014-03-22 10:03 - 2013-09-25 04:23 - 01030144 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll 2014-03-22 10:03 - 2013-09-25 03:57 - 00792576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll 2014-03-21 17:46 - 2014-03-21 17:46 - 00000000 ____D () C:\Users\DAUM\AppData\Roaming\Acronis 2014-03-21 17:45 - 2014-03-21 20:50 - 00000000 ____D () C:\ProgramData\Acronis 2014-03-21 17:45 - 2014-03-21 17:45 - 01464096 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\tdrpman.sys 2014-03-21 17:45 - 2014-03-21 17:45 - 01120032 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\tib.sys 2014-03-21 17:45 - 2014-03-21 17:45 - 00367200 _____ (Acronis) C:\Windows\system32\Drivers\afcdp.sys 2014-03-21 17:45 - 2014-03-21 17:45 - 00269600 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\snapman.sys 2014-03-21 17:45 - 2014-03-21 17:45 - 00198432 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\tib_mounter.sys 2014-03-21 17:45 - 2014-03-21 17:45 - 00161568 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\vididr.sys 2014-03-21 17:45 - 2014-03-21 17:45 - 00117024 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\vidsflt.sys 2014-03-21 17:45 - 2014-03-21 17:45 - 00116000 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\fltsrv.sys 2014-03-21 17:45 - 2014-03-21 17:45 - 00001217 _____ () C:\Users\Public\Desktop\Acronis True Image 2014.lnk 2014-03-21 17:45 - 2014-03-21 17:45 - 00000000 ____D () C:\Program Files (x86)\Acronis 2014-03-21 00:24 - 2014-03-21 00:29 - 71259563 _____ () C:\Users\DAUM\Documents\dm_rilynn_rae.mp4 2014-03-20 00:05 - 2014-03-20 00:05 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf 2014-03-19 16:45 - 2014-03-19 16:45 - 00001795 _____ () C:\Users\Public\Desktop\iTunes.lnk 2014-03-19 16:45 - 2014-03-19 16:45 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2014-03-19 16:45 - 2014-03-19 16:45 - 00000000 ____D () C:\Program Files\iTunes 2014-03-19 16:45 - 2014-03-19 16:45 - 00000000 ____D () C:\Program Files\iPod 2014-03-19 16:45 - 2014-03-19 16:45 - 00000000 ____D () C:\Program Files (x86)\iTunes 2014-03-19 00:32 - 2014-03-19 00:34 - 00000000 ____D () C:\Users\DAUM\Downloads\Acronis True Image Home 2014 17.0 Build 6614 2014-03-18 18:04 - 2014-03-18 18:04 - 00316912 _____ () C:\Users\DAUM\Downloads\441280_intl_x64_zip.exe 2014-03-18 17:51 - 2011-11-24 09:17 - 00166912 _____ (Microsoft Corporation) C:\Windows\system32\powrprof.dll 2014-03-18 17:51 - 2011-11-24 08:22 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\powrprof.dll 2014-03-18 17:50 - 2014-03-18 17:50 - 04693832 _____ () C:\Users\DAUM\Downloads\441065_intl_x64_zip.exe 2014-03-18 15:03 - 2014-03-18 15:03 - 00613200 _____ (Chip Digital GmbH) C:\Users\DAUM\Downloads\HijackThis - CHIP-Downloader.exe 2014-03-17 14:48 - 2014-03-17 14:48 - 00000000 ____D () C:\Users\DAUM\AppData\Local\Razer_Inc 2014-03-17 14:47 - 2014-03-17 14:47 - 00000000 ____D () C:\Users\DAUM\Documents\Razer 2014-03-17 14:43 - 2014-03-17 14:44 - 41954352 _____ (Razer Inc. ) C:\Users\DAUM\Downloads\RazerGameBoosterSetup_4.2.45.0.exe 2014-03-12 22:49 - 2014-03-12 22:49 - 00000000 ____D () C:\Program Files (x86)\SplitMediaLabs 2014-03-12 22:35 - 2014-03-12 22:35 - 00000000 ____D () C:\Users\DAUM\AppData\Local\SplitMediaLabs 2014-03-12 22:34 - 2014-03-12 22:34 - 00000000 ____D () C:\ProgramData\SplitMediaLabs 2014-03-12 22:33 - 2014-03-12 22:33 - 00000000 ____D () C:\Users\DAUM\AppData\Roaming\SplitMediaLabs 2014-03-12 22:32 - 2014-03-12 22:45 - 00000000 ____D () C:\Users\DAUM\Desktop\XSplit 2014-03-12 20:31 - 2014-03-12 20:39 - 00000000 ____D () C:\Users\DAUM\AppData\Roaming\FFsplit 2014-03-12 20:27 - 2014-03-12 20:27 - 08463565 _____ (FFsplit Team ) C:\Users\DAUM\Downloads\FFsplit-07023-Full.exe 2014-03-12 07:48 - 2014-03-01 08:05 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-03-12 07:48 - 2014-03-01 07:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-03-12 07:48 - 2014-03-01 07:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-03-12 07:48 - 2014-03-01 06:58 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-03-12 07:48 - 2014-03-01 06:52 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-03-12 07:48 - 2014-03-01 06:51 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-03-12 07:48 - 2014-03-01 06:42 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-03-12 07:48 - 2014-03-01 06:40 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-03-12 07:48 - 2014-03-01 06:37 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-03-12 07:48 - 2014-03-01 06:33 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-03-12 07:48 - 2014-03-01 06:33 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-03-12 07:48 - 2014-03-01 06:32 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-03-12 07:48 - 2014-03-01 06:30 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-03-12 07:48 - 2014-03-01 06:23 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-03-12 07:48 - 2014-03-01 06:17 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-03-12 07:48 - 2014-03-01 06:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-03-12 07:48 - 2014-03-01 06:02 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-03-12 07:48 - 2014-03-01 05:54 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-03-12 07:48 - 2014-03-01 05:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-03-12 07:48 - 2014-03-01 05:51 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-03-12 07:48 - 2014-03-01 05:47 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-03-12 07:48 - 2014-03-01 05:43 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-03-12 07:48 - 2014-03-01 05:43 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-03-12 07:48 - 2014-03-01 05:42 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-03-12 07:48 - 2014-03-01 05:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-03-12 07:48 - 2014-03-01 05:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-03-12 07:48 - 2014-03-01 05:37 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-03-12 07:48 - 2014-03-01 05:35 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-03-12 07:48 - 2014-03-01 05:18 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-03-12 07:48 - 2014-03-01 05:16 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-03-12 07:48 - 2014-03-01 05:14 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-03-12 07:48 - 2014-03-01 05:10 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-03-12 07:48 - 2014-03-01 05:03 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-03-12 07:48 - 2014-03-01 05:00 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-03-12 07:48 - 2014-03-01 04:57 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-03-12 07:48 - 2014-03-01 04:38 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-03-12 07:48 - 2014-03-01 04:32 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-03-12 07:48 - 2014-03-01 04:27 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-03-12 07:48 - 2014-03-01 04:25 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-03-12 07:48 - 2014-03-01 04:25 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-03-12 07:39 - 2014-01-28 04:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll 2014-03-12 07:38 - 2014-02-07 03:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-03-12 07:37 - 2014-02-04 04:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll 2014-03-12 07:37 - 2014-02-04 04:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll 2014-03-12 07:37 - 2014-02-04 04:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll 2014-03-12 07:37 - 2014-02-04 04:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll 2014-03-12 07:37 - 2014-01-29 04:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll 2014-03-12 07:37 - 2014-01-29 04:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll 2014-03-11 19:04 - 2014-03-11 19:04 - 00081452 _____ () C:\Users\DAUM\Desktop\MAXIMILIAN-PC.txt 2014-03-11 14:50 - 2014-03-11 14:50 - 00000000 ____D () C:\Users\DAUM\AppData\Roaming\DivX 2014-03-11 09:08 - 2014-03-04 13:32 - 00599840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe 2014-03-11 08:50 - 2014-03-04 16:35 - 31474976 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll 2014-03-11 08:50 - 2014-03-04 16:35 - 25255256 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll 2014-03-11 08:50 - 2014-03-04 16:35 - 23716640 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll 2014-03-11 08:50 - 2014-03-04 16:35 - 17561544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll 2014-03-11 08:50 - 2014-03-04 16:35 - 15783992 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll 2014-03-11 08:50 - 2014-03-04 16:35 - 12708128 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys 2014-03-11 08:50 - 2014-03-04 16:35 - 11636176 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll 2014-03-11 08:50 - 2014-03-04 16:35 - 11589272 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll 2014-03-11 08:50 - 2014-03-04 16:35 - 09728064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll 2014-03-11 08:50 - 2014-03-04 16:35 - 09690424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll 2014-03-11 08:50 - 2014-03-04 16:35 - 03143456 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll 2014-03-11 08:50 - 2014-03-04 16:35 - 02958792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll 2014-03-11 08:50 - 2014-03-04 16:35 - 02783008 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll 2014-03-11 08:50 - 2014-03-04 16:35 - 02411976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll 2014-03-11 08:50 - 2014-03-04 16:35 - 01885472 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433523.dll 2014-03-11 08:50 - 2014-03-04 16:35 - 01516488 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433523.dll 2014-03-11 08:50 - 2014-03-04 16:35 - 00892704 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll 2014-03-11 08:50 - 2014-03-04 16:35 - 00877856 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll 2014-03-11 08:50 - 2014-03-04 16:35 - 00863064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll 2014-03-11 08:50 - 2014-03-04 16:35 - 00846168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll 2014-03-11 08:50 - 2014-03-04 16:35 - 00832936 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll 2014-03-11 08:50 - 2014-03-04 16:35 - 00484296 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll 2014-03-11 08:50 - 2014-03-04 16:35 - 00409544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll 2014-03-11 08:50 - 2014-03-04 16:35 - 00377688 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll 2014-03-11 08:50 - 2014-03-04 16:35 - 00353504 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll 2014-03-11 08:50 - 2014-03-04 16:35 - 00333600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll 2014-03-11 08:50 - 2014-03-04 16:35 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll 2014-03-11 08:50 - 2014-03-04 16:35 - 00174296 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll 2014-03-11 08:50 - 2014-03-04 16:35 - 00148016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll 2014-03-10 19:47 - 2014-03-16 11:28 - 00000000 _____ () C:\Windows\system32\Drivers\lvuvc.hs 2014-03-10 19:47 - 2014-03-10 19:47 - 00004098 _____ () C:\Windows\system32\lvcoinst.log 2014-03-10 19:47 - 2014-03-10 19:47 - 00000000 ____D () C:\Program Files\Common Files\logishrd 2014-03-10 17:12 - 2014-03-10 17:12 - 00000000 ____D () C:\Users\DAUM\AppData\Local\SMART_Technologies 2014-03-10 17:07 - 2014-03-10 17:07 - 00292328 _____ () C:\Windows\Minidump\031014-12807-01.dmp 2014-03-10 16:56 - 2014-03-10 16:56 - 00292632 _____ () C:\Windows\Minidump\031014-12916-01.dmp 2014-03-10 15:41 - 2014-03-10 15:41 - 00000838 _____ () C:\Users\Public\Desktop\SeaTools for Windows.lnk 2014-03-10 15:40 - 2014-03-10 15:40 - 26771088 _____ () C:\Users\DAUM\Downloads\SeaToolsforWindowsSetup.exe 2014-03-10 15:14 - 2014-03-10 15:14 - 00000000 ____D () C:\Users\DAUM\AppData\Roaming\JAM Software 2014-03-10 15:13 - 2014-03-10 15:13 - 00000000 ____D () C:\ProgramData\Licenses 2014-03-10 15:12 - 2014-03-10 15:13 - 00000000 ____D () C:\Users\DAUM\Downloads\JAM Software TreeSize Professional v6.0.2.937 (x86-x64) Retail Incl Keygen-BRD [TorDigger] 2014-03-09 20:45 - 2014-03-09 20:45 - 00000000 ____D () C:\Users\DAUM\AppData\Local\Skype 2014-03-09 18:16 - 2014-04-02 19:07 - 00001744 _____ () C:\Users\DAUM\Desktop\MaLDoHD_C2_Setup.exe - Verknüpfung.lnk ==================== One Month Modified Files and Folders ======= 2014-04-04 12:30 - 2014-04-04 12:29 - 00000000 ____D () C:\FRST 2014-04-04 12:30 - 2014-04-04 12:27 - 00000000 ____D () C:\Users\DAUM\Desktop\PC retten 2014-04-04 12:29 - 2009-07-14 19:58 - 00702736 _____ () C:\Windows\system32\perfh007.dat 2014-04-04 12:29 - 2009-07-14 19:58 - 00150376 _____ () C:\Windows\system32\perfc007.dat 2014-04-04 12:29 - 2009-07-14 07:13 - 01628496 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-04-04 12:28 - 2013-08-24 14:38 - 00000000 _____ () C:\Windows\Path.idx 2014-04-04 12:27 - 2013-08-24 14:07 - 01625430 _____ () C:\Windows\WindowsUpdate.log 2014-04-04 12:24 - 2014-04-03 20:37 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-04-04 12:24 - 2013-12-22 18:47 - 00003018 _____ () C:\Windows\System32\Tasks\MSIAfterburner 2014-04-04 12:23 - 2013-11-30 15:36 - 00000000 ____D () C:\ProgramData\NVIDIA 2014-04-04 12:23 - 2013-08-24 14:27 - 01048576 _____ () C:\Windows\PE_Rom.dll 2014-04-04 12:23 - 2013-08-24 14:12 - 00001102 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-04-04 12:23 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-04-04 12:23 - 2009-07-14 06:51 - 00139311 _____ () C:\Windows\setupact.log 2014-04-04 07:02 - 2009-07-14 06:45 - 00014928 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-04-04 07:02 - 2009-07-14 06:45 - 00014928 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-04-04 06:55 - 2013-08-24 19:15 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-04-03 23:58 - 2013-08-24 14:07 - 00000000 ____D () C:\Users\DAUM 2014-04-03 23:57 - 2014-01-17 21:47 - 00000000 ____D () C:\Users\DAUM\AppData\Local\Battle.net 2014-04-03 23:57 - 2013-08-24 20:35 - 00000000 ____D () C:\Users\DAUM\AppData\Roaming\TS3Client 2014-04-03 23:46 - 2013-08-24 14:12 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-04-03 21:48 - 2014-04-03 21:48 - 00602112 _____ (OldTimer Tools) C:\Users\DAUM\Desktop\OTL.exe 2014-04-03 21:33 - 2013-08-24 14:25 - 00621848 _____ () C:\Windows\PFRO.log 2014-04-03 21:30 - 2014-04-03 21:30 - 00014574 _____ () C:\Users\DAUM\Desktop\hijackthis.log 2014-04-03 21:27 - 2014-04-03 21:27 - 00009153 _____ () C:\Users\DAUM\Downloads\hijackthis.log 2014-04-03 21:27 - 2014-04-03 21:22 - 00000000 ____D () C:\Users\DAUM\Doctor Web 2014-04-03 21:26 - 2014-04-03 21:26 - 00388608 _____ (Trend Micro Inc.) C:\Users\DAUM\Desktop\hijackthis.exe 2014-04-03 21:21 - 2014-04-03 21:20 - 145673424 _____ () C:\Users\DAUM\Downloads\cureit.exe 2014-04-03 21:00 - 2013-08-30 22:44 - 00000000 ____D () C:\Windows\pss 2014-04-03 20:46 - 2009-07-14 07:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT 2014-04-03 20:46 - 2009-07-14 05:20 - 00000000 __RSD () C:\Windows\Media 2014-04-03 20:39 - 2014-01-23 22:58 - 00003922 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{1C88839B-7580-4AEF-946D-0B1949ED9E71} 2014-04-03 20:37 - 2014-04-03 20:37 - 17523384 _____ (Malwarebytes Corporation ) C:\Users\DAUM\Downloads\mbam-setup-2.0.0.1000.exe 2014-04-03 20:37 - 2014-04-03 20:37 - 00001114 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-04-03 20:37 - 2014-04-03 20:37 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-04-03 20:37 - 2014-04-03 20:37 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-04-03 20:22 - 2014-04-03 20:22 - 00000000 ____D () C:\Users\DAUM\Documents\ProcAlyzer Dumps 2014-04-03 20:21 - 2014-04-03 20:00 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy 2014-04-03 20:00 - 2014-04-03 20:00 - 00001391 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk 2014-04-03 20:00 - 2014-04-03 20:00 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking 2014-04-03 20:00 - 2014-04-03 20:00 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2 2014-04-03 19:59 - 2014-04-03 19:58 - 40658208 _____ (Safer-Networking Ltd. ) C:\Users\DAUM\Downloads\spybot-2.2.exe 2014-04-03 19:53 - 2014-04-03 19:53 - 01243655 _____ () C:\Users\DAUM\Downloads\ProcessExplorer.zip 2014-04-03 19:34 - 2014-04-03 19:34 - 00003188 _____ () C:\Windows\System32\Tasks\GUpdater 2014-04-03 19:32 - 2013-08-25 22:16 - 00000000 ____D () C:\Users\DAUM\AppData\Local\PMB Files 2014-04-03 19:32 - 2013-08-25 22:16 - 00000000 ____D () C:\ProgramData\PMB Files 2014-04-03 19:22 - 2013-08-24 19:53 - 00000000 ____D () C:\Users\DAUM\AppData\Roaming\Skype 2014-04-03 19:15 - 2014-03-24 12:28 - 00000000 ____D () C:\Steam 2014-04-03 00:23 - 2013-08-24 20:42 - 00000000 ____D () C:\ProgramData\Origin 2014-04-02 23:38 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF 2014-04-02 22:02 - 2013-09-20 20:10 - 00000000 ____D () C:\Program Files (x86)\Origin 2014-04-02 20:53 - 2014-04-02 20:52 - 00000000 ____D () C:\Users\DAUM\Desktop\Rome2 2014-04-02 19:12 - 2013-11-02 17:52 - 00000000 ____D () C:\Users\DAUM\.gimp-2.8 2014-04-02 19:07 - 2014-03-09 18:16 - 00001744 _____ () C:\Users\DAUM\Desktop\MaLDoHD_C2_Setup.exe - Verknüpfung.lnk 2014-04-02 19:06 - 2014-04-02 19:06 - 00006577 _____ () C:\Users\DAUM\AppData\Local\recently-used.xbel 2014-04-02 19:06 - 2013-11-02 17:59 - 00000000 ____D () C:\Users\DAUM\AppData\Local\gtk-2.0 2014-04-01 17:03 - 2014-02-02 00:03 - 00000000 ____D () C:\Users\DAUM\AppData\Local\Apple 2014-04-01 13:45 - 2013-12-31 21:43 - 00214392 _____ () C:\Windows\SysWOW64\PnkBstrB.exe 2014-04-01 13:40 - 2013-11-01 20:26 - 00214392 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0 2014-03-31 17:47 - 2013-09-04 10:30 - 00000000 ____D () C:\Users\DAUM\AppData\Local\Deployment 2014-03-31 13:56 - 2014-03-26 23:33 - 00000000 ____D () C:\Users\DAUM\AppData\Local\BC99FC14-6988-49FB-9596-0765364BB27A.aplzod 2014-03-31 06:36 - 2014-03-31 06:36 - 00000000 ____D () C:\Windows\System32\Tasks\Norton Internet Security 2014-03-31 06:31 - 2014-03-03 03:05 - 00000000 ____D () C:\Windows\system32\Drivers\NISx64 2014-03-31 06:30 - 2014-03-03 03:05 - 00003234 _____ () C:\Windows\System32\Tasks\Norton WSC Integration 2014-03-30 19:43 - 2013-08-31 15:27 - 00000000 ____D () C:\Users\DAUM\AppData\Local\CrashDumps 2014-03-28 10:41 - 2013-08-24 14:12 - 00004102 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2014-03-28 10:41 - 2013-08-24 14:12 - 00003850 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2014-03-27 08:18 - 2014-03-27 08:18 - 03822704 _____ () C:\Users\DAUM\Downloads\battlelog-web-plugins_2.3.2_133.exe 2014-03-27 08:18 - 2013-08-25 19:50 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins 2014-03-27 08:16 - 2013-12-19 22:30 - 00000000 ____D () C:\Program Files (x86)\MSI Afterburner 2014-03-26 23:47 - 2014-02-02 00:07 - 00000000 ____D () C:\Users\DAUM\AppData\Roaming\Apple Computer 2014-03-26 23:47 - 2014-02-02 00:07 - 00000000 ____D () C:\Users\DAUM\AppData\Local\Apple Computer 2014-03-26 23:27 - 2014-02-02 00:03 - 00000000 ____D () C:\Program Files\Common Files\Apple 2014-03-26 23:26 - 2014-03-26 23:25 - 70638408 _____ (Apple Inc.) C:\Users\DAUM\Downloads\iCloudSetup.exe 2014-03-26 20:04 - 2014-03-26 20:04 - 00000000 ____D () C:\Users\DAUM\Documents\Norton Identity Safe-Backups 2014-03-25 19:12 - 2014-03-25 19:12 - 00048954 _____ () C:\Users\DAUM\Desktop\DxDiag.txt 2014-03-25 19:12 - 2014-03-25 19:12 - 00040089 _____ () C:\Users\DAUM\Desktop\rome2_10270_crash_2014_3_24T11_39_52C0.rar 2014-03-24 21:34 - 2013-11-19 17:04 - 00000000 ____D () C:\Users\DAUM\AppData\Local\Futuremark 2014-03-24 21:13 - 2014-03-24 21:13 - 00002671 _____ () C:\Users\DAUM\Unigine_Heaven_Benchmark_4.0_20140324_2013.html 2014-03-24 21:02 - 2014-03-24 20:53 - 01065984 _____ () C:\Users\DAUM\AppData\Local\file__0.localstorage 2014-03-24 21:01 - 2014-03-24 20:55 - 00000000 ____D () C:\Users\DAUM\Heaven 2014-03-24 20:51 - 2013-09-01 01:00 - 00000000 ____D () C:\Users\DAUM\AppData\Roaming\BitTorrent 2014-03-24 20:50 - 2014-03-24 20:47 - 258728440 _____ (Unigine Corp. ) C:\Users\DAUM\Downloads\Unigine_Heaven-4.0.exe 2014-03-24 20:47 - 2014-03-24 20:47 - 00019913 _____ () C:\Users\DAUM\Downloads\Unigine_Heaven-4.0.exe.torrent 2014-03-24 15:55 - 2014-03-24 15:55 - 03821624 _____ () C:\Users\DAUM\Downloads\battlelog-web-plugins_2.3.2_131.exe 2014-03-24 12:34 - 2014-03-24 12:34 - 00000000 ____D () C:\Users\DAUM\Downloads\pixelvision 2014-03-24 12:28 - 2013-08-24 19:29 - 00000000 ____D () C:\Program Files (x86)\Steam 2014-03-23 23:37 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache 2014-03-23 02:03 - 2014-03-04 19:38 - 00023681 _____ () C:\Users\DAUM\Desktop\Mein Computer.xlsx 2014-03-23 00:29 - 2014-01-25 19:21 - 00012091 _____ () C:\Users\DAUM\Documents\TombRaider.log 2014-03-23 00:08 - 2014-01-04 16:08 - 00000000 ____D () C:\Users\DAUM\AppData\Local\Arma 3 2014-03-22 18:27 - 2014-03-22 18:27 - 11182376 _____ () C:\Users\DAUM\Downloads\redsn0w-0.9.6b6.zip 2014-03-22 13:57 - 2014-03-22 13:57 - 00000000 ____D () C:\Users\DAUM\AppData\Roaming\VOWSoft 2014-03-22 13:56 - 2014-03-22 13:56 - 05842096 _____ () C:\Users\DAUM\Downloads\ibackupbot_setup.exe 2014-03-22 01:17 - 2014-01-17 21:47 - 00000000 ____D () C:\Program Files (x86)\Battle.net 2014-03-21 20:50 - 2014-03-21 17:45 - 00000000 ____D () C:\ProgramData\Acronis 2014-03-21 18:44 - 2014-03-03 06:55 - 00000000 ____D () C:\Windows\System32\Tasks\Norton Identity Safe 2014-03-21 17:46 - 2014-04-03 20:52 - 00000861 _____ () C:\Windows\system32\Drivers\etc\hosts.20140403-205245.backup 2014-03-21 17:46 - 2014-03-21 17:46 - 00000000 ____D () C:\Users\DAUM\AppData\Roaming\Acronis 2014-03-21 17:45 - 2014-03-21 17:45 - 01464096 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\tdrpman.sys 2014-03-21 17:45 - 2014-03-21 17:45 - 01120032 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\tib.sys 2014-03-21 17:45 - 2014-03-21 17:45 - 00367200 _____ (Acronis) C:\Windows\system32\Drivers\afcdp.sys 2014-03-21 17:45 - 2014-03-21 17:45 - 00269600 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\snapman.sys 2014-03-21 17:45 - 2014-03-21 17:45 - 00198432 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\tib_mounter.sys 2014-03-21 17:45 - 2014-03-21 17:45 - 00161568 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\vididr.sys 2014-03-21 17:45 - 2014-03-21 17:45 - 00117024 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\vidsflt.sys 2014-03-21 17:45 - 2014-03-21 17:45 - 00116000 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\fltsrv.sys 2014-03-21 17:45 - 2014-03-21 17:45 - 00001217 _____ () C:\Users\Public\Desktop\Acronis True Image 2014.lnk 2014-03-21 17:45 - 2014-03-21 17:45 - 00000000 ____D () C:\Program Files (x86)\Acronis 2014-03-21 00:29 - 2014-03-21 00:24 - 71259563 _____ () C:\Users\DAUM\Documents\dm_rilynn_rae.mp4 2014-03-20 20:31 - 2014-03-03 02:55 - 00000000 ____D () C:\Windows\system32\Drivers\NSTx64 2014-03-20 17:58 - 2013-08-25 20:29 - 00000000 ____D () C:\Program Files (x86)\Origin Games 2014-03-20 00:05 - 2014-03-20 00:05 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf 2014-03-19 16:45 - 2014-03-19 16:45 - 00001795 _____ () C:\Users\Public\Desktop\iTunes.lnk 2014-03-19 16:45 - 2014-03-19 16:45 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2014-03-19 16:45 - 2014-03-19 16:45 - 00000000 ____D () C:\Program Files\iTunes 2014-03-19 16:45 - 2014-03-19 16:45 - 00000000 ____D () C:\Program Files\iPod 2014-03-19 16:45 - 2014-03-19 16:45 - 00000000 ____D () C:\Program Files (x86)\iTunes 2014-03-19 00:34 - 2014-03-19 00:32 - 00000000 ____D () C:\Users\DAUM\Downloads\Acronis True Image Home 2014 17.0 Build 6614 2014-03-18 18:04 - 2014-03-18 18:04 - 00316912 _____ () C:\Users\DAUM\Downloads\441280_intl_x64_zip.exe 2014-03-18 17:50 - 2014-03-18 17:50 - 04693832 _____ () C:\Users\DAUM\Downloads\441065_intl_x64_zip.exe 2014-03-18 15:03 - 2014-03-18 15:03 - 00613200 _____ (Chip Digital GmbH) C:\Users\DAUM\Downloads\HijackThis - CHIP-Downloader.exe 2014-03-18 00:31 - 2013-11-12 16:51 - 00000000 ____D () C:\Users\DAUM\Documents\Calibre-Bibliothek 2014-03-17 14:48 - 2014-03-17 14:48 - 00000000 ____D () C:\Users\DAUM\AppData\Local\Razer_Inc 2014-03-17 14:47 - 2014-03-17 14:47 - 00000000 ____D () C:\Users\DAUM\Documents\Razer 2014-03-17 14:47 - 2013-08-24 18:55 - 00000000 ____D () C:\Users\DAUM\AppData\Local\Razer 2014-03-17 14:45 - 2013-08-24 18:55 - 00000000 ____D () C:\ProgramData\Razer 2014-03-17 14:44 - 2014-03-17 14:43 - 41954352 _____ (Razer Inc. ) C:\Users\DAUM\Downloads\RazerGameBoosterSetup_4.2.45.0.exe 2014-03-16 11:28 - 2014-03-10 19:47 - 00000000 _____ () C:\Windows\system32\Drivers\lvuvc.hs 2014-03-13 01:02 - 2014-02-14 18:20 - 00000000 ____D () C:\Users\DAUM\Documents\Respawn 2014-03-12 22:49 - 2014-03-12 22:49 - 00000000 ____D () C:\Program Files (x86)\SplitMediaLabs 2014-03-12 22:45 - 2014-03-12 22:32 - 00000000 ____D () C:\Users\DAUM\Desktop\XSplit 2014-03-12 22:43 - 2013-08-25 22:17 - 00000000 __SHD () C:\Windows\SysWOW64\AI_RecycleBin 2014-03-12 22:38 - 2013-09-08 19:36 - 00000000 ____D () C:\Users\DAUM\AppData\Local\Microsoft Help 2014-03-12 22:35 - 2014-03-12 22:35 - 00000000 ____D () C:\Users\DAUM\AppData\Local\SplitMediaLabs 2014-03-12 22:34 - 2014-03-12 22:34 - 00000000 ____D () C:\ProgramData\SplitMediaLabs 2014-03-12 22:33 - 2014-03-12 22:33 - 00000000 ____D () C:\Users\DAUM\AppData\Roaming\SplitMediaLabs 2014-03-12 20:39 - 2014-03-12 20:31 - 00000000 ____D () C:\Users\DAUM\AppData\Roaming\FFsplit 2014-03-12 20:29 - 2013-09-08 19:46 - 00000000 ____D () C:\ProgramData\Package Cache 2014-03-12 20:29 - 2013-08-24 15:00 - 00000000 ____D () C:\Windows\SysWOW64\directx 2014-03-12 20:27 - 2014-03-12 20:27 - 08463565 _____ (FFsplit Team ) C:\Users\DAUM\Downloads\FFsplit-07023-Full.exe 2014-03-12 18:41 - 2013-10-14 17:42 - 00000000 ____D () C:\Program Files\Microsoft Silverlight 2014-03-12 18:41 - 2013-10-14 17:42 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight 2014-03-12 18:41 - 2009-07-14 06:45 - 00499368 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-03-12 07:53 - 2013-09-08 19:36 - 00000000 ____D () C:\ProgramData\Microsoft Help 2014-03-12 07:53 - 2013-08-24 16:30 - 00000000 ____D () C:\Windows\system32\MRT 2014-03-12 07:50 - 2013-08-24 16:30 - 90015360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-03-12 07:40 - 2013-08-24 15:03 - 01013448 _____ () C:\Windows\DirectX.log 2014-03-11 22:00 - 2013-08-24 19:15 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-03-11 22:00 - 2013-08-24 19:15 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-03-11 22:00 - 2013-08-24 19:15 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-03-11 20:12 - 2013-09-09 19:42 - 00000000 ____D () C:\Users\DAUM\AppData\Local\Skyrim 2014-03-11 19:04 - 2014-03-11 19:04 - 00081452 _____ () C:\Users\DAUM\Desktop\MAXIMILIAN-PC.txt 2014-03-11 14:50 - 2014-03-11 14:50 - 00000000 ____D () C:\Users\DAUM\AppData\Roaming\DivX 2014-03-11 09:08 - 2013-09-21 14:29 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation 2014-03-10 19:47 - 2014-03-10 19:47 - 00004098 _____ () C:\Windows\system32\lvcoinst.log 2014-03-10 19:47 - 2014-03-10 19:47 - 00000000 ____D () C:\Program Files\Common Files\logishrd 2014-03-10 17:12 - 2014-03-10 17:12 - 00000000 ____D () C:\Users\DAUM\AppData\Local\SMART_Technologies 2014-03-10 17:07 - 2014-03-10 17:07 - 00292328 _____ () C:\Windows\Minidump\031014-12807-01.dmp 2014-03-10 17:07 - 2013-10-08 17:20 - 808329160 _____ () C:\Windows\MEMORY.DMP 2014-03-10 17:07 - 2013-10-08 17:20 - 00000000 ____D () C:\Windows\Minidump 2014-03-10 16:58 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions 2014-03-10 16:56 - 2014-03-10 16:56 - 00292632 _____ () C:\Windows\Minidump\031014-12916-01.dmp 2014-03-10 15:41 - 2014-03-10 15:41 - 00000838 _____ () C:\Users\Public\Desktop\SeaTools for Windows.lnk 2014-03-10 15:40 - 2014-03-10 15:40 - 26771088 _____ () C:\Users\DAUM\Downloads\SeaToolsforWindowsSetup.exe 2014-03-10 15:14 - 2014-03-10 15:14 - 00000000 ____D () C:\Users\DAUM\AppData\Roaming\JAM Software 2014-03-10 15:13 - 2014-03-10 15:13 - 00000000 ____D () C:\ProgramData\Licenses 2014-03-10 15:13 - 2014-03-10 15:12 - 00000000 ____D () C:\Users\DAUM\Downloads\JAM Software TreeSize Professional v6.0.2.937 (x86-x64) Retail Incl Keygen-BRD [TorDigger] 2014-03-09 20:45 - 2014-03-09 20:45 - 00000000 ____D () C:\Users\DAUM\AppData\Local\Skype 2014-03-09 20:45 - 2013-08-24 19:53 - 00000000 ____D () C:\ProgramData\Skype 2014-03-09 16:49 - 2013-12-06 22:38 - 00000000 ____D () C:\Program Files\Nexus Mod Manager 2014-03-08 01:17 - 2013-11-19 17:04 - 00000000 ____D () C:\Users\DAUM\Documents\3DMark 2014-03-08 01:14 - 2013-12-26 18:39 - 00000022 _____ () C:\Windows\GPU-Z.INI 2014-03-08 00:53 - 2013-11-19 18:25 - 00000000 ____D () C:\Program Files (x86)\Futuremark 2014-03-06 23:53 - 2014-04-03 20:01 - 02925760 _____ (Sysinternals - www.sysinternals.com) C:\Users\DAUM\Desktop\procexp.exe 2014-03-05 09:26 - 2014-04-03 20:37 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-03-05 09:26 - 2014-04-03 20:37 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-03-05 09:26 - 2014-04-03 20:37 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys Files to move or delete: ==================== C:\ProgramData\C__Users_DAUM_Downloads_Platinum Hide IP_Crack_PlatinumHideIP.exe Some content of TEMP: ==================== C:\Users\DAUM\AppData\Local\Temp\MSND5D4.exe C:\Users\DAUM\AppData\Local\Temp\sfamcc00001.dll C:\Users\DAUM\AppData\Local\Temp\_is9443.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2014-03-31 15:49 ==================== End Of Log ============================ --- --- --- Anmerkung: Da ich mit der vollkommenen Prozessauslastung nicht arbeiten kann, habe ich einen befreundeten Informatiker heute morgen um Rat gebeten. Er hat mir empfohlen, die einzelnen Prozesse innerhalb der svchost.exe, die so unglaublich viel Leistung verbrauchen mit dem als Admin gestarteten Process Explorer zu killen (ings. 8 an der Zahl). Gesagt, getan. Zwar ist die Auslastung dann wieder normal, doch die Anwendung ist weiterhin vorhanden und nach einem Systemneustart ist alles wieder bei 100%. |
04.04.2014, 12:19 | #4 |
| Windows 7 - svchost.exe 100% CPU-Auslastung Da der eine Post die maximale Länge der Zeichen überschritten hat: Addition.txt Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-03-2014 Ran by DAUM at 2014-04-04 12:32:20 Running from C:\Users\DAUM\Desktop\PC retten Boot Mode: Normal ========================================================== ==================== Security Center ======================== AV: Norton Internet Security (Enabled - Up to date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB} AS: Norton Internet Security (Enabled - Up to date) {631E4324-D31C-783F-EC5C-35AD42B18466} AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0} FW: Norton Internet Security (Enabled) {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0} ==================== Installed Programs ====================== 3DMark (HKLM-x32\...\Steam App 223850) (Version: - Futuremark) Acronis True Image 2014 (HKLM-x32\...\{4A79A394-835A-49D7-8662-60643872DFF6}Visible) (Version: 17.0.6614 - Acronis) Acronis True Image 2014 (x32 Version: 17.0.6614 - Acronis) Hidden Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.8.0.870 - Adobe Systems Incorporated) Adobe AIR (x32 Version: 3.8.0.870 - Adobe Systems Incorporated) Hidden Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.77 - Adobe Systems Incorporated) Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated) Adobe Reader X (10.1.8) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.8 - Adobe Systems Incorporated) AI Suite II (HKLM-x32\...\{34D3688E-A737-44C5-9E2A-FF73618728E1}) (Version: 2.03.01 - ASUSTeK Computer Inc.) AIDA64 Extreme v4.00 (HKLM-x32\...\AIDA64 Extreme_is1) (Version: 4.00 - FinalWire Ltd.) Alan Wake (HKLM-x32\...\Steam App 108710) (Version: - Remedy Entertainment) Anno 2070 (HKLM-x32\...\Steam App 48240) (Version: - BlueByte) Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) Application Profiles (HKLM-x32\...\{63059735-CA97-FDFB-0E7A-3B8D81572EFD}) (Version: 2.0.4888.34279 - Advanced Micro Devices, Inc.) Arma 3 (HKLM-x32\...\Steam App 107410) (Version: - Bohemia Interactive) Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.14.3.0 - Asmedia Technology) Asmedia ASM106x SATA Host Controller Driver (HKLM-x32\...\{61942EF5-2CD8-47D4-869C-2E9A8BB085F1}) (Version: 1.3.4.000 - Asmedia Technology) Assassins Creed IV Black Flag (HKLM-x32\...\Uplay Install 273) (Version: - Ubisoft) ASUS Boot Setting (HKLM-x32\...\{7AAE9187-C24F-4073-A951-36C370E7A3A5}) (Version: 1.00.09 - ASUSTeK Computer Inc.) ASUS Product Register Program (HKLM-x32\...\{C0B16F2E-3980-44F8-8CF4-F84696541FF7}) (Version: 1.0.018 - ASUSTek Computer Inc.) ASUS WebStorage Sync Agent (HKLM-x32\...\ASUS WebStorage) (Version: 1.1.11.125 - ASUS Cloud Corporation) ASUS Xonar D1 Audio Driver (HKLM\...\C-Media Oxygen HD Audio Driver) (Version: - ) Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.2.0.0 - Electronic Arts) Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.2 - EA Digital Illusions CE AB) BitTorrent (HKCU\...\BitTorrent) (Version: 7.8.2.30332 - BitTorrent Inc.) Blitzkrieg Mod (HKLM-x32\...\Blitzkrieg) (Version: 4.7.0.0 - Blitzkrieg Mod Team) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version: - Gearbox Software) calibre 64bit (HKLM\...\{52E45FA3-B1CE-4852-8E93-774BB3F4D468}) (Version: 1.25.0 - Kovid Goyal) Call of Duty: Modern Warfare 2 - Multiplayer (HKLM-x32\...\Steam App 10190) (Version: - Infinity Ward) CINEMA 4D 14.042 (HKLM\...\MAXONF9512EDA) (Version: 14.042 - MAXON Computer GmbH) Company of Heroes (New Steam Version) (HKLM-x32\...\Steam App 228200) (Version: - Relic) Company of Heroes 2 (HKLM-x32\...\Steam App 231430) (Version: - Relic Entertainment) CPUID CPU-Z 1.67.1 (HKLM\...\CPUID CPU-Z_is1) (Version: - ) Crysis 2 Maximum Edition (HKLM-x32\...\Steam App 108800) (Version: - Crytek Studios) Crysis®3 (HKLM-x32\...\{4198AE83-A3C6-4C41-85C8-EC63E990696E}) (Version: 1.0.0.0 - Electronic Arts) CyberLink PowerDVD 13 (HKLM-x32\...\InstallShield_{3CFDF154-7E60-4E98-A8DF-C693A4F8E6B6}) (Version: 13.0.3105.58 - CyberLink Corp.) CyberLink PowerDVD 13 (x32 Version: 13.0.3105.58 - CyberLink Corp.) Hidden DAEMON Tools Pro (HKLM-x32\...\DAEMON Tools Pro) (Version: 5.2.0.0348 - DT Soft Ltd) Dark Souls: Prepare to Die Edition (HKLM-x32\...\Steam App 211420) (Version: - FromSoftware) DarthMod Napoleon (HKLM-x32\...\DarthMod Napoleon) (Version: - ) Dawn of Fantasy: Kingdom Wars (HKLM-x32\...\Steam App 227180) (Version: - Reverie World Studios) DayZ (HKLM-x32\...\Steam App 221100) (Version: - Bohemia Interactive) Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{DC4BC0CC-A928-4C48-BA40-AC24784F46E5}) (Version: - Microsoft) Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment) DisplayFusion (HKLM-x32\...\Steam App 227260) (Version: - Binary Fortress Software) DisplayFusion 5.1.1 (HKLM-x32\...\B076073A-5527-4f4f-B46B-B10692277DA2_is1) (Version: 5.1.1.0 - Binary Fortress Software) DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.87 - DivX, LLC) Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD) Dungeon Defenders (HKLM-x32\...\Steam App 65800) (Version: - Trendy Entertainment) ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB) EXPERTool v8.9 (HKLM-x32\...\{551D9481-9487-4D0C-9A1D-6BC3E7B6D991}_is1) (Version: 8.9.6.3 - Gainward Co. Ltd.) Flixster (HKCU\...\404b9336c7552828) (Version: 2.0.0.233 - Flixster) Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - ) Futuremark SystemInfo (HKLM-x32\...\{EF7EA37B-C009-4D53-AE2A-FF7C6AEC35CE}) (Version: 4.26.386 - Futuremark) Geeks3D FurMark 1.11.0 (HKLM-x32\...\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1) (Version: - Geeks3D) GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden Ghost Recon Online (EU) (HKCU\...\d8be6c3f847d7d92) (Version: 1.34.1166.2 - Ubisoft) GIMP 2.8.6 (HKLM\...\GIMP-2_is1) (Version: 2.8.6 - The GIMP Team) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 33.0.1750.154 - Google Inc.) Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google) Google Update Helper (x32 Version: 1.3.23.9 - Google Inc.) Hidden Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version: - NCsoft Corporation, Ltd.) Heaven Benchmark version 4.0 (HKLM-x32\...\Unigine Heaven Benchmark (Basic Edition)_is1) (Version: 4.0 - Unigine Corp.) Hide IP Easy (HKLM-x32\...\HideIPEasy) (Version: 5.1.6.6 - ) HP Deskjet 3050 J610 series - Grundlegende Software für das Gerät (HKLM\...\{3DF2B8CD-072D-49F5-BCF8-1DB86B0DF632}) (Version: 22.0.334.0 - Hewlett-Packard Co.) HP Deskjet 3050 J610 series Hilfe (HKLM-x32\...\{F7632A9B-661E-4FD9-B1A4-3B86BC99847F}) (Version: 140.0.63.63 - Hewlett Packard) HP Officejet Pro 8600 - Grundlegende Software für das Gerät (HKLM\...\{1241CE77-0B65-40A0-B893-02EA49E35332}) (Version: 25.0.619.0 - Hewlett-Packard Co.) HP Update (HKLM-x32\...\{85DF2EED-08BC-46FB-90DA-28B0D0A8E8A8}) (Version: 5.003.000.004 - Hewlett-Packard) I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP) iBackupBot 5.1.5 (HKLM-x32\...\iBackupBot) (Version: 5.1.5 - VOWSoft, Ltd.) iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.) Imperial Civil War 2.0 (HKCU\...\Imperial Civil War 2.0) (Version: - ) iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.) Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle) Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games ) League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden LG ODD Auto Firmware Update (HKLM-x32\...\{6179550A-3E7C-499E-BCC9-9E8113E0A285}) (Version: 10.01.0712.01 - ) MagicTunePremium (HKLM-x32\...\{79E9C7C5-4FCC-4DFF-B79E-17319E9522F3}) (Version: 4.0.09 - Samsung Electronics Ltd.) Malwarebytes Anti-Malware Version 2.00.0.1000 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.00.0.1000 - Malwarebytes Corporation) MegaTrainer eXperience V1.2.1.6 (HKLM-x32\...\MegaTrainer eXperience_is1) (Version: - ) Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.30730.0 - Microsoft Corporation) Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation) Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation) Microsoft Office Access MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Excel MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Groove MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office InfoPath MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Office 32-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office OneNote MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Outlook MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office PowerPoint MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Office Professional Plus 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (French) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (Italian) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proofing (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Publisher MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Shared 32-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Shared MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Word MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Outlook Hotmail Connector 64-Bit (HKLM\...\{95140000-0081-0407-1000-0000000FF1CE}) (Version: 14.0.6123.5001 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.40303 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.40308 - Microsoft Corporation) Hidden Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU (Version: 10.0.40303 - Microsoft Corporation) Hidden Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.40303 - Microsoft Corporation) Might & Magic: Heroes VI (HKLM-x32\...\Steam App 48220) (Version: - Blackhole) MotioninJoy Gamepad tool 0.7.1001 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.7.1001 - www.motioninjoy.com) MSI Afterburner 2.3.1 (HKLM-x32\...\Afterburner) (Version: 2.3.1 - MSI Co., LTD) MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden Natural Selection 2 (HKLM-x32\...\Steam App 4920) (Version: - Unknown Worlds Entertainment) NetLimiter 3 (HKLM-x32\...\NetLimiter 3 3.0.0.11) (Version: 3.0.0.11 - Locktime Software) NetLimiter 3 (Version: 3.0.0.11 - Locktime Software) Hidden Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.48.2 - Black Tree Gaming) Norton Identity Safe (HKLM-x32\...\NST) (Version: 2014.7.0.43 - Symantec Corporation) Norton Internet Security (HKLM-x32\...\NIS) (Version: 21.2.0.38 - Symantec Corporation) NVIDIA 3D Vision Controller-Treiber 335.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 335.21 - NVIDIA Corporation) NVIDIA 3D Vision Treiber 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 335.23 - NVIDIA Corporation) NVIDIA GeForce Experience 1.8.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.2 - NVIDIA Corporation) NVIDIA Grafiktreiber 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 335.23 - NVIDIA Corporation) NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation) NVIDIA Install Application (Version: 2.1002.147.1067 - NVIDIA Corporation) Hidden NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation) NVIDIA ShadowPlay 11.10.11 (Version: 11.10.11 - NVIDIA Corporation) Hidden NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3523 - NVIDIA Corporation) Hidden NVIDIA Systemsteuerung 335.23 (Version: 335.23 - NVIDIA Corporation) Hidden NVIDIA Update 11.10.11 (Version: 11.10.11 - NVIDIA Corporation) Hidden NVIDIA Update Core (Version: 11.10.11 - NVIDIA Corporation) Hidden NVIDIA Virtual Audio 1.2.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.20 - NVIDIA Corporation) OpenAL (HKLM-x32\...\OpenAL) (Version: - ) OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation) Opera Stable 20.0.1387.82 (HKLM-x32\...\Opera 20.0.1387.82) (Version: 20.0.1387.82 - Opera Software ASA) Opera Stable 20.0.1387.91 (HKLM-x32\...\Opera 20.0.1387.91) (Version: 20.0.1387.91 - Opera Software ASA) Orcs Must Die! 2 (HKLM-x32\...\Steam App 201790) (Version: - Robot Entertainment) Origin (HKLM-x32\...\Origin) (Version: 9.3.6.4643 - Electronic Arts, Inc.) ORION: Dino Horde (HKLM-x32\...\Steam App 104900) (Version: - Spiral Game Studios) Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.7 - Pando Networks Inc.) PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version: - OVERKILL - a Starbreeze Studio.) PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.) Rainmeter (HKLM-x32\...\Rainmeter) (Version: 3.0 r2116 - ) Razer Game Booster (HKLM-x32\...\Razer Game Booster_is1) (Version: 4.2.45.0 - Razer Inc.) Razer Synapse 2.0 (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.17.22 - Razer Inc.) RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden RealPlayer (HKLM-x32\...\RealPlayer 15.0) (Version: 15.0.5 - RealNetworks) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.61.612.2012 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6699 - Realtek Semiconductor Corp.) RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden Republic at War 1.1.5 (HKLM-x32\...\{1F3630F5-C636-49FF-9BF0-F9E2A221E60B}) (Version: 1.1.5 - Republic at War Modding Team) ROCCAT Ryos Keyboard Driver (HKLM-x32\...\{70F3EF93-44F4-446A-90B8-33DAB2799AF1}) (Version: 1.27.0000 - Roccat GmbH) Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 4.3.0 - Samsung Electronics) Sanctum (HKLM-x32\...\Steam App 91600) (Version: - Coffee Stain Studios) Sanctum 2 (HKLM-x32\...\Steam App 210770) (Version: - Coffee Stain Studios) SeaTools for Windows (HKLM-x32\...\SeaTools for Windows) (Version: - Seagate Technology) Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version: - Microsoft) Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version: - Microsoft) Hidden SHIELD Streaming (Version: 1.7.306 - NVIDIA Corporation) Hidden Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.) SMART Common Files (HKLM-x32\...\{26A95DBF-A866-4838-A8C9-FA219FCBD22E}) (Version: 11.5.159.0 - SMART Technologies ULC) SMART German Language Pack (HKLM-x32\...\{8F98EED9-2AB7-4B92-B37F-70C6877C1783}) (Version: 11.4.27.0 - SMART Technologies ULC) SMART Ink (HKLM-x32\...\{5ABC49B5-D0DC-428D-A082-4AEFF6490F04}) (Version: 2.0.721.0 - SMART Technologies ULC) SMART Notebook (HKLM-x32\...\{79660EE7-9C0B-4962-B566-2693FE34719D}) (Version: 11.4.564.0 - SMART Technologies ULC) SMART Produkttreiber (HKLM-x32\...\{53330A17-78DE-458E-9997-292A2D6D3ADD}) (Version: 11.4.479.0 - SMART Technologies ULC) Smart Technology Programming Software 7.0.27.13 (HKLM\...\{C9193CBB-C31A-412A-A074-AD08F0F2CF3D}) (Version: 7.0.27.13 - Mad Catz) Smart Technology Volume Tracker 7.0.23.0 (HKLM\...\{7C2F1B90-E6E6-4ECF-B626-4545CF6EEB2D}) (Version: 7.0.23.0 - Mad Catz) SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - ) Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.2.25 - Safer-Networking Ltd.) SSDlife Free (HKLM-x32\...\{F371CE3B-8994-44E3-9518-92B22EE4A7FF}) (Version: 2.3.56 - BinarySense Inc.) Star Wars Empire at War (HKLM-x32\...\{99AE7207-8612-4DBA-A8F8-BAE5C633390D}) (Version: 1.0 - LucasArts) Star Wars Empire at War Forces of Corruption (HKLM-x32\...\{6592FDEC-2C1A-413A-9985-25FEC2F0848D}) (Version: 1.0 - LucasArts) StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment) Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation) TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.11 - TeamSpeak Systems GmbH) TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version: - TechPowerUp) teXXas (HKLM-x32\...\{F3DCD04C-BE9C-408C-BC8C-B77AF972DBC2}) (Version: 1 - metaspinner net GmbH) The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios) The Walking Dead (HKLM-x32\...\Steam App 207610) (Version: - ) Thief (HKLM-x32\...\Steam App 239160) (Version: - Eidos-Montréal) Titanfall™ (HKLM-x32\...\{347EE0C3-0690-48F6-A231-53853C2A80D6}) (Version: 1.0.0.3 - Electronic Arts) Tom Clancy's Splinter Cell® Blacklist™ (HKLM-x32\...\{A6356F2F-D3E1-4D83-9AA2-72871DD0C298}) (Version: 1.00.1000 - Ubisoft) Tomb Raider (HKLM-x32\...\Steam App 203160) (Version: - Crystal Dynamics) Total War: ROME II (HKLM-x32\...\Steam App 214950) (Version: - Creative Assembly) TreeSize Professional V6.0.2 (64 bit) (HKLM\...\TreeSize Professional_is1) (Version: 6.0.2 - JAM Software) Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb) Update for Microsoft Access 2010 (KB2553446) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{FEF4C57D-0975-4D3C-ACC7-DCD038C3788F}) (Version: - Microsoft) Update for Microsoft Filter Pack 2.0 (KB2837594) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{99A0DB9A-71FC-4F98-BC1F-78A18195C677}) (Version: - Microsoft) Update for Microsoft InfoPath 2010 (KB2817369) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{DB0B0CDF-77EC-47B0-94E2-4738573A1E58}) (Version: - Microsoft) Update for Microsoft InfoPath 2010 (KB2817396) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{1AA82E2E-7DB7-4C70-910C-BBB657A6B3A5}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2589298) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{79C725A1-3964-421C-A528-78C1C083C7C7}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{95BE5D45-A3DD-4CB1-8C35-D75DD7B4D862}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{95BE5D45-A3DD-4CB1-8C35-D75DD7B4D862}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2589375) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{EBD18DE5-BC84-4B57-9A30-097044871F9A}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{4AD36582-256B-433D-8593-F31773A15CA4}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{4AD36582-256B-433D-8593-F31773A15CA4}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2760598) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F216169C-2B40-429B-8370-B5BA06EC5423}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2760598) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F216169C-2B40-429B-8370-B5BA06EC5423}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2760631) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{B6AD7E27-012A-4B63-82BA-AF62893E5435}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2794737) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{07DC9C6C-E916-4F42-8677-716930ED0393}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2825640) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{43F59F4D-7179-497E-BE99-BC6F7D1DDCBA}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2825640) 64-Bit Edition (HKLM\...\{90140000-0044-0407-1000-0000000FF1CE}_Office14.PROPLUS_{43F59F4D-7179-497E-BE99-BC6F7D1DDCBA}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2850079) 64-Bit Edition (HKLM\...\{90140000-001F-0407-1000-0000000FF1CE}_Office14.PROPLUS_{64D96F30-CF4C-4CCE-AAF2-F8909348BF35}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2850079) 64-Bit Edition (HKLM\...\{90140000-001F-040C-1000-0000000FF1CE}_Office14.PROPLUS_{9F6507AC-7D8F-46C1-B90F-59C7828E0E0D}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2863818) 64-Bit Edition (HKLM\...\{90140000-001F-0409-1000-0000000FF1CE}_Office14.PROPLUS_{A9C4BE58-07E0-473D-AE68-ECBA13FBF77E}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2878225) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{8A6BDA63-4D23-4485-A466-8979E10BCF49}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2878225) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{8A6BDA63-4D23-4485-A466-8979E10BCF49}) (Version: - Microsoft) Update for Microsoft OneNote 2010 (KB2837595) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{3029C408-1DD1-4273-8E58-87CB1B638FC8}) (Version: - Microsoft) Update for Microsoft OneNote 2010 (KB2837595) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{3029C408-1DD1-4273-8E58-87CB1B638FC8}) (Version: - Microsoft) Update for Microsoft Outlook 2010 (KB2687567) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{DDDC32A5-9528-4771-B91A-97A8E1D7957B}) (Version: - Microsoft) Update for Microsoft Outlook 2010 (KB2687567) 64-Bit Edition (HKLM\...\{90140000-001A-0407-1000-0000000FF1CE}_Office14.PROPLUS_{6164E0E5-C903-488C-93AF-1B7AF7EBC331}) (Version: - Microsoft) Update for Microsoft PowerPoint 2010 (KB2553145) 64-Bit Edition (HKLM\...\{90140000-0018-0407-1000-0000000FF1CE}_Office14.PROPLUS_{BEA3259E-14B5-4D89-87FF-ED9F1D0D81C8}) (Version: - Microsoft) Update for Microsoft PowerPoint 2010 (KB2775360) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{BE1D254A-E5CD-4E76-9BE8-7B2E5FDBA6AF}) (Version: - Microsoft) Update for Microsoft SharePoint Workspace 2010 (KB2760601) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{77374F16-2DC6-4EEF-AFAD-C59FDA2E010D}) (Version: - Microsoft) Update for Microsoft SharePoint Workspace 2010 (KB2760601) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{77374F16-2DC6-4EEF-AFAD-C59FDA2E010D}) (Version: - Microsoft) Update for Microsoft Visio 2010 (KB2878227) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{04DED3FB-DDB2-4C1E-A057-2A1FB97BE42D}) (Version: - Microsoft) Update for Microsoft Visio Viewer 2010 (KB2810066) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{DF33B92A-5381-4F03-AB54-2D67086B357E}) (Version: - Microsoft) Update for Microsoft Word 2010 (KB2837593) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{A82E26EF-680E-427D-B7D0-FD7997DDC217}) (Version: - Microsoft) Uplay (HKLM-x32\...\Uplay) (Version: 4.0 - Ubisoft) VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden Vegas Pro 12.0 (64-bit) (HKLM\...\{A7500970-FE98-11E1-B560-F04DA23A5C58}) (Version: 12.0.367 - Sony) VLC media player 2.1.1 (HKLM\...\VLC media player) (Version: 2.1.1 - VideoLAN) WhoreCraft (HKLM-x32\...\WhoreCraft1.6.1r) (Version: 1.6.1r - DaemiaCo) Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation) WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH) XSplit (HKLM-x32\...\{AEDFE02E-FDDB-40A5-B5A9-5F955A75693F}) (Version: 1.2.1301.1501 - SplitMediaLabs) ==================== Restore Points ========================= ==================== Hosts content: ========================== 2009-07-14 04:34 - 2014-04-03 21:27 - 00001048 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= Task: {003D4CAA-CE23-49FF-8692-BAD5BFA91270} - System32\Tasks\{5234D442-AAD1-41E6-822D-A82B97E9D40F} => C:\Program Files (x86)\Origin Games\Mass Effect\Binaries\MassEffectConfig.exe Task: {021649D7-F09B-4E92-8EA3-62A20B9DE198} - System32\Tasks\GUpdater => C:\Windows\SysWOW64\MSUPDA~1.EXE [2009-07-14] () Task: {16EDD2EB-94DD-4383-A6A8-FF87249EE933} - System32\Tasks\{C1EE04AF-810D-40F6-95F3-BBD7711E5F74} => C:\Program Files (x86)\Origin Games\Mass Effect\Binaries\MassEffect.exe Task: {2063CD5D-2468-49F9-8F30-971EA1FC0668} - System32\Tasks\ASUS\ASUS WiFi GO! Server Execute => C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\WiFi GO! Server.exe [2012-07-12] (ASUSTeK Computer Inc.) Task: {27830D8B-7375-4EDA-94BE-B01405328708} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-11] (Adobe Systems Incorporated) Task: {29B8C5B1-3862-47DA-B218-1A013FD7B228} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe Task: {3160DF95-D349-4FF8-8072-1D51C5CF1AED} - System32\Tasks\ASUS\ASUS Network iControl Help Execute => C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\NetSvcHelpEntry.exe [2012-05-02] (ASUSTeK Computer Inc.) Task: {3D59E6D2-FEF3-4546-9E70-5213082822F6} - System32\Tasks\Norton Identity Safe\Norton Error Analyzer => C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.0.43\SymErr.exe [2014-01-30] (Symantec Corporation) Task: {41A17B70-BDFC-48B8-8767-6017FD5C87F8} - System32\Tasks\{D724B38D-1629-4150-B2F7-D2D7E762831F} => C:\Program Files (x86)\Origin Games\Mass Effect\Binaries\MassEffect.exe Task: {43857CD2-7F81-41DE-8826-A695D5F8E0A8} - System32\Tasks\{B19A9C4B-AC1E-46A8-863E-0B83AD6DCC4C} => C:\Program Files (x86)\Origin Games\Mass Effect\Binaries\MassEffect.exe Task: {458C0055-E1B6-41FB-953F-BB8A4E48BBB6} - System32\Tasks\{D99F17A8-2A4B-4C5C-80E0-66EAE590FF19} => C:\Program Files (x86)\Origin Games\Mass Effect\Binaries\MassEffect.exe Task: {5109AF0B-ADEF-49A3-9CBF-8D1A5C2E4018} - System32\Tasks\{E8507327-F68D-4338-BE01-3CE17868565B} => C:\Program Files (x86)\Origin Games\Mass Effect\Binaries\MassEffect.exe Task: {591EA938-0451-4853-A1C3-3E62938E2B75} - System32\Tasks\Norton Identity Safe\Norton Error Processor => C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.0.43\SymErr.exe [2014-01-30] (Symantec Corporation) Task: {5A77FF45-FDEF-4A0D-AFA1-A2DBF1B1F491} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\21.2.0.38\WSCStub.exe [2014-03-12] (Symantec Corporation) Task: {5AD62440-1543-4015-B750-E4E24D18E8A6} - System32\Tasks\{84B4610C-0745-4E3E-92EF-4AEC4E66DD01} => C:\Program Files (x86)\Origin Games\Mass Effect\Binaries\MassEffect.exe Task: {5C7475D2-E929-444A-9393-7DE49E120C5E} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe Task: {746D8B85-4A87-4B82-9805-A8D4AF6D92ED} - System32\Tasks\{9ADD0CF3-090E-4951-B978-ADCAEEE26D2E} => C:\Program Files (x86)\Origin Games\Mass Effect\Binaries\MassEffect.exe Task: {82B68951-5E7A-44C9-89DD-48923AAAFA76} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup Task: {8433152A-7CB6-4754-B607-D1CB42E790B3} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-2263915838-1270488654-868256476-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2012-06-21] (RealNetworks, Inc.) Task: {894F7E8D-E3BE-4B98-ACA8-2D20861D61ED} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-24] (Google Inc.) Task: {898B598E-445D-4D6F-B757-FB7292A044F3} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\21.2.0.38\SymErr.exe [2014-01-30] (Symantec Corporation) Task: {8EFE9100-76B9-492C-9445-8FA34F8A0B1E} - System32\Tasks\ASUS\USB 3.0 Boost Service => C:\Program Files (x86)\ASUS\AI Suite II\USB 3.0 Boost\U3BoostSvr.exe [2011-09-09] () Task: {90CE624F-75A8-415F-978B-74BBF0D94069} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe Task: {9CB121E1-FDCE-4F55-9BE2-15EC653BAF9D} - System32\Tasks\{0E109B44-C0BD-434F-A013-511D907734C3} => C:\Program Files (x86)\Origin Games\Mass Effect\Binaries\MassEffect.exe Task: {9DE923FC-1339-48E6-B15D-D1D0DCF19839} - System32\Tasks\{CD6D408F-1DB4-4C0E-A825-7BB6B0BAA5DA} => C:\Program Files (x86)\Origin Games\Mass Effect\Binaries\MassEffect.exe Task: {A197B463-3275-4B57-8348-896C7A2BFB10} - System32\Tasks\{1D5EAB56-EE1A-4CB0-8C5A-AAAB80A2BFF2} => C:\Program Files (x86)\Origin Games\Mass Effect\Binaries\MassEffect.exe Task: {AE222505-A05A-44D5-A443-547E1AEFBBC0} - System32\Tasks\{DC824A3F-E8FD-4F31-AD46-EA11A5BD2DD4} => C:\Program Files (x86)\Origin Games\Mass Effect\Binaries\MassEffect.exe Task: {B2B0A66D-466E-4B50-BFDF-2EFD3C3C5FE5} - System32\Tasks\{DAF06AD9-E83B-4369-8BC5-B7289006E0B1} => C:\Program Files (x86)\Origin Games\Mass Effect\Binaries\MassEffect.exe Task: {B38D5AD0-38BA-4915-9973-821D22D7F490} - System32\Tasks\ASUS\ASUS DigiPowerControl Help => C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ Power Control\PowerControlHelp.exe [2012-08-14] (ASUSTeK Computer Inc.) Task: {B66548E9-C347-48BE-AF11-40FF72B6C9F4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-24] (Google Inc.) Task: {BF409C56-7808-481A-9F61-4D21AF7A69FB} - System32\Tasks\{98618293-B474-4B12-A0C4-394898C833C7} => C:\Program Files (x86)\Origin Games\Mass Effect\Binaries\MassEffect.exe Task: {C2C99F0E-F1E1-4676-A29F-260462727F9A} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\21.2.0.38\SymErr.exe [2014-01-30] (Symantec Corporation) Task: {C5A21349-5C6B-4DF9-B703-C2F9A27E44FF} - System32\Tasks\{7899D426-3F89-47AA-9D71-5A0AB5DF7706} => C:\Program Files (x86)\Origin Games\Mass Effect\Binaries\MassEffect.exe Task: {DE711DBC-F209-4B85-84B4-CCBFF294F359} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-2263915838-1270488654-868256476-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2012-06-21] (RealNetworks, Inc.) Task: {EC430E55-CEB0-4D8E-8DEE-A22889FCB161} - System32\Tasks\{B29076AD-F042-458D-9136-CC3F9DD43B04} => C:\Program Files (x86)\Origin Games\Mass Effect\Binaries\MassEffect.exe Task: {F52B51EC-5BD8-4A8F-9D07-EBD9B3CEFB5C} - System32\Tasks\{DDA793E7-1032-4AC9-B271-C957E01AB7B0} => C:\Program Files (x86)\Origin Games\Mass Effect\Binaries\MassEffect.exe Task: {F7633DFC-196E-4CE2-B85A-9428F79FFE10} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [2013-01-23] () Task: {F93E598F-7527-47E2-B75E-A2B8CC40581D} - System32\Tasks\{A59B471F-BBF4-4A75-863F-6A3AF0AF6895} => C:\Program Files (x86)\Origin Games\Mass Effect\Binaries\MassEffect.exe Task: {FB2C543B-FF8C-482C-9010-2866530DEA08} - System32\Tasks\ASUS\ASUS AI Suite II Execute => C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe [2012-03-13] (ASUSTeK Computer Inc.) Task: {FD0FAEAE-4A20-46AF-ABED-52EE9E78C58C} - System32\Tasks\{388555CC-F48D-42B0-A4B6-18B51E95160E} => C:\Program Files (x86)\Origin Games\Mass Effect\Binaries\MassEffect.exe Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2013-11-30 15:35 - 2014-03-04 15:05 - 00116056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2013-10-01 11:26 - 2013-10-01 11:26 - 02810968 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll 2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF 2012-06-01 11:42 - 2012-06-01 11:42 - 00920736 ____N () C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe 2013-08-24 16:02 - 2008-07-11 16:03 - 00282112 ____N () C:\Windows\system\HsMgr64.exe 2013-08-24 16:02 - 2008-07-11 16:04 - 00200704 ____N () C:\Windows\SysWOW64\HsMgr.exe 2013-12-31 21:43 - 2013-12-31 21:43 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe 2013-12-20 00:20 - 2014-01-21 04:56 - 00093472 _____ () C:\Program Files\NVIDIA Corporation\ShadowPlay\gamecaster64.dll 2013-12-20 00:20 - 2014-01-21 04:56 - 00874784 _____ () C:\Program Files\NVIDIA Corporation\ShadowPlay\twitchsdk64.dll 2013-08-24 18:45 - 2013-03-01 17:44 - 00763856 _____ () I:\Core Temp.exe 2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll 2014-01-20 14:16 - 2014-01-20 14:16 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll 2013-08-24 14:22 - 2014-04-04 12:23 - 00035840 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\PEbiosinterface32.dll 2013-08-24 14:21 - 2010-06-29 04:58 - 00104448 ____N () C:\Program Files (x86)\ASUS\AXSP\1.00.19\ATKEX.dll 2013-08-24 14:24 - 2012-05-02 18:04 - 00233472 ____N () C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\AudioProjection.dll 2013-08-24 14:24 - 2010-12-14 17:46 - 00067584 ____N () C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\CoreAudioCap.dll 2013-08-24 14:24 - 2012-06-22 13:32 - 00184320 ____N () C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\DLCapPP.dll 2013-08-24 14:24 - 2011-08-09 14:52 - 00425984 ____N () C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\awiscale.DLL 2013-08-24 14:24 - 2012-01-12 16:44 - 00475136 ____N () C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\WiFiGO_HookKey.dll 2013-08-24 14:24 - 2012-04-20 16:24 - 00716800 ____N () C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\WiMoveHelp.dll 2013-08-24 14:24 - 2012-04-25 14:47 - 00659456 ____N () C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\PhoneCtrlAPI.dll 2013-08-24 14:24 - 2012-08-03 10:41 - 00043520 ____N () C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\HookKey32.dll 2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF 2014-04-03 20:00 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll 2014-04-03 20:00 - 2013-05-16 10:55 - 00113496 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl 2014-04-03 20:00 - 2013-05-16 10:55 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl 2014-04-03 20:00 - 2013-05-16 10:55 - 00161112 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl 2014-04-03 20:00 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll 2013-08-24 14:24 - 2012-08-03 16:40 - 00253952 ____N () C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\pngio.dll 2009-07-14 01:27 - 2009-07-14 03:39 - 00212480 _____ () C:\Windows\SysWOW64\libcurl-4.dll 2009-07-14 01:27 - 2009-07-14 03:39 - 00112640 _____ () C:\Windows\SysWOW64\zlib1.dll 2013-08-24 14:22 - 2011-07-12 19:14 - 00147456 _____ () C:\Program Files (x86)\ASUS\AI Suite II\AssistFunc.dll 2013-08-24 14:22 - 2010-10-05 08:22 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite II\pngio.dll 2013-08-24 14:23 - 2011-09-26 19:36 - 00869376 ____N () C:\Program Files (x86)\ASUS\AI Suite II\AI Charger+\AIChargerPlus.dll 2013-08-24 14:22 - 2012-10-08 17:07 - 00972288 _____ () C:\Program Files (x86)\ASUS\AI Suite II\BarGadget\BarGadget.dll 2013-08-24 14:22 - 2013-05-08 16:22 - 01040896 _____ () C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\EasyUpdt.dll 2013-08-24 14:23 - 2012-06-19 12:56 - 01305600 ____N () C:\Program Files (x86)\ASUS\AI Suite II\MyLogo\MyLogo.dll 2013-08-24 14:23 - 2012-08-14 11:14 - 01123840 ____N () C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\Network iControl.dll 2013-08-24 14:24 - 2012-07-20 09:39 - 01047040 ____N () C:\Program Files (x86)\ASUS\AI Suite II\Probe_II\ProbeII.dll 2013-08-24 14:24 - 2012-07-10 17:55 - 01625600 ____N () C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\WiFiGO.dll 2013-08-24 14:22 - 2013-04-15 14:19 - 00883712 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Sensor\Sensor.dll 2013-08-24 14:22 - 2012-05-28 21:27 - 01622528 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Sensor Graph\SensorGraph.dll 2013-08-24 14:22 - 2011-09-19 20:18 - 01243136 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Settings\Settings.dll 2013-08-24 14:22 - 2011-07-21 09:06 - 00846848 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Splitter\Splitter.dll 2013-08-24 14:22 - 2012-08-29 18:09 - 00875520 _____ () C:\Program Files (x86)\ASUS\AI Suite II\TabGadget\TabGadget.dll 2013-08-24 14:22 - 2010-08-23 04:17 - 00662016 ____R () C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMLib.dll 2013-08-24 14:22 - 2010-10-05 08:22 - 00208896 _____ () C:\Program Files (x86)\ASUS\AI Suite II\ImageHelper.dll 2013-08-24 14:25 - 2012-01-19 09:39 - 00028672 ____N () C:\Program Files (x86)\ASUS\AI Suite II\USB BIOS Flashback\PEInfo.dll 2013-08-24 14:25 - 2010-09-23 11:51 - 00114688 ____N () C:\Program Files (x86)\ASUS\AI Suite II\USB BIOS Flashback\AsIdxParser.dll 2013-08-24 14:25 - 2010-02-25 14:01 - 00139264 ____N () C:\Program Files (x86)\ASUS\AI Suite II\USB BIOS Flashback\Aszip.dll 2013-08-24 14:22 - 2009-08-12 20:15 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\pngio.dll 2014-03-15 21:50 - 2014-03-15 02:50 - 00051016 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\chrome_elf.dll 2014-03-15 21:50 - 2014-03-15 02:50 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\libglesv2.dll 2014-03-15 21:50 - 2014-03-15 02:50 - 00100168 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\libegl.dll 2014-03-15 21:50 - 2014-03-15 02:50 - 04061000 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\pdf.dll 2014-03-15 21:50 - 2014-03-15 02:50 - 00394568 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\ppGoogleNaClPluginChrome.dll 2014-03-15 21:50 - 2014-03-15 02:50 - 01647432 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\ffmpegsumo.dll 2013-09-14 02:51 - 2013-09-14 02:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\zlib1.dll 2013-09-14 02:50 - 2013-09-14 02:50 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\libxml2.dll 2013-10-24 18:06 - 2013-10-24 18:06 - 00028992 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\thread_pool.dll 2013-10-24 18:09 - 2013-10-24 18:09 - 00420160 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\ulxmlrpcpp.dll 2013-10-01 12:00 - 2013-10-01 12:00 - 00022336 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\ti_managers_proxy_stub.dll ==================== Alternate Data Streams (whitelisted) ========= AlternateDataStreams: C:\ProgramData\Temp:6DAA43DB ==================== Safe Mode (whitelisted) =================== ==================== Disabled items from MSCONFIG ============== MSCONFIG\Services: AcrSch2Svc => 2 MSCONFIG\Services: AdobeARMservice => 2 MSCONFIG\Services: Bonjour Service => 2 MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^GammaTray.exe.lnk => C:\Windows\pss\GammaTray.exe.lnk.CommonStartup MSCONFIG\startupfolder: C:^Users^DAUM^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Samsung Magician.lnk => C:\Windows\pss\Samsung Magician.lnk.Startup MSCONFIG\startupreg: Acronis Scheduler2 Service => "C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe" MSCONFIG\startupreg: AcronisTibMounterMonitor => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe MSCONFIG\startupreg: Akamai NetSession Interface => "C:\Users\DAUM\AppData\Local\Akamai\netsession_win.exe" MSCONFIG\startupreg: amd_dc_opt => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe MSCONFIG\startupreg: ApplePhotoStreams => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe MSCONFIG\startupreg: ASUS AiChargerPlus Execute => C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe MSCONFIG\startupreg: ASUSWebStorage => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.11.125\AsusWSPanel.exe /S MSCONFIG\startupreg: BDRegion => C:\Program Files (x86)\Cyberlink\Shared files\brs.exe MSCONFIG\startupreg: Bing Bar => "C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\mswinext.exe" MSCONFIG\startupreg: BitTorrent => "C:\Users\DAUM\AppData\Roaming\BitTorrent\BitTorrent.exe" /MINIMIZED MSCONFIG\startupreg: CLMLServer => "E:\Power2Go\CLMLSvc.exe" MSCONFIG\startupreg: Cmaudio8788 => C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\cmicnfgp.dll,CMICtrlWnd MSCONFIG\startupreg: DAEMON Tools Pro Agent => "E:\Programme\DAEMON Tools Pro\DTAgent.exe" -autorun MSCONFIG\startupreg: DivXUpdate => "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW MSCONFIG\startupreg: HP Officejet Pro 8600 (NET) => "C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe" -deviceID "CN2ABBXGX905KC:NW" -scfn "HP Officejet Pro 8600 (NET)" -AutoStart 1 MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe MSCONFIG\startupreg: iCloudServices => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe" MSCONFIG\startupreg: LGODDFU => E:\PowerDVD\lgfw.exe blrun MSCONFIG\startupreg: MagicTuneEngine => C:\Program Files\MagicTune Premium\MagicTuneLauncher.exe MSCONFIG\startupreg: NetLimiter => C:\Program Files\NetLimiter 3\NLClientApp.exe /tray MSCONFIG\startupreg: Platinum Hide IP => C:\Program Files (x86)\PlatinumHideIP\PlatinumHideIP.exe MSCONFIG\startupreg: PowerDVD13Agent => "C:\Program Files (x86)\CyberLink\PowerDVD13\PowerDVD13Agent.exe" MSCONFIG\startupreg: ProfilerU => C:\Program Files\SmartTechnology\Software\ProfilerU.exe MSCONFIG\startupreg: RTHDVCPL => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s MSCONFIG\startupreg: SaiMfd => C:\Program Files\SmartTechnology\Software\SaiMfd.exe MSCONFIG\startupreg: SaiVolume => C:\Program Files\Saitek\VolumeTracker\SaiVolume.exe MSCONFIG\startupreg: sbsdk-server => "E:\Programme\SMART Technologies\Education Software\sbsdk-server\NodeLauncher.exe" MSCONFIG\startupreg: SDTray => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" MSCONFIG\startupreg: SMART Board Service => "E:\Programme\SMART Technologies\Education Software\SMARTBoardService.exe" -d MSCONFIG\startupreg: SMART Ink => "E:\Programme\SMART Technologies\Education Software\SMARTInk.exe" -a MSCONFIG\startupreg: SMARTNotification => "E:\Programme\SMART Technologies\Education Software\SMARTNotification.exe" MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\Steam.exe" -silent MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" MSCONFIG\startupreg: TkBellExe => "C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot MSCONFIG\startupreg: TrueImageMonitor.exe => "C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe" MSCONFIG\startupreg: UpdatePPShortCut => "E:\PowerProducer\MUITransfer\MUIStartMenu.exe" "E:\PowerProducer" update "Software\CyberLink\PowerProducer\5.0" ==================== Faulty Device Manager Devices ============= Name: SMART Virtual TabletPC Description: SMART Virtual TabletPC Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da} Manufacturer: SMART Technologies ULC Service: SMARTVTabletPCx64 Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: AODDriver4.2.0 Description: AODDriver4.2.0 Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: AODDriver4.2.0 Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. Name: SMART Virtual TabletPC Description: SMART Virtual TabletPC Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da} Manufacturer: SMART Technologies ULC Service: SMARTVTabletPCx64 Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Event log errors: ========================= Application errors: ================== Error: (04/03/2014 07:08:29 PM) (Source: Steam Client Service) (User: ) Description: Error: Failed to poke open firewall Error: (04/03/2014 05:05:41 PM) (Source: Steam Client Service) (User: ) Description: Error: Failed to poke open firewall Error: (04/03/2014 00:36:21 PM) (Source: Bonjour Service) (User: ) Description: ERROR: handle_resolve_request bad interfaceIndex 24 Error: (04/03/2014 00:36:21 PM) (Source: Bonjour Service) (User: ) Description: ERROR: handle_resolve_request bad interfaceIndex 23 Error: (04/03/2014 00:36:21 PM) (Source: Bonjour Service) (User: ) Description: ERROR: handle_resolve_request bad interfaceIndex 22 Error: (04/03/2014 00:36:21 PM) (Source: Bonjour Service) (User: ) Description: ERROR: handle_resolve_request bad interfaceIndex 21 Error: (04/03/2014 00:36:21 PM) (Source: Bonjour Service) (User: ) Description: ERROR: handle_resolve_request bad interfaceIndex 20 Error: (04/03/2014 00:36:21 PM) (Source: Bonjour Service) (User: ) Description: ERROR: handle_resolve_request bad interfaceIndex 19 Error: (04/03/2014 00:36:21 PM) (Source: Bonjour Service) (User: ) Description: ERROR: handle_resolve_request bad interfaceIndex 18 Error: (04/03/2014 00:36:21 PM) (Source: Bonjour Service) (User: ) Description: ERROR: handle_resolve_request bad interfaceIndex 17 System errors: ============= Error: (04/04/2014 00:24:57 PM) (Source: Service Control Manager) (User: ) Description: Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler beendet: %%-2140993535 Error: (04/04/2014 00:24:57 PM) (Source: Service Control Manager) (User: ) Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%-2140993535 Error: (04/04/2014 00:24:57 PM) (Source: Service Control Manager) (User: ) Description: Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler beendet: %%-2140993535 Error: (04/04/2014 00:24:57 PM) (Source: Service Control Manager) (User: ) Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%-2140993535 Error: (04/04/2014 00:24:57 PM) (Source: PNRPSvc) (User: ) Description: 0x80630801 Error: (04/04/2014 00:24:57 PM) (Source: PNRPSvc) (User: ) Description: 0x80630801 Error: (04/04/2014 00:24:46 PM) (Source: Service Control Manager) (User: ) Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%-2140993535 Error: (04/04/2014 00:24:46 PM) (Source: Service Control Manager) (User: ) Description: Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler beendet: %%-2140993535 Error: (04/04/2014 00:24:46 PM) (Source: PNRPSvc) (User: ) Description: 0x80630801 Error: (04/04/2014 00:24:36 PM) (Source: Service Control Manager) (User: ) Description: Der Dienst "AsusFanControlService" wurde nicht richtig gestartet. Microsoft Office Sessions: ========================= Error: (04/03/2014 07:08:29 PM) (Source: Steam Client Service)(User: ) Description: Failed to poke open firewall Error: (04/03/2014 05:05:41 PM) (Source: Steam Client Service)(User: ) Description: Failed to poke open firewall Error: (04/03/2014 00:36:21 PM) (Source: Bonjour Service)(User: ) Description: ERROR: handle_resolve_request bad interfaceIndex 24 Error: (04/03/2014 00:36:21 PM) (Source: Bonjour Service)(User: ) Description: ERROR: handle_resolve_request bad interfaceIndex 23 Error: (04/03/2014 00:36:21 PM) (Source: Bonjour Service)(User: ) Description: ERROR: handle_resolve_request bad interfaceIndex 22 Error: (04/03/2014 00:36:21 PM) (Source: Bonjour Service)(User: ) Description: ERROR: handle_resolve_request bad interfaceIndex 21 Error: (04/03/2014 00:36:21 PM) (Source: Bonjour Service)(User: ) Description: ERROR: handle_resolve_request bad interfaceIndex 20 Error: (04/03/2014 00:36:21 PM) (Source: Bonjour Service)(User: ) Description: ERROR: handle_resolve_request bad interfaceIndex 19 Error: (04/03/2014 00:36:21 PM) (Source: Bonjour Service)(User: ) Description: ERROR: handle_resolve_request bad interfaceIndex 18 Error: (04/03/2014 00:36:21 PM) (Source: Bonjour Service)(User: ) Description: ERROR: handle_resolve_request bad interfaceIndex 17 CodeIntegrity Errors: =================================== Date: 2014-02-01 11:19:57.629 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-02-01 11:12:33.098 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-02-01 09:25:11.007 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-02-01 09:16:43.142 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-01-31 23:12:30.341 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-01-31 23:04:44.954 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-01-31 18:28:30.489 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-01-31 13:40:38.118 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-01-31 13:26:49.923 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-01-31 06:46:16.001 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. ==================== Memory info =========================== Percentage of memory in use: 35% Total physical RAM: 8108.34 MB Available physical RAM: 5268.5 MB Total Pagefile: 16214.87 MB Available Pagefile: 12999.95 MB Total Virtual: 8192 MB Available Virtual: 8191.82 MB ==================== Drives ================================ Drive c: (SSD mit Win7) (Fixed) (Total:232.79 GB) (Free:31.93 GB) NTFS Drive e: (1 TB) (Fixed) (Total:931.51 GB) (Free:545.4 GB) NTFS Drive h: (Bilder und Videos) (Fixed) (Total:269.41 GB) (Free:8.99 GB) NTFS Drive i: (Persönliche Dokumente) (Fixed) (Total:28.68 GB) (Free:13.45 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 233 GB) (Disk ID: E5039E8E) Partition: GPT Partition Type. ======================================================== Disk: 1 (Size: 298 GB) (Disk ID: CC00E707) Partition: GPT Partition Type. ======================================================== Disk: 2 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: F1E51BF1) Partition: GPT Partition Type. ==================== End Of Log ============================ ComboFix gibt mir die Fehlermeldung, dass die Real-Time-Scanner "Norton Internet Security" und "Spybot : Search and Destroy" noch immer aktiv seien. Bei Norton habe ich aber (Rechtsklick auf das Norton Symbol) die intelligente Firewall deaktiviert und Spybot habe ich beendet. Norton lässt sich aber nicht vollkommen schließen, da es als Prozess im Hintergrund weiter aktiv ist und ich (auch als Admin) nicht die Berechtigung habe, diesen Prozess zu beenden. Edit: Ich sehe grade, dass Du Deinen (Schrauber?) Post bezüglich der Anweisung zu ComboFix gelöscht hast, hat das einen bestimmten Grund? Geändert von Morgrain (04.04.2014 um 12:18 Uhr) |
05.04.2014, 10:37 | #5 |
/// the machine /// TB-Ausbilder | Windows 7 - svchost.exe 100% CPU-Auslastung ehm, ich habe hier nix bezüglich Combofix gepostet. Ich schaue gerade zum ersten Mal in das Thema seit der Anweisung FRST laufen zu lassen. Wie kommst du darauf? Bitte mal mit dem Process Explorer vor die svchost, die so viel braucht, auf das Pluszeichen klicken, damit man die Unterprozesse sieht, dann davon bitte einen Screenshot.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
05.04.2014, 12:48 | #6 |
| Windows 7 - svchost.exe 100% CPU-Auslastung Merkwürdig, ich hätte schwören können dass so ein Post hier gestern stand. Mh. Hier auf jeden Fall der Screenshot, es gibt aber kein Pluszeichen, sondern mit einem Doppelklick auf die Exe öffnet sich ein weiteres Fenster mit den Unterprozessen. Hallo, mit Verweis auf diesen Thread (hxxp://www.hijackthis-forum.de/hijackthis-logfiles/75172-svchost-exe-100-cpu-auslastung-2.html) hat sich nach der Hilfe durch und von Petra mein Problem gelöst. Offensichtlich handelte es sich um einen versteckten Schädling im Windows Ordner, den ich mit einem von Petra erstellten CFScript.txt eingefügt in die ComboFix.exe erfolgreich bekämpfen konnte. Dementsprechend brauchst Du mir hier nicht weiter helfen. Trotzdem vielen Dank für die Mühe. |
06.04.2014, 12:08 | #7 |
/// the machine /// TB-Ausbilder | Windows 7 - svchost.exe 100% CPU-Auslastung Jetzt weiß ich auch wo du Combofix gesehen haben willst. Für Dich war es das eh hier, denn Crossposting is sowas von geil....
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
Themen zu Windows 7 - svchost.exe 100% CPU-Auslastung |
100%, 100% cpu-auslastung, anti, anwendung, anwendungen, auslastung, automatisch, cpu, cpu auslastung, cpu-auslastung, gen, internet, lan-kabel, malwarebytes, nicht mehr, norton, problem, programme, schädling, spybot, startet, svchost.exe, system, tan, virus, windows |